SPEAKERS CONTENTS INSERTS
Page 1 TOP OF DOC
BIOMETRICS AND THE FUTURE OF MONEY
WEDNESDAY, MAY 20, 1998
U.S. House of Representatives,
Subcommittee on Domestic and International Monetary Policy,
Committee on Banking and Financial Services,
Washington, DC.
The subcommittee met, pursuant to call, at 10:00 a.m., in room 2128, Rayburn House Office Building, Hon. Michael N. Castle, [chairman of the subcommittee], presiding.
Present: Chairman Castle; Representatives Metcalf, Weldon, Waters, Jackson, and Lee.
Chairman CASTLE. Good morning. The hearing will come to order. Let me just first express my appreciation to the witnesses in both the first and the second panel. We know that some of you have come from far away. We know that all of you have disrupted your schedules to be here. We greatly appreciate you being here. We will try to get to you as soon as possible.
I am going to make a brief opening statement. If any Member here wishes to say anything, they certainly may at that point, and then we will proceed with our hearing. Dr. Weldon will introduce our young student here in a few minutes as well. Ed Pease, by the way, could not be here. He was going to be here to introduce you, Ms. Koehler. He has to be present at the Judiciary Committee so he could not be here. He wanted me to send his apologies to you.
Page 2 PREV PAGE TOP OF DOC
Today we are going to learn about a family of new technologies that may soon change the way we live and do business in a multitude of small but profound ways. We will have a lot of audience involvement today, as you can see. We are going to start right now. To illustrate, I would like to ask your indulgence for a little bit of this audience participation. Take a moment in your minds and add up all the passwords, PIN numbers, account numbers, voice mail access numbers and other security codes you have to deal with in your daily life. I would like to see a show of hands of those who have five or less. This is everybody, anybody here in this room. I would like to see a show of hands of those who have five or less of these to keep track of. Not too many. I see one hand out there. How many have five to ten? We are getting upward of maybe 40 or 50 percent. How many poor souls have more than ten to manage? I think I am in that category. That is clearly in excess of 50 percent.
How many of you would cheerfully trade in all of these multi-digit codes if you could use one unique secure personal identifier for every purpose, one that was always at hand and could not be stolen, lost, forgotten or duplicated? Raise your hand if you are in that category. Again it gets up to about 100 percent in this case. I felt that would be the answer, or I would have never asked the question or we wouldn't have had the hearing perhaps.
Trying to come up with that all-purpose or at least multi-purpose personal identifier is what the art and science of biometrics is all about. A broad variety of physical characteristics currently are being tested to determine the potential accuracy and ultimate consumer acceptance of their biometric measurement as personal identification standards.
In the second panel, we will be introduced to a representative selection of these emerging technologies. While a definitive review of all the potential biometrics is impractical due to time constraints, in this hearing we will sample the following: Facial recognition, a variety of finger imaging, iris scans, voice recognition and signature dynamics.
Page 3 PREV PAGE TOP OF DOC
As a subcommittee, we are primarily interested in the application of these technologies to banking and financial transactions as well as the protection of individual data from identity theft and other forms of fraud. We have already been prepared by Hollywood films and sci-fi novelists to understand that biometric technology has potential applications that extend well beyond these areas to securing secret intelligence, protecting strategic commercial data and law enforcement.
There will be two panels of witnesses today. The first will provide a context of biometric identification applications and includes the chairman of the President's National Biometric Consortium; a middle school student from Merritt Island, Florida, who will share the results of her very interesting science fair project; the Director of the National Biometric Test Center at San Jose State; an attorney expert in this emerging field; and the Vice President of the Purdue University Employees Federal Credit Union where biometric applications have already been installed and used for a number of months.
On the second panel, we will have representatives from seven companies that already are actively marketing their technology. To the extent that time and physical space constraints permit, they will each demonstrate a device or technique for biometric identification. With respect to the demonstrations, we can do some of these afterwards but it is probably preferable, if possible, for those who have them if we could do them while you are testifying.
We would like to keep the testimony to five minutes. We won't electrocute you or anything if the red light goes on, so you may get an extra minute or two, but we have two panels. The second one is fairly large. We hope everybody can try to work within the time constraints. If your demonstration would take longer or you want to do a more involved demonstration, we can certainly do that after the fact. Basically we are going to hear from the other Members of Congress who are here now, and then we will hear from each of the witnesses, and then we as Members will ask questions of each panel in turn and hopefully we will not have any votes to intervene, because that really messes things up. But we don't control the House of Representatives in this small subcommittee. We will just have to take our chances with respect to that and hopefully it will move along in a continuous fashion so that we can get the most out of it.
Page 4 PREV PAGE TOP OF DOC
With that, let me turn to Congresswoman Lee to see if she wishes to say anything.
Ms. LEE. Yes. Thank you, Mr. Chairman. First, let me just say I am very delighted to serve with you on this subcommittee and look forward to learning a great deal from each and every one of you today. This whole issue of biometrics is, I think, very important and it is very critical that we look at it from the point of view of making sure that we have standards that cover biometrics, but also ensure that the privacy issues are addressed.
I just look forward to hearing from you today. I will probably ask a couple of questions about biometrics after that. Thank you very much for giving me the opportunity to appear.
Chairman CASTLE. Thank you very much. It is a pleasure to have you on the subcommittee, I might add, as well. Dr. Weldon will be introducing one of our witnesses, but he may wish to make an opening statement and/or do his introduction now, whichever, or both.
Dr. WELDON. Why don't I just take care of both of those.
Chairman CASTLE. That is fine.
Dr. WELDON. First let me thank you, Mr. Chairman, for calling this very important hearing on a topic whose time I think has arrived. I think you demonstrated that very clearly when you asked the questions that you did. I know that I personally struggle with all the PIN numbers that I have to remember. I always enjoy when a company will allow me to select my number because I usually try to select a number I am already using somewhere else. To have a world where we can get away from all those things would be wonderful.
Page 5 PREV PAGE TOP OF DOC
I also want to take this opportunity to introduce Shanin Leeming, who is a very enterprising and very bright young lady, 14 years old. She attends Divine Mercy Catholic School in Merritt Island, Florida, which is in my congressional district. In her testimony, she is going to reveal some very interesting information that I believe has some very direct bearing on the issues that we are dealing with here in this hearing. I think first of all it is a real treat to have her here and to see a young lady from my district here. As well, I think her testimony is very pertinent and will be very helpful to us as we move in the direction of trying to establish policies in this arena.
Thank you, Mr. Chairman.
Chairman CASTLE. Thank you, Dr. Weldon. We appreciate your being here, too. I understand the light system is not working. So we eliminate the electrocution factor in this after all. We have cards up here. This will be displayed, I guess after four minutes they will show one, after five minutes they will show this one. You don't necessarily have to stop. If I really think we need to get to this, I will start to rattle this a little bit and you will get the idea to start to wind it up.
Basically we are just going to go through each and every one of you. We do have five witnesses. We will be starting in a moment with Mr. Jeffrey Dunn, Chairman of the Biometric Consortium. Of course Shanin Leeming has already been introduced. She will be second. Dr. Wayman will be third. He is the Director of the U.S. National Biometric Test Center at San Jose State University. John Woodward is the lawyer to whom I referred earlier who specializes in biometric issues. The practice of law is becoming very specialized in this day and age. Gail Koehler is the Vice President of Information Services at the Purdue Employees Federal Credit Union. I mentioned the university because we have Perdue chicken plants in Delaware. I like to make sure people understand the difference between them.
Page 6 PREV PAGE TOP OF DOC
With that, let us turn to Mr. Dunn for his testimony.
STATEMENT OF JEFFREY S. DUNN, CHAIRMAN, BIOMETRIC CONSORTIUM
Mr. DUNN. Good morning. Mr. Chairman and Members of the subcommittee, I would like to thank you for the opportunity to speak today about biometric technology. I believe this subcommittee's interest in biometric technology is very timely. The information age is quickly changing the way many transactions are completed. Every day more and more actions are being handled electronically instead of face to face. This increase in electronic transactions has created a greater demand for automated authentication. Biometric technology is one means to achieve fast, user-friendly authentication with a high level of accuracy.
Today, I would like to discuss some of the terminology used by the biometric community, highlight some of the benefits of biometrics for authentication and give some examples of the emerging applications. I would also like to explain how the biometric consortium is bringing together technologists from Government and industry.
Biometrics are automated methods of recognizing a person based on a physiological or behavioral characteristic. Examples of human traits used for biometric recognition include fingerprints, speech, face, retina, iris, handwritten signature, hand geometry and wrist veins. During enrollment, a sample of the biometric trait is taken, processed by a computer and stored for later comparison. Biometric recognition can be used in identification mode, where the biometric system identifies a person from the entire enrolled population by searching a database for a match. For example, an entire database can be searched to verify a person has not applied for entitlement benefits under two different names. This is sometimes called one-to-many matching. A system also can be used in verification mode, where the biometric system authenticates a person's claimed identity from their previously enrolled pattern. This is also called one-to-one matching.
