Nursery rhymes for our times
Doctor Foster went to Gloucester
After a shower of rain;
He sampled a puddle,
and oh, what a muddle -
you might as well drink from the drain.
Chorus (vomitando con brio):
Salmonella, typhoid, e. coli;
Cholera, Staph. Aureus, Clostridium D...
Escherichia, and Winter Vomiting Bug,
Thriving in those sodden piles of thrown-out rug.
Adriana Lukas is talking sense
Read her views on why conferences are boring, unproductive and generally poor value for money...
Expert casts doubt on fingerprint biometrics
A BBC Radio 4 programme, 'File on Four' reports the concerns of Professor John Daugman over the accuracy rates of fingerprint-based biometric systems. You can find a podcast of the programme here... The trailer for the article also mentions that Prof. Daugman happens to have developed an algorithm for iris-based biometrics, so although he is an expert, he is not necessarily an entirely disinterested one.
That said, his comments raise several entirely valid points.
First, all fingerprint biometrics are not equal. There are different national standards for how many salient points you capture for a given fingerprint, and how many are required to claim a match. If I recall correctly, the standard adopted for the UK system is lower than that stipulated by, say, the FBI (citation needed... if you can confirm or refute this, please leave a comment...).
Second, a response to his criticisms from the IPS was "yes, we know there will be false positives/false negatives, but we always expected to have to have manual exception-handling for some cases". This is understandable - any security system depends as much on the policy controls as the technology used - but potentially worrying. You may remember that I wrote a few days ago about real usability issues in the Iris system at Heathrow's Terminal One.
In that system, a fairly concentrated stream of people is expecting to perform a simple authentication check (with no subsequent 'service delivery' beyond the opening of a glass door) in a tightly-controlled environment. The exception handling process ought to be relatively simple to implement, but is very badly done (at least, at Terminal One... my suspicion is that at Terminal Three it would be better handled).
By contrast, the ID Card scheme will be authenticating against a massively larger user population, in a highly distributed and varied environment for a wide range of subsequent services. It will be practically impossible to implement a standard and consistent set of error-handling procedures. I think it's over-optimistic to expect that the resulting user experience will, over-all be better than that at Terminal One.
POSIWID
![[RSS Newsfeed]](/themes/sotto/images/valid-rss.png)
![[This is a Roller site]](/themes/sotto/images/roller-logo.gif){kind=logo}