Page 7 PREV PAGE TOP OF DOC
No biometric system today is flawless. All have some errors where the wrong person matches or where the right person fails to match. The better biometric systems have low equal error rates of less than 1 percent. This should be compared to the error rates in the current methods of authentication, such as passwords, photo IDs, handwritten signatures and so forth. Often we forget how many errors can occur in these types of systems.
Using biometrics for identifying human beings offers some unique advantages. Only biometrics can identify you as you. Tokens, such as smart cards, magnetic stripe cards, photo ID cards, physical keys and so forth can be lost, stolen, duplicated or left at home. Passwords can be forgotten, shared or observed. Handwritten signatures can be forged. Biometrics hold the promise of fast, accurate, more reliable and less expensive authentication for a variety of applications.
There is no one perfect biometric that fits all needs. All biometric systems have their own advantages and disadvantages. There are, however, some common characteristics needed to make biometric systems usable. First, the biometric must be based upon a distinguishable trait. For example, for nearly a century law enforcement has used fingerprints to identify people. There is a great deal of scientific data supporting the idea that no two fingerprints are alike. Some newer biometric methods may be just as accurate but will require more research to establish their uniqueness.
There are many examples of biometrics being used or considered in Government and commercial projects. I would like to mention a few specific examples.
Page 8 PREV PAGE TOP OF DOC
At Fort Sill, Oklahoma, basic training inductees are issued a stored value card protected by fingerprint recognition. The disbursing office can enroll a user and issue the card in about 45 seconds. The card may be used at over 30 locations such as the PX, military clothing sales, barbershop and so forth. Over 18,000 trainees have participated so far.
The Defense Manpower Data Center saved $8 million in a pilot program with 25,000 military retirees living in overseas locations. The suspicion that benefits were still being collected on deceased retirees was confirmed when many failed to appear to enroll their fingerprints in the new identification system. DMDC is now collecting live scan fingerprints on new military ID cards to prepare for a full-scale system.
The Immigration and Naturalization Service is one of the most prolific users of biometrics in the Federal Government right now. Over 85,000 frequent international travelers have enrolled in a program that allows participants to bypass long lines at busy airports by using an automated kiosk with a hand geometry recognition system. At remote ports along the Canadian border, a speaker verification system is used to allow border crossings after hours when the post is not staffed. Both face recognition and speaker recognition are being tested in a pilot program that allows participants to use a dedicated commuter lane at the port of entry near San Diego. Participants in this program average a minute delay compared to the two-hour delays that are common during peak hours.
The Federal Bureau of Investigation and other Federal, State and local law enforcement agencies are using Automated Fingerprint Identification Systems, or AFIS systems. These large-scale computer systems convert the rolled ink, ten-print cards traditionally used by law enforcement into digital images for computerized storage and retrieval.
Page 9 PREV PAGE TOP OF DOC
The U.S. Navy conducted a test in the Pacific area with smart cards. One part of the test was to use a smart card with a fingerprint recognition biometric for access to ordnance storage areas.
For vehicle access to controlled areas at Chicago's O'Hare International Airport, the Federal Aviation Administration is starting a test program using fingerprint recognition with truck drivers.
One of the most dramatic uses of biometrics in terms of cost savings has been in State entitlement programs. The New York Department of Social Services requires fingerprint recognition enrollment for applicants to entitlement programs. This ensures that someone enrolling multiple times under different names cannot fraudulently obtain benefits. In the first 19 months of the program, 925,000 people were enrolled. Only 172 cases of known fraud were detected, but 37,000 cases were closed, saving $314 million. Several other States, such as New Jersey, Connecticut, Massachusetts, and Pennsylvania already have or are starting similar programs.
There are also many significant applications in the commercial sector. Many types of financial transactions such as bank by phone and bank by computer are also potential applications. One unique application is at Walt Disney World in Florida, where 200,000 annual pass holders are enrolled in a fingerprint geometry recognition system.
The Biometric Consortium was chartered as a working group on 7 December 1995 by the Facilities Protection Committee, a committee that reports to the Security Policy Board established by the President. The consortium now has over 500 members and associate members from Government, industry and academia. Over 60 different Federal agencies participate in the Biometric Consortium. The Biometric Consortium website at www.biometrics.org is open to everyone and contains a variety of information on biometric technology, research results and Federal and State applications.
Page 10 PREV PAGE TOP OF DOC
There is a great demand for fast, accurate authentication that biometric systems can provide. Continued improvements in technology will bring increased performance at a lower cost. Biometric authentication, however, is not a magical solution that solves all security concerns. A complete systems approach that addresses a variety of security, functional, operational and cost considerations is always necessary. The growth of biometric technology will place greater demand on both biometric system developers and users to work together to address a number of issues, including privacy, testing, infrastructure and standards. Within the Federal Government community, the U.S. Government Biometric Consortium provides a forum to facilitate this work.
Thank you.
Chairman CASTLE. Thank you, Mr. Dunn. We appreciate your testimony. We look forward to having a little discussion with you further on.
Now we turn to Shanin Leeming for her presentation.
STATEMENT OF SHANIN P. LEEMING, STUDENT, DIVINE MERCY CATHOLIC SCHOOL, MERRITT ISLAND, FL
Ms. LEEMING. Good morning, Mr. Chairman, and Members of this subcommittee. I would first like to thank you for giving me the chance to address you here today. My name is Shanin. I am from Divine Mercy Catholic School on Merritt Island, Florida, which is about ten miles from the Kennedy Space Center. At our school, we are very dedicated to science. For my science project this year, I decided to see if picture ID is a help or a hindrance. I wanted to know if people really look at the picture on a picture ID. When you go into any convenience store, you see a sign saying that people under the age of 26 must present an ID to prove they are who they say they are. But I have noticed that people really don't look at the picture, just the numbers. They don't compare the faces. So how can this be a valid form of security? I feel that it is more of a hindrance because of the faith that is put in the whole system. To prove my hypothesis, I did a series of 10 tests to see if people would challenge someone who looked different than the ID they presented. In the beginning, I started with subtle changes, then got more elaborate as the time went on. For the first trial, I stuffed my mom's cheeks with cotton to change the shape of her face. She went through airport security unnoticed. The second disguise consisted of a baseball cap and brown curly haired wig. My mom cashed a check in this getup. For the third trial my mom wore a black Cleopatra wig to get a legal document notarized. Other trials included a veil, a full clown suit complete with face paint, a curly brown rainbow wig and gloves, a biker, a vampire girl, and a man's outfit, including dreadlock hair, a mustache and an eight-inch Iguana tatoo. I even called her ''Grandpa'' in the checkout line. I used mortician's wax on her face to give her skin a smooth, mask-like appearance.
Page 11 PREV PAGE TOP OF DOC
All in all, I find it amazing that my mother could purchase alcohol and cigarettes or cash $50 checks in these silly costumes. Over the course of my project, I was only challenged once and I was simply asked to present a second form of ID, then the check was promptly cashed. Although I had a lot of fun doing this project, I know that my results are quite scary and I hope there is something that can be done about it. I strongly recommend that you don't keep your checkbook and your license together.
Thank you again and always be aware, don't let some bozo make a clown out of you.
Chairman CASTLE. Shanin, are these pictures of your mother in different disguises?
Ms. LEEMING. Yes.
Chairman CASTLE. Is your mother here? Would you like to introduce her?
Thank you for being a great sport. You were a great accomplice in this rather interesting experiment. We appreciate your testimony. It is great to have you. That is fascinating.
Our next witness is Mr. James Wayman.
Page 12 PREV PAGE TOP OF DOC
STATEMENT OF JAMES L. WAYMAN, DIRECTOR, U.S. NATIONAL BIOMETRIC TEST CENTER, SAN JOSE STATE UNIVERSITY
Mr. WAYMAN. Thank you very much. I do appreciate the opportunity to address you this morning.
You have heard from Mr. Dunn the definition of biometric identification, the automatic identification or identity verification of people based on physiological or behavioral characteristics. There are actually two functions to any biometric system, two possible functions, one being to prove that I am a person known to the system and enrolled in the database. A second function is to prove that I am not a person known to the system and enrolled in the database. It is important that we keep these two different functions separated in our mind, because they have important ramifications when we go to develop systems, particularly when we start talking about privacy issues.
I want to give some examples. I have three cards here in front of me. The first is my INSPASS card, INS Passenger Accelerated Service System card. I have this as a matter of choice. Now, if I wish to use the usual system of immigration at five of our country's airports, I can take my passport, I can wait in line, I can show it to the immigration officer and I can be admitted to the country. But if I wish to bypass the line, I take my INSPASS card which has my hand geometry encoded on the back along with my passport number, I put the card in the reader, I place my hand on the hand geometry device to identify me as the person who is appropriately enrolled in the database and, holding this card, I am issued a receipt. I need not wait in the immigration line. I can go right through. It is a matter of customer convenience that I have this card.
Page 13 PREV PAGE TOP OF DOC
The second card I have with me is my California driver's license. In five States here in the United States, a fingerprint is required for the issuance of a driver's license. But the fingerprint, or the data from the fingerprint do not appear anyplace on the card. The purpose of giving a fingerprint to receive my California driver's license is to show that I am not someone enrolled in the system under any identity and I am not someone who has had a license revoked or suspended. So my INSPASS card is for positive identification. The use of biometrics for the California State driver's license is for negative identification.
What I have here is the recent Republic of the Philippines Social Security System card, the new card that is being issued this year. This card has both functions. To receive a Social Security card in the Philippines, one has to establish that one does not have such a card under another identity. You do that by giving four fingerprints. One of those fingerprints, the right index finger in fact, is reduced to a numerical code and put here on the document itself. So when the holder of the Social Security card goes to the Social Security office to receive benefits or applies for admission to any of the 19 Manila area hospitals, the card is read, the fingerprint template is taken off the card, it is compared to the fingerprint template of the holder, and that is all of the administrative paperwork required, a great savings in convenience not only for the holder of the card but for the issuer as well.
I want to go to great lengths now because I know we all want to talk about privacy here. I want to talk a little bit about the fingerprint data that is encrypted on the front of the card. It is not the fingerprint that is encrypted on this card. It is numbers coming from the fingerprint that are put in the code on the card. There is no way to reverse that process and to reconstruct the fingerprint from those numbers. That is a very, very important thing to note. Even if these numbers were sent to the FBI, the FBI could not reconstruct the fingerprint. These numbers are totally worthless to any other system but the specific system that created the card. That is true of all biometric devices. The numbers that emanate from your biometric data cannot be reconstructed to produce the size and shape of the body part in question, nor are they of any value anyplace outside of the system that produced them. I think that is vital when we start thinking about privacy issues as we will in a moment here.
Page 14 PREV PAGE TOP OF DOC
The National Biometric Test Center was created by the Biometric Consortium and given three primary tasks, the first being to establish objective, scientifically sound methods for evaluating biometric technologies. The second was to collect and analyze data. The third was to advise Government agencies on the use of biometrics. With regard to the first task, the creation of objective and scientifically sound techniques for the evaluation of biometric devices, I want to point out that we are primarily scientists. We are scientists first. We are firmly within the tradition of science. Science is by its very nature extremely conservative and extremely skeptical. The criteria that we use for establishing error rates for biometric devices is one based in statistical theory and fundamental to all sciences. To give you a quick example, for instance, if we see 300 trials of a biometric device with no errors, we will conclude not that the error rate is zero but that the error rate is less than 1 in 100. We are given the task of collecting and analyzing data, but data for biometric devices involves people. The use of people in human experiments is difficult, time-consuming and is expensive, as you might conclude. That is why biometric testing has not reached the level that we would like. There have not been as many biometric tests done as we would like.
Lastly, I said that we were tasked to advise the Government and Government agencies on the use of biometrics. This tasking also involves consideration of legal and privacy issues. What I wanted to do there was to establish that we are a very conservative and skeptical group. I wanted to establish my credentials in that regard. But I can say, then, having said that, having looked at these devices, that there is no reason at all not to conclude that these devices are in fact ready for use in the financial services industry. More directly what I am saying is the technology is here, it is here today, it is absolutely usable and there is no reason why it cannot be used in the financial services industry.
Page 15 PREV PAGE TOP OF DOC
There are some immediate uses that one might think of within institutions themselves, either for internal security or infrastructure protection. You might think of control to secure places within a bank, for instance, or control to the electronic funds transfer computers. Those devices may in fact be in use by the individual banks. We believe that will be driven of course by market forces. There is no reason why financial service institutions could not be using those internal controls now. But of more interest, I think, is the general question of consumer uses of biometric devices. I think those are far more interesting. In that regard, I would say to the extent that biometrics provides additional choices for consumers with regard to protecting their own privacy, protecting their own identity, I think the use of biometric devices in consumer applications within the financial services industry would be extremely well received. We have credit cards, we have checks, we have ATM cards. It is only the ATM card that we even try to protect. We use a four to eight digit code. There is no reason now that biometrics could not provide that same level of protection for ATM cards as well as additional protection now to the checks and credit cards which, as we know from Shanin Leeming's testimony, are not reasonably protected under the current system.
I need to say something about standards. When it comes to consumer applications, there are many, many possible devices available. You will hear about some of those today. But even among a single type of device, let's take fingerprinting, for instance, there are numerous instantiations of that technology. What I mean to say is these technologies cannot communicate with each other. Certainly if I can identify you by your eye, I cannot necessarily identify you by your fingerprint. If I can identify you by your fingerprint in one system, that does not mean that I can use that same fingerprint, that same card, in another system. The point being that given the current lack of standards, it will be that if biometrics is used as a consumer application in the financial services industry, it will be used on a company-by-company basis. It is not possible at the current time to have an ATM card that all ATM machines will read when protected by a biometric identifier. But this may be a good thing. My colleague John Woodward here has coined the term ''biometric balkanization'' to mean this profusion of devices leads to their inability to communicate simply by their diversity. That might be a good thing in protecting privacy, as I will talk about now.
Page 16 PREV PAGE TOP OF DOC
Privacy concerns obviously are foremost in everyone's minds. It is always appropriate when considering any technology to ask what is the impact here on privacy. The primary issue when I talk to people about privacy is the thought that they will find me or they will track me or they will correlate my data, they being perhaps computer hackers or perhaps an insurance company or perhaps a Government group. Any discussion of biometrics and privacy has to be rooted firmly in the realities of the technology. The truth is biometrics cannot be used to find you. And it cannot be used to track you. There are only two biometric technologies that have ever been shown in tests to be able to pick a single person out of a group of a thousand or more. Those two biometric technologies are fingerprinting and retinal scanning. In the case of retinal scanning, they will find you with a retinal scan only if you cooperate with the retinal scanning system.
With regard to fingerprinting, as I said a minute ago, the profusion of methodologies means that the different fingerprint systems can't communicate. On the website of the National Biometric Test Center, I have posted my own personal fingerprint template. These are the numbers that come from my fingerprint. It is up there on the website. Certainly my credit card number is not on the website. My ATM PIN is not on the website. My mother's maiden name is not on the website. But my fingerprint—not pattern, but my fingerprint template, is on the website. That template is absolutely unusable outside of the system that created it. The FBI is welcome to download that template because there is absolutely nothing they can do with it. With regard then to correlating data——
Chairman CASTLE. Could we start to wrap up?
Mr. WAYMAN. I will wrap up right now. And I apologize.
Page 17 PREV PAGE TOP OF DOC
Chairman CASTLE. It is very interesting, but we have to keep going.
Mr. WAYMAN. With regard to correlating my data, these devices in general are not specific enough, so that for instance if my data is indexed under my hand geometry, that data cannot be found on the basis of my hand geometry.
Let me conclude by saying that we have looked at these devices scientifically, we have applied rigorous and skeptical criteria to their evaluation. We believe strongly that these devices are ready now for both internal and infrastructure protection applications and consumer applications for extending consumer choice with regard to privacy protection.
Thank you very much.
Chairman CASTLE. Thank you very much, Mr. Wayman. We appreciate that.
Mr. Woodward, we are ready for your testimony.
STATEMENT OF JOHN D. WOODWARD, JR., ATTORNEY-AT-LAW
Mr. WOODWARD. Chairman Castle and Members of the subcommittee, I am deeply honored to participate in these timely hearings to discuss the law and policy concerns raised by biometrics. From activities as diverse as the elaborate security of the Winter Olympics in Nagano, Japan to the daily operations of the Purdue Employees Federal Credit Union in the Hoosier State, both the public and private sectors are making extensive use of biometrics. As the technology becomes more economically viable, technically perfected and widely deployed, biometrics could refocus the way Americans look at the brave new world of personal information.
Page 18 PREV PAGE TOP OF DOC
As Members of this subcommittee get more interested in and involved with biometrics, two important themes need to be stressed at the outset. The first theme: Biometrics should not be automatically construed as privacy's foe. Quite to the contrary, biometrics is privacy's friend. Biometrics is privacy's friend because biometrics safeguards information integrity and thwarts identity theft. It limits access to sensitive information, and it serves as a privacy enhancing technology.
The second theme: A pro-privacy position should not be construed as an anti-biometric stance. In other words, you can be a friend of privacy and a friend of biometrics. Moreover, limited Government regulation of private sector use of this technology is not opposing biometrics but rather promoting biometrics. Appropriate policymaking can greatly increase public acceptance of this new technology.
Since privacy concerns are central to biometrics, we first have to examine privacy in a legal context. Most importantly with respect to biometrics, we are dealing with information privacy. Individuals have an interest in determining how, when, why and to whom information about themselves, in the form of biometric identification information, would be disclosed. In the American legal experience, the private sector enjoys great leeway as far as what it can do with an individual's information in the absence of legislative action. Except in isolated categories of data, an individual has virtually nothing to say about the use of information that he has given about himself or that has been collected about him.
With respect to the current policy status quo, Congress and the State legislatures have left biometrics essentially unregulated from the standpoint of privacy protections related to private sector use. Among the individual States, California has moved in this direction. Recently, Assembly Member Kevin Murray introduced legislation known as AB–50 to promote the responsible use of biometric identifiers.
Page 19 PREV PAGE TOP OF DOC
While critics of biometrics may argue that this new technology is privacy's foe, the opposite is in fact true. Biometrics is a friend of privacy. Biometrics proves itself as privacy's friend when it is deployed as a security safeguard to prevent identity theft and consumer fraud.
Let's consider a specific example from the financial services industry. Criminals eagerly exploit weaknesses with the present access systems, which tend to be based on passwords and PINs, by clandestinely obtaining these codes. Criminals then surreptitiously access a legitimate customer's account. Her financial integrity is compromised and her finances are gone because a criminal has gained unauthorized access to the information. In effect, she has suffered an invasion of her privacy because her financial integrity has been violated. With biometric-based systems, identity theft becomes more difficult for the criminal element to perpetrate.
Biometrics also becomes a staunch friend of privacy when the technology is used for access control purposes, thereby restricting unauthorized personnel from gaining access to sensitive personal information. Biometrics further protects information privacy to the extent that biometrics can be used, through the use of a biometric log-on on a computer workstation, to keep a precise record of who accesses what personal information within a computer network. For example, individual tax records would be much better protected if an Internal Revenue Service official had to use her biometric identifier to access them knowing that an audit trail was kept detailing who accessed which records. Far less snooping by curious bureaucrats would result.
Biometrics can also enhance privacy in broader ways. For example, biometrics can be used to control access to information such as financial records without requiring specific identification of the person accessing the information in a process known as anonymous verification.
Page 20 PREV PAGE TOP OF DOC
Of special interest to the Members of this subcommittee, Congress should promote biometrics by mandating the adoption of a biometric blueprint based on a Code of Fair Information Practices (CFIP). This biometric blueprint should consist of five basic principles which would include: First, notice that clandestine capture of biometric identification information in the private sector would be strictly prohibited.
Second, access. The individual should have the right to determine if his biometric identification information is in a database and how it is being used by the data collector.
Third, a correction mechanism. The individual must be able to correct or make changes to any biometric identification information in a database.
Fourth, informed consent. The individual must voluntarily and knowingly provide his biometric identification information to the data collector in the primary market. Before any information can be disclosed to third parties, the individual must consent. Reasonable exceptions can be accommodated as appropriate for academic research and law enforcement, for example.
Fifth, reliability and safeguarding. The organization responsible for the database must guarantee the reliability of the data and safeguard the information.
In conclusion, we are now eyeball to eyeball with a new, exciting technology that can be used in robust ways by both the public and private sectors. Now is not the time to blink. Biometrics is a friend of privacy, not privacy's foe. Congress can make this new technology even more acceptable and beneficial for private sector use, particularly in the banking and financial services industry, by promoting a farsighted biometric policy that deals with the face of this new technological reality.
Page 21 PREV PAGE TOP OF DOC
Thank you, Mr. Chairman.
Chairman CASTLE. Thank you, Mr. Woodward, we appreciate your testimony.
Now we turn to Ms. Koehler for her testimony.
STATEMENT OF GAIL J. KOEHLER, VICE PRESIDENT, INFORMATION SERVICES, PURDUE EMPLOYEES FEDERAL CREDIT UNION
Ms. KOEHLER. First of all, I really want to thank you for giving me an opportunity to be here. This is kind of a thrill for me and obviously a real privilege to come here and talk about the use of biometrics at Purdue Credit Union. I appreciate the fact that you realize we weren't related to chickens and we were related to education.
During the next few minutes, what I would like to do is just give you an overview of what our TARA Touch Project is and how we are using biometrics at our credit union. We have learned a great deal. We started about a year ago. Actually we have been involved in the whole project for about 2 1/2 years.
You have already heard Jim Wayman's definition and other people talk about the definition of biometrics. You know that it can be used either for verification or for identification purposes. At Purdue Credit Union we are definitely using it as a verifier as opposed to an identifier. We are using biometrics as a means of positively identifying or verifying our member's identity. We are using biometrics in fact to replace PIN numbers for account access on our automated branching units TARA Touch. One of our goals would be in using it the way we are, the member still has to enter their account number in one way or another.
Page 22 PREV PAGE TOP OF DOC
There is a model, a prototype of what we are using to my right. You can see there is a card scanner there. The card scanner can take the account number off an ATM card, if you please. However, you don't need to enter a PIN number. What we have found as we started to get into this, there are a few things that I think are important and that relate to the whole area. When people use PINs, which are very common, and they make a mistake or there is a problem with the PIN, automatically they assume that they have made an error, that they have miskeyed or that they have forgotten their PIN number, so they blame themselves. We found that when people have a card to use and they have a card failure, they blame the card, they don't think it has anything to do with the system. With our biometric systems, one of the problems we have had is if a member has a problem getting into the system, they automatically blame the biometrics because it is so new. I think that as we start to see this technology used more throughout the country, it is going to be just as accepted as cards and PINs are right now.
One of the things that we felt was very, very important and really partially based on information that we received from NRI, one of our vendors, was that you had to have very good instructional screens. I will show you one later. On the unit right now, Steve is showing the instructional screen that explains to the person who is using this technology remotely exactly how they need to use it to be successful in using it so that they don't have the failures. We also knew that we had to have some kind of backup system in place with a new technology. If it failed and people couldn't use it, they may not come back. So we collect two different finger scans, so that if you have a problem with a finger, you cut your finger, for instance, that is not an issue. That was one of our big questions. The other thing that we use as a backup is if there is a problem with the finger scan, people still can use that one TARA PIN number that we use at the credit union for our touch tone audio response access.
Page 23 PREV PAGE TOP OF DOC
Why did we go with biometrics? I have heard a lot today about the security issue. But in actuality, it is also a numbers game for us. Besides the added use that biometrics provides to our members, there are some really good economic reasons for other financial institutions to look at this technology as well. The biometric identifier, number one, can't be lost or stolen as a PIN can, so there is less problem with sending that on to the members again. Also if we accomplish our goal of replacing card access with biometric access, there will be no lost, damaged or stolen cards to replace any longer for us and we won't have to deal with periodic card reissue like you get with your credit cards and your ATM and debit cards now. That would be a great cost savings to us as an institution. Of course for us the biggest concern with any new technology at the credit union is will our members use and/or accept it. When we made the decision to use biometrics at TARA Touch, one of the ways we resolved this is we really spent a lot of time and effort on immediately educating our members about biometrics and how they are used. We thought that we might have a difficult time still convincing our members to use it. Amazingly, right away we had 912 members starting to use a test system in our lobby, so there didn't seem to be a lot of resistance to using it and to some of the privacy issues that we have listened to today.
When we put our second unit in at Purdue North Central, which is a very small regional campus of Purdue University and we had very limited membership, after 60 days we already had 131 of our members. That sounds like a small number, but that was over half of the member population there at that time.
Finally, when we put our unit in last August, right before fall semester, right on Purdue University's main campus, we had 277 members who scanned prints and opened accounts on that unit within 60 days. Obviously as a very small financial institution, we didn't develop the TARA Touch units ourselves. We had partners that we worked very closely with. Our vendor Real Time Data Management, Inc., who supplied the test unit here today, worked really hard to supply a very good user-friendly interface to our application using NRI, who I believe is going to testify later on today, using their hardware-software package on the units.
Page 24 PREV PAGE TOP OF DOC
The TARA Touch branches that we use are much more than an ATM. They have things on there that you do not find at a normal ATM. It is our belief that in order for us to provide products and services, anytime, anyplace, anywhere, which is what I think is happening to financial services, we had to find better ways to secure the accounts. This is a picture of what you see on the smaller screen just so you can get an idea of what kind of functionalities there are on the unit. As you can see, there is a place for members to go in. There is also a place for nonmembers to go in. In order to look at nonmember things, we don't require biometric verification at all. Anybody can go in and get information about the credit union, determine whether they are eligible for membership, and so forth. The biometric piece comes in after they have opened or actually while they are opening an account with us on the unit. We require a finger scan and we use that along with other identifiers to ensure that this is in fact the person they say they are. This is a screen that shows how the imaging actually is obtained and gives you a little bit better picture of the instructions that we have on that screen.
Why did we go with biometrics? Basically, the pricing is coming down, so we can afford to do that. Hardware and software costs are decreasing constantly. Also we are finding that the consumer, our members, are much more comfortable with all forms of technology. We are finding a very good level of acceptance. Although these figures may look very small to larger financial institutions, they are very encouraging. We are having about three times the number of transactions on these units than we had with our ATM products when we first started using them in the early 1980's. We are very active and have a very successful and profitable ATM program, so it makes some sense to me to use it.
This is kind of a history of the installation. So our first live installation began in January of 1997. So we are looking at almost a year and a half on the project and getting ready to put our fourth installation in now. Finally, what have we learned about biometrics? We are still learning. Our members are very knowledgeable. I think that helps so I think it is going to be important that consumer education be included in the rollout of this technology.
Page 25 PREV PAGE TOP OF DOC
We found that there were some privacy concerns about the fingerprint capture, but once we educated our members on the fact that we were retaining an algorithm as opposed to the actual finger image, that seemed to alleviate those concerns. We also learned that age wasn't a barrier. Very surprisingly, over 50 percent of our original people registering in the program were over age 50. We thought it would be the student population running in there. We had a little bit harder sell for the students, 25 and under. They just didn't care, maybe because they don't have as many funds to secure and we really emphasized the security issue on the product. The speed is important. As I said, the user education is critical.
As a credit union, we are member owned, member operated. We use our member volunteers to help us with these kinds of developments. So they have had a lot of input on what we do. We have future applications that we intend to use it on. We know that we are going to use it for building access. We want to see the ATMs and the web-based home branching and our credit and debit card authorizations start to go to biometrics. But our goal definitely is account access with identification, meaning the members would no longer need to remember account numbers or enter account numbers.
Finally, my boss, Bill Connors, the CEO of Purdue Credit Union, says you always miss 100 percent of the shots that you don't take. Basically I think that we and our vendors who have partnered with us on this project have really done a very good service to the financial service industry as a whole. We had a willingness to take a chance on a new technology that at the time we started there was no other financial institution in this country using successfully. I think our pilot program and our project proves that biometrics can improve security, they can improve convenience on the accounts and they have had very little adverse effect on our bottom line.
Page 26 PREV PAGE TOP OF DOC
Thank you very much.
Chairman CASTLE. Well, thank you very much. We appreciate all of your testimony. I will start off with the questioning, while you are still there, Ms. Koehler. I am sort of interested in some things. About halfway through your testimony I realized there are no cards involved in this at all. I should have picked that up from the beginning, I guess, but that is true. You strictly open your account with your finger identification and that is it.
Ms. KOEHLER. That is exactly right.
Chairman CASTLE. If you make a withdrawal, deposit or whatever, or do any kind of a transaction, do you get paperwork from that?
Ms. KOEHLER. There are receipts printed on the unit. So the person can get a receipt.
Chairman CASTLE. Normal paperwork?
Ms. KOEHLER. And actually we give them an option as to whether they do or do not want a receipt for those transactions. But they can do a lot of things. I skipped over that slide in the interest of time. We do loans on these machines, we disburse their funds for their loans, we have check withdrawals which you don't find on normal ATMs. Those are the reasons that we went with the biometrics, frankly, is because we were allowing so much more access to the account than you see at a normal ATM.
Page 27 PREV PAGE TOP OF DOC
Chairman CASTLE. A year or so ago we had a gentleman from Florida State University testify that they are putting everything basically through an account, the card.
Ms. KOEHLER. That is Florida's one-card system. I have been there.
Chairman CASTLE. Precisely. All the way to get cokes out of the machines to your scholarships and your tuition. You could do the same thing with this, right? There is no reason why this wouldn't apply to that?
Ms. KOEHLER. Yes and no. It really isn't a campus card access. My feeling is that you should, and being associated with a campus, I have tried to look at Purdue University and suggest that biometrics is a more secure access for their dormitories in particular. You can't share a biometric as kids do on the dormitories. I have sons in college so I know they do this. They share each other's cards so they can go into each other's dorms, yeah.
Chairman CASTLE. Do you think the kids worry about someone being able to identify they are not 21 years of age if we get this fingerprint scanning instead of being able to cheat on cards as kids have done in college for years?
Ms. KOEHLER. Sure. I would think that is a possibility.
Chairman CASTLE. That is interesting. Unfortunately, we have to go through this very quickly. I have a lot more questions I would like to ask you.
Page 28 PREV PAGE TOP OF DOC
Shanin, I would like to ask you if I could, you have heard this. You saw the experiment with your mother which clearly proved the existing system doesn't work particularly well. Do you think this is something which we should be doing and which is the future of identification for these kinds of things in America?
Ms. LEEMING. I think so. As you can see from my project, the picture ID isn't really a valid form of security. There has to be something else. I think that this is a really good example.
Chairman CASTLE. I tend to agree with you. Mr. Wayman, why haven't the banks been doing this? Or are they getting ready to do it? Where is this in terms of the next wave of who is going to do it?
Mr. WAYMAN. The National Biometric Test Center has worked with the banking community and the banking community is looking quite closely at this. I think the banks are gearing up to do exactly this.
Chairman CASTLE. You think, but you don't know for sure?
Mr. WAYMAN. Let me be a little more specific. We did create a test plan for the Financial Security Technical Consortium composed of several banks. We did create a fingerprint test plan. Testing biometric devices, as I mentioned in my testimony, is extremely expensive because you need human subjects. Not only do you need human subjects, you need to see the same human subject on two separate occasions. For instance, I need to take your fingerprint now and then I need to come back and look at your fingerprint in a month or so from now, because there will be changes to that print. Your skin will be drier, your skin will be moister, you may have cuts and scratches and the like. Any biometric testing is very expensive. One of the things we try to do at the National Biometric Test Center is to develop some less expensive ways of testing using operational data. Certainly as data comes in, we can look at that to determine how this works. The banks want to test these devices before they deploy them and they are finding testing to be extremely expensive.
Page 29 PREV PAGE TOP OF DOC
Chairman CASTLE. This is for anybody actually. Will the cost come down as more use these systems, like the costs of computers and everything else comes down as we start to implement it?
Mr. WAYMAN. Certainly the cost of the biometric devices themselves come down. The cost of testing those devices and optimizing those devices doesn't necessarily come down. I guess to answer your question more directly, the banking industry is looking into these things. They are interested in testing, they find that testing is very expensive so they are being very cautious with regard to how they set up their tests to make sure they use scientifically valid test procedures.
Chairman CASTLE. To anybody on the panel, have these systems worked? I would get a little nervous, frankly I have an odd PIN number and I get it confused. Every now and then I am in a hurry, I can't remember my PIN number. Fortunately, I did write it on the back of my card as everybody else seems to do. It is probably a smart thing to do although banks discourage it. Do these systems work infallibly or are there times at Purdue or at other places where it works like 98 percent of the time and all of a sudden you need money or whatever and you can't get it?
Ms. KOEHLER. I probably can answer that and somebody else may as well. What we have found is once we have good instruction screens up so that people know how to use them and know how to reuse it because they are entering at one point and reentering later for verification, we didn't have a lot of problems with it. We have had some problems with hardware. What we put in place on our units is we have a phone on the unit, but we also have allowed people to use what we call their audio response PIN. That is a self-selected PIN. It wouldn't have to be a difficult, confusing PIN. It is there as a backup in the event that we have failure. But they have been pretty minimal. We have never had a false positive on our system in the year-and-a-half that it has been up and operational. We have had a few false negatives. Basically those were very early on in the program. As technology has gotten better, it has gotten better as well.
Page 30 PREV PAGE TOP OF DOC
Chairman CASTLE. Thank you. Mr. Woodward, you discussed the privacy issue. I don't want you to necessarily go over the same ground we have plowed, but I am very interested in that. I think of all the issues, that is the one that we are going to hear about the most. I wrote down some of the things you said. I couldn't get them all.
Biometrics is privacy's friend. It avoids identity theft. And pro-privacy is not antibiometric. I think that is going to be an important issue. Are you making the argument that biometrics actually is perhaps more private than systems we have presently with number identifications and PIN numbers and things of that nature?
Mr. WOODWARD. Yes, Mr. Chairman, I think that is absolutely correct, for some of the reasons that Dr. Wayman alluded to in his testimony, especially in cases where the actual physical characteristic is not stored by the private sector user. You enhance your privacy and provide greater privacy protection for the individual. I think one of the great things about the subcommittee having this hearing at a very early stage is that the biometrics industry is very new. I think it will rapidly grow in the future. By having this subcommittee hearing at an early stage, you are able to call congressional attention and public attention to this growing new industry. Even though I perceive biometrics as privacy's friend, I still think there is a very important role for congressional regulation in the form of a biometric blueprint to basically protect privacy concerns related to the development of any kind of possible secondary market for biometric information.
Chairman CASTLE. Thank you. I have a lot more questions but my time is up and we have other Members who certainly want to ask questions. I would like to welcome Ms. Waters here today, who is the Ranking Member of this subcommittee. We look forward to whatever she wishes to say or ask.
Page 31 PREV PAGE TOP OF DOC
Ms. WATERS. Thank you very much, Mr. Chairman. I thought I was going to be a lot less interested than I find myself at this point in time. I am one certainly for convenience. Life is getting very number difficult. I am not one to keep up with cards. So I find that this does interest me.
Ms. WATERS. However, when you talk about fingerprints or handprints, that seems all right, but I am told that there is some research being done with laser identification of the eyes or something like that. That seems invasive and that bothers me a little bit.
Does this technology or this research go beyond kind of the discussion that we have heard here this morning? Perhaps you can answer that.
Mr. DUNN. Maybe I can address that.
Ms. WATERS. Yes, sir.
Mr. DUNN. There are a variety of biometric technologies. The ones you mentioned, iris scanning and retina scanning, don't use lasers. In fact, an iris scan just uses a video camera like your home video camera, or the one that is already in your ATM machine. So there is really no health risk at all.
You are going to see some demonstrations of those kinds of products today so they are certainly available. As for retina scanning, as far as I know, there is only one company working on retina scanning. That is Eyedentify, Incorporated. They have been in the business maybe 20 years. I don't know how many applications they are selling. I do not think it is a very large scale business right now.
Page 32 PREV PAGE TOP OF DOC
There has been some reluctance in the past of people using retina scan because you do have to look into an eye piece, but iris scanning uses a normal video camera and most people seem very amenable to use that.
Ms. WATERS. I think it was Mr. Wayman who mentioned that the financial institutions are concerned about the cost that is involved in research and testing. And I heard earlier that when you don't have to produce credit cards and PIN numbers, and so forth, that you save a lot of money. Am I to understand that the savings does not balance the cost of the research?
Mr. WAYMAN. Well, I think that is an unfair conclusion. It is simply that if you want to do scientific research, scientific research is painstaking. It takes a long time. You need to put together a test plan. You need to put together a statistical plan for the evaluation of results, and we are in the process of doing that. As I mentioned, we are working with the banking community. We have been working with them about a year. We have established a test plan. It is undergoing an approval process now.
It is my understanding that what they will do is that they will put that out for a proposal to get an institution, perhaps ours, perhaps some other university, to implement that test plan.
Any time you do large scale scientific testing, particularly involving human subjects, it just takes a long time.
Page 33 PREV PAGE TOP OF DOC
Ms. WATERS. Well, yes. I was just concerned about your statements about cost. I have just found that when industries or interests pursue research in their own best interest, they are usually willing to spend the money if they decide that this is going to save them money. And I was a little bit surprised to hear, you know, that maybe there is some thought that the savings didn't offset the cost of research.
Let me just conclude by asking another question about the possibility of a secondary market for this. And I think that kind of concern is a concern that is held by many citizens. I enter into some kind of agreement just based on the services that I need only to find that now my handprint, my fingerprint, is marketed for other reasons that perhaps I can't even think of at this time and I want to know, you know, whether or not—not only is there the possibility of marketing it for other reasons, the criminal justice community gets involved any time there is an opportunity to have access to information that may be helpful to them in solving crimes, and so forth.
So I would really, really like, as we explore this, to have those who are involved in it help us to anticipate the usages so that we can protect people as we move into this new technology and come forward not two or three years later when we discover the abuses, but if you are smart enough to initiate it, you ought to be smart enough to anticipate it. And I would think that that is the kind of help we would need.
Do you think that is unreasonable to expect of you? Anybody?
Mr. WAYMAN. No, not at all.
Page 34 PREV PAGE TOP OF DOC
Mr. DUNN. I think that is perfectly reasonable and one of the issues I think the biometric consortium needs to address is the exact privacy concerns that you have mentioned; John Woodward has recommended that we do that, and I think we will start looking into those issues.
Mr. WOODWARD. Representative, I am in agreement with you on this one.
Ms. WATERS. Thank you.
Mr. CASTLE. Thank you, Ms. Waters. And we will now turn to Dr. Weldon.
Dr. WELDON. Thank you, Mr. Chairman.
Shanin, I had a couple of questions for you about your project. It was really fascinating. I am just curious, what course was that for? Was that social studies or science you did that?
Ms. LEEMING. Science.
Dr. WELDON. What grade are you in now?
Ms. LEEMING. Eighth grade.
Page 35 PREV PAGE TOP OF DOC
Dr. WELDON. Eighth grade. Did you get a good grade on that project?
Ms. LEEMING. Yes, but I didn't win anything.
Dr. WELDON. Is that right?
Now, what did your teacher think when you were invited up here to Congress to testify on your project?
Ms. LEEMING. She was very surprised.
Dr. WELDON. Is that right? How about your classmates?
Ms. LEEMING. Well, they sort of don't know yet but they will know, I am sure.
Dr. WELDON. Yes, they may know. If those are C-SPAN cameras over there, they may see you on TV this week or this weekend.
What do you think of all of this? Do you think this is an interesting field?
Ms. LEEMING. I think it is, and I was very interested in everything they had to say.
Page 36 PREV PAGE TOP OF DOC
Dr. WELDON. Do you plan on going to college?
Ms. LEEMING. Yes, I do.
Dr. WELDON. What do you think you want to study?
Ms. LEEMING. I like marine biology.
Dr. WELDON. Is that right?
Well, again, I commend you for what you did. I think it was very fascinating and very appropriate for the panel that we have here today.
I have a couple of questions for some of the other panel members.
I am just curious about—it seems like we have a burgeoning industry here in the United States with lots of different companies getting in on all of this. Can any of you tell me anything about what might be going on overseas, in Europe, in Japan. Are these applications being utilized or do you not have any knowledge of what is going on?
Mr. DUNN. I can probably address some of those. I think you are correct that the U.S. is the world leader in biometric technology right now, but that does not mean other parts of the world are not moving out. Certainly, in Japan, several companies are active in building biometric products. There are a number of companies in Germany and elsewhere in Europe. Siemens has just announced a new product.
Page 37 PREV PAGE TOP OF DOC
So, while I think we have a leadership role in biometric technology, there is a worldwide need for authentication technology and certainly other countries are going to move out as well.
Ms. KOEHLER. I might mention, too, there has been a project in South Africa for several years now using biometric identifiers, using finger imaging, in fact, for the use of account access at financial institutions in South Africa. So we aren't brand new in this.
Dr. WELDON. Mr. Wayman, you mentioned the INS card that is currently in use. Are there any other Government agencies, to your knowledge, using biometric technologies?
Mr. WAYMAN. Well, I do want to say a little more about INS because they really have been a leader in using these technologies, particularly for enhancing consumer choice.
Jeff mentioned the Scobey, Montana, border crossing that uses voice recognition technology. In San Diego, at the Otay Mesa border crossing, they have a dedicated commuter lane. Boy, it really speeds the crossing of people from Mexico into the United States using facial and voice identification, as well as the INS program.
Now, under the 1997 Work Opportunity and Personal Responsibility Act, it was recommended by Congress that the individual States adopt appropriate technologies, and that is as far as it went—the act did not mention biometric technologies—adopt appropriate technologies for limiting fraud in the welfare systems. Eight States to date have started procurement or have implemented fingerprinting projects for their social service system protection.
Page 38 PREV PAGE TOP OF DOC
So certainly, social service systems have been a leader in this area. Five States are using biometrics, primarily fingerprinting, in drivers licensing, and then the INS, and then of course there is a number of Department of Defense agencies that have been using biometrics for a decade or more for access control.
Dr. WELDON. What about fooling or frauding these various systems? Is there any data on the various technologies in terms of can they be fooled? What does it take to fool them?
Mr. WAYMAN. Yes. Let me draw a distinction between what we might call a false match error rate and adversarial analysis. There is a field of study within the Department of Defense of adversarial analysis, which looks at the deliberate attack of a device and the deliberate exploitation of vulnerabilities.
Adversarial analysis is always done for obvious reasons in a classified environment. Our university does no classified research and consequently we don't look at adversarial analysis. That research is always done by the Department of Defense in classified facilities.
What we do look at is the probability of a random false match. We have done extensive testing with regard to fingerprinting and, as I mentioned, the fingerprint templates that come from your fingerprint are just a series of numbers and it is possible that your series of numbers and my series of numbers will coincidentally match. It doesn't mean our fingerprints match. It means a series of numbers match.
Page 39 PREV PAGE TOP OF DOC
We estimate that probability about one in one million. That is our best estimate now.
Dr. WELDON. Thank you very much. I see my time has expired.
Thank you, Mr. Chairman.
Mr. CASTLE. Thank you, Dr. Weldon. We will go to Ms. Lee.
Ms. LEE. Thank you, Mr. Chairman.
Let me ask Mr. Woodward a couple of questions with regard to the principles that you have outlined on page 13 of your testimony. First in terms of the issue with regard to informed consent understanding, and what you stated here I think makes sense that the individual must voluntarily and knowingly provide his or her biometric identification information to the data collector. What type then of consumer information do you see as being necessary in terms of how the consumer can become informed to the extent that he or she will be able to make the correct or informed decision?
Mr. WOODWARD. That is an excellent question, and in a way, since this industry is so new and we really don't have a great number of case studies to look at, where biometrics is being used by the financial community for consumer applications, it is kind of difficult to come up with concrete requirements. But I think that in general, one of the potential difficulties with giving clear notice could be, and I would draw an analogy to looking at the back of your monthly credit card statement where you have lots of fine print that probably no one but very neurotic attorneys read, it could be very confusing to the consumer.
Page 40 PREV PAGE TOP OF DOC
But I think that we are dealing with a principle that is basic enough, if you will, that financial institutions using biometrics can come up with language that could be understood by consumers who would be using the product.
I think also one of the factors that will help this greatly would be the fact that the public is going to be very interested in this technology, and I think if there are problems with privacy or any kind of inadvertent disclosure of biometric information, I think that the media would play a very good unofficial enforcement role in that regard.
Ms. LEE. The second part of my question then is with regard to the issue of access, the right to access his or her information.
Now, you know, oftentimes we have to pay for these rights. For example, some credit companies charge you to receive a copy of your credit report. This is so important and the privacy issues I believe around biometrics is so critical that when we talk about access we have got to make sure that low income individuals have that access, as middle or upper income individuals would have. And so what types of protections or guidelines should we look at to make sure that the right to access is really a basic right that we don't really have to pay for?
Mr. WOODWARD. I think that is an excellent point. It is one that I did not address in my written testimony. And I think you are absolutely right, that this is something where if consumers are going to have this right, but if consumers are charged high fees to get their information, you are going to be denying people the opportunity to make certain that the biometric identification information contained about them is correct. And we know that with credit reports, at least in the existing system, there are many errors, and errors are very difficult and at times expensive to correct.
Page 41 PREV PAGE TOP OF DOC
I would just have to say that I think this is an area that I would encourage the subcommittee to think about, and it is my hope that eventually when legislation is introduced on this, that it is something that could be included in a kind of comprehensive plan.
Ms. LEE. Thank you.
Thank you, Mr. Chairman.
Mr. CASTLE. Thank you, Ms. Lee.
Mr. Jackson.
Mr. JACKSON. Thank you, Mr. Chairman. Let me begin by apologizing to the witnesses for my tardiness today.
I want to make a couple of comments and maybe ask one question and then any panelist would be more than willing to respond would be appreciated.
I think I have some sense of where this is going. When I first ran for Congress, Mr. Chairman, I purchased a database of my district and shortly thereafter I purchased the voter history for the 570,000 constituents that I represent.
I now know those constituents who voted five out of five of the last five elections; four out of five; three out of five; two out of five; one out of five, and those constituents who weren't voting at all.
Page 42 PREV PAGE TOP OF DOC
I then purchased a neighborhood census track and overlaid that information on top of the data so I now have some sense of where every constituent lives, the price of the homes they paid for and where their children go to school.
I purchased a school district overlay and I know specifically what school districts those children are participating in. And in the next couple of weeks, my campaign is going to begin to test a feature on our campaign software that allows constituents when they call in to actually identify them and their record actually shows up on the computer. We know when we sent them the last bits of information that are campaign related.
So there is a tremendous amount of information that biometrics indeed is going to allow banks and other institutions in the future to obtain about individuals. Some of the problems, particularly security problems, which have been raised, are actually foreseeable. Eye doctors, all the information that eye doctors maintain about individual clients; fingerprints, particularly fingerprints collected, as Ms. Waters indicated, by Federal law enforcement agencies or even local law enforcement agencies, all become points of contact for gathering information about an individual.
And so I guess my question to the panelists today is whether or not they would support a point of contact piece of legislation that simply requires that every entity that acquires biometric information about an individual, that it must be an original point of contact for gathering that information; that is, if I willingly decide to provide a bank with my fingerprints and my eye prints for the purpose of security and access to my accounts, can I be assured that that information won't end up at Visa or MasterCard or the FBI; that it won't end up at some local law enforcement agency? And if in fact I want Visa, MasterCard or American Express to have biometric information on me that Visa, MasterCard and American Express must obtain the information independent of my cash station access to my own personal account?
Page 43 PREV PAGE TOP OF DOC
Shouldn't the University of Illinois, where I attended law school, shouldn't they be, for the fact that I am a student there, have biometric information independent of the fact that I have it with my bank in Chicago?
And, again, Mr. Chairman, the security of that information, so that our biometric data isn't being sold, as Maxine Waters has indicated, on the open market and therefore shared and then suddenly we are getting bombarded with people who know that we have fantastic credit records, have no criminal records and everything, and they are simply selecting us out of a group of Americans simply because they have been able to amass the same kind of data that I have been amassing on a much smaller scale just for my reelection effort?
And so any information about original point of contact security, that any of our panelists would be willing to share, would be very appreciated.
Thank you, Mr. Chairman.
Ms. KOEHLER. I guess as the only financial institution here, I could maybe address that to some extent. As a credit union, we have obviously closed membership, so it may be a different issue than it would be for a banking institution. But, for instance, we don't sell our membership lists or any member information today on the market. I know that many other types of institutions, Visa and MasterCard and those kinds, oftentimes do share not the privacy issues or the private account information. We, in fact, don't share anything and don't sell or allow anyone else to use our membership lists. So for us I don't think it is an issue.
Page 44 PREV PAGE TOP OF DOC
I feel that that should not be shared, and I would agree with you completely. In Jim Wayman's testimony, one of the things he talked about was the fact that you could not take the algorithm that I have right now for members' finger image and send that to any other entity and they would be able to obtain anything from that algorithm. It would have to be tied directly to my system for it to have any value to them. They could not recreate that print from the algorithm. So I think we already have taken care of that issue on our application. I can't speak for other applications, however.
Mr. WOODWARD. If I may add to that, Representative Jackson, I think that essentially your original point of contact security approach is very much along the lines of the kind of biometric blueprint that I have asked Congress to consider as far as basically taking steps to make certain that a secondary market in biometric identification information does not develop.
And I know also that that is a concern of the legislation recently introduced at the State level in California.
I think part of the areas for Congress to ponder would be that in certain cases, there are good reasons to make exceptions to banning a secondary market, and that is when you kind of come down to wordsmithing and it is why you also need the technologists and scientists to help make policy.
To give you a few examples of where exceptions to banning secondary markets might want to be considered in legislation, colleagues, like Dr. Wayman, who do a lot of academic research need databases so they can rigorously test data. So it helps Dr. Wayman, if he has a big base of biometric identifiers so that he can test them.
Page 45 PREV PAGE TOP OF DOC
Now, he doesn't have to know that this template is John Woodward's finger image. He just likes to have a lot of identifiers so he can rigorously test. So, that is one area where when you fashion legislation, you might want to allow a very limited kind of academic exception.
And then other areas that would come to mind would be cases where you want legitimate judicial or law enforcement ability to get biometric information when armed with a subpoena or whatever.
Mr. JACKSON. If I can just ask one follow-up question very quickly, Mr. Chairman.
Mr. CASTLE. Yes, sir.
Mr. JACKSON. My sense—I have been only new to the legislature for a couple of years now, but I have a sense generally of how this actually works. It starts off with an innovative idea like biometric technology, and then 5, 10 years from now, 15 years from now, a group of economists will come before this subcommittee and they will say, we will be saving the American taxpayers and we will be saving American businesses billions of dollars if we just have a single uniform code.
Well, your information about you is your information about you. You shouldn't be able to hide it over here at this bank and hide it over here at this entity or hide it at some other entity. The information about you, whether you have a prison record, whether you graduated from college, whether you only have a GED, that information about you is just who you are and the credit reports are entitled to it; the banks are entitled to it; the mortgage lending companies are entitled to it; the military is entitled to it; the FBI is entitled to it; local law enforcement is entitled to it. All of these entities are suddenly entitled to who you are, the information about who you are, for example, our Social Security numbers today.
Page 46 PREV PAGE TOP OF DOC
So the question becomes whether or not we can craft the security of Americans well into the future that will stand posterity and stand the time of whether or not today's arguments, which make total legitimate sense when viewed from a technological point of view but may fall and fail the test of time when put up against the privacy issues raised by the Constitution, and whether or not it is more efficient for us in the future to have some large conglomerate that eventually collects data for everyone and subsequently distributes it.
So any comments along those lines, and, Mr. Chairman, I thank you for your indulgence.
Mr. WOODWARD. I think that the subcommittee has taken the right step by holding this hearing at a very early stage in the development of the industry. And maybe I have too much faith in the legislative process, but I think that Members of this subcommittee, working with staff and experts from the biometric community, from the policy community, and the financial institutions, can draft legislation that can really enhance biometric technology from the standpoint of public acceptance and provide for the necessary privacy protections that Americans want.
And I think also it is important to realize that biometrics is coming. If, as is the case in so many other information privacy areas, it is just left unregulated, then you run the risk of having secondary markets and so on developing. I would take the view, to analogize to the world of sports, I guess this is like skeet shooting. It is a moving target and you kind of have to aim ahead. Maybe it is hard to do that in legislative terms, but I think that the subcommittee should definitely try.
Page 47 PREV PAGE TOP OF DOC
Mr. JACKSON. Mr. Chairman, I would only add that my concern, which I think I have clearly stated, what we are gathering here is medical information on individuals. It is not just biometrics and fascinating technology, which it absolutely is; biometrics bio as in having to study biology; biometric, this is specific fingerprinting of each human individual, and so I think the questions and concerns that have been raised by both sides are ones that we have to focus on going into the future.
Thank you, Mr. Chairman.
Mr. CASTLE. Well, thank you very much, Mr. Jackson. And we appreciate your testimony.
Ms. Lee, do you have something further?
Ms. LEE. Let me just ask anyone on the panel one quick question, following up with what Congressman Jackson was saying. In terms of our role in establishing regulations to guide this industry, of course, we don't want to overregulate but I sense that we need some tough regulations in this area, and compared to the other information systems, how do you see the types of regulatory efforts that need to be mounted, given the sensitive nature of the information that could be gathered, well, that is being gathered, through this industry? Do we need to have tougher regulations as compared to our information systems that are already in existence or do we need more flexible regulations, in terms of consumer protections?
Page 48 PREV PAGE TOP OF DOC
Mr. WOODWARD. Right. Starting in broad terms, I guess there would be essentially four approaches this subcommittee could take. One, laissez faire, ''if it ain't broke, don't fix it''; let the industry flourish and develop along free market lines. Second would be some kind of call for voluntary industry standards related to information privacy.
As we heard in Gail Koehler's presentation, that is an example of a credit union that has taken a voluntary approach toward privacy safeguards, as far as not disclosing the information in the secondary market, and that would be basically a self-regulatory approach. You would trust the industry to regulate biometrics itself. And we see that approach in certain other areas of information privacy.
I think the third approach would be governmental regulation. You could let the States regulate biometrics on a State-by-State basis or Congress could seize the initiative. I personally favor congressional regulation because I think it makes for uniform, comprehensive standards.
The other approach, I guess, would be a hybrid where it is some combination of the above in specific areas of biometric information related to financial institutions.
I don't necessarily know how strict you have to be from the standpoint of wording, but I think that fortunately this hearing is being held early enough in the process that we have time to work on this, if you will, as far as coming up with sound wordsmithing that will safeguard this technology and enhance its use, and lead to greater public acceptance.
Page 49 PREV PAGE TOP OF DOC
I am optimistic in that I think that we can work it out.
Mr. WAYMAN. Mr. Chairman, could I make a comment with regard to that question?
Mr. CASTLE. Certainly.
Mr. WAYMAN. My California driver's license is my current form of identification. I use it to get on airplanes. I use it to cash checks and the like. On my driver's license it indicates that I am a male, I have, it says, blond hair, which I don't, eyes hazel. It says my height is five foot six. It also gives my weight and my date of birth, neither of which I want to discuss with this subcommittee, and the weight is not correct as noted on my driver's license.
The point I am trying to make is I find this information far more personal, far more private, and the display of this information to airline ticket personnel is far more privacy invasive than simply giving, say, a fingerprint. We must note that with almost all biometric devices, there is virtually no personal information contained therein.
Let me be more specific. From my fingerprint, you cannot tell my gender; you cannot tell my height; my age or my weight. There is far less personal information exposed by giving you my fingerprint than by showing you my driver's license.
So I think that although this is technology and it is high technology, that doesn't necessarily imply that it is any more privacy intrusive than our current system. And I would contend that our current system is quite privacy intrusive and I don't know why the person at the checkout stand who receives my check has to know my weight and my exact date of birth to do that.
Page 50 PREV PAGE TOP OF DOC
Mr. CASTLE. Well, thank you, Mr. Wayman. I think we are going to end on that note . I would just say I think the concern some of us have is that fingerprint or whatever can lead to other information. You start getting cross information among different agencies. Eventually you can get all the information that you are concerned about and a lot of other things as well. But there is some reassurance in this hearing that, A, that may not happen and, B, that we may be able to legislate in such a way when we have to, when it is appropriate, to avoid that as well. So we share your concern I think, and we would like to see that prevented.
But we really appreciate this panel's testimony here today. It has been exceptional. I think it will help us in terms of developing this in the future. And we are going to move to the second panel, which means all of you have to move away and the second panel will step up. But you are all welcome to stay, and hopefully we can start to go through the second panel as rapidly as possible because I have a hunch we are going to get into votes here pretty soon and that will become a lot more disruptive. So thank you again for your very great testimony.
As this panel starts to take its place, I am going to try and run through the introductions just to save a couple of minutes. I hope we get the pronunciations correct. If we do not, please straighten it out at some point.
And I realize that we are going to have more demonstrations here. We are probably going to have more demonstrations here than we have ever had in this committee room before.
As I said earlier, to the extent possible if you can incorporate into your testimony, that, I think, helps in terms of understanding and in terms of making for a better presentation but sometimes it may be more complicated than that and you have to go beyond that. But we will start off in a moment with Dr. Joseph Atick—is it pronounced Atick?
Page 51 PREV PAGE TOP OF DOC
Dr. ATICK. That is right.
Mr. CASTLE. Who is the Chief Executive Officer of Visionics Corp.; Mr. Clint Fuller, who is the Chief Operating Officer of the National Registry, Inc., will be second; Mr. Robert Van Naarden is the Vice President of Sensar, Inc.; Mr. Tim Nitzche-Ruggles is the Senior Vice President, co-founder of Sagem Morpho—not simple names you all have chosen—Dr. Steven Boll, Product Line Director for Biometrics ITT Industries, Inc.; Ms. Lisa Broderick is the Chief Executive Officer of PenOp, Inc.; and Oscar R. Pieper is the President of Identicator Technology.
By the way, for anyone in the audience, if any of this holds true from previous hearings we have held, I would recommend buying stock in some of these futuristic companies. Some will make it; some will not make it.
And we welcome Mr. Metcalf, too.
OK. I will call on Mr. Metcalf, who wishes to make the introduction of one of our witnesses.
Mr. METCALF. Thank you very much, Mr. Chairman.
I just want to thank the subcommittee for allowing Tim Nitzsche-Ruggles to testify today. Mr. Ruggles is a Senior Vice President of Sagem Morpho. He has been a leader in the biometrics technology from the Puget Sound area. It is a Puget Sound company, and it is my pleasure to welcome you today on behalf of the State of Washington.
Page 52 PREV PAGE TOP OF DOC
Mr. RUGGLES. Thank you.
Mr. METCALF. Thank you, Mr. Chairman.
Mr. CASTLE. Thank you, Mr. Metcalf.
And I think we are ready to go with the witnesses, and we will start, of course, with Dr. Atick.
STATEMENT OF DR. JOSEPH J. ATICK, PRESIDENT AND CHIEF EXECUTIVE OFFICER, VISIONICS CORPORATION
Dr. ATICK. Thank you.
Mr. Chairman, Members of the subcommittee, thank you for giving me the opportunity today to share with you the latest innovations in computerized facial recognition.
Face recognition is a recent addition to the family of biometric technology, but it already boasts an impressive array of real world applications. The company I represent, Visionics Corporation, which is based in Jersey City, New Jersey, is the leading developer in this area and its technology, the so-called FaceIt Engine, enables systems for combatting identity fraud, airport security, automated border crossing, information security, automated teller machines and physical access control systems.
Page 53 PREV PAGE TOP OF DOC
Facial recognition has unique advantages that make it an attractive choice for many applications. To start with, it is inexpensive. The technology is mainly pure software, runs on any standard video hardware and standard PC hardware.
Second, it is not intrusive and very convenient to the end user. For example, to gain access into an ATM or into a facility, all you have to do is show something you never leave home without, which is your face.
Finally, in many applications, such as in the instance of combatting identity fraud, departments of motor vehicles, facial photographs are the only type of biometric information that is being collected. In fact, we don't think of facial photographs as a biometric.
In what follows I would like to actually introduce the Members of the subcommittee to three demonstrations of real world applications of facial technology. We will do it very quickly, but I would like to show you the array and the range of things that can be done with this new innovation.
We will start with a system for combatting identity fraud. As you know, in banking, your driver's license is a document that is used to open up bank accounts, and identity fraud can start at the point of issuing a driver's license.
What you will see next is an investigative tool that we are offering through a partnership with Polaroid to all of the DMVs. This new capability allows the DMVs to cut down on the identity fraud right at the source, the point of issuance of driver's licenses.
Page 54 PREV PAGE TOP OF DOC
By now, most of the DMVs have converted their records to digital databases that include a photograph, just like what you are seeing flashing in front of the screen. With this technology, what they are able to do is when an individual applies for a driver's license, they are able to submit this image against the entire database and search in order to see if this individual already exists, because typically identity fraud happens when an individual has multiple driver's licenses under aliases and under duplicates.
And so an investigator can submit that image of the applicant at the time of the application and the system will bring back a list of possibles. Again, there is no 100 percent proof but it is an investigative tool.
For example, here, as you can see up on the screen, the system brought up the top match at 86 percent confidence level down in the fourth line. If you say—see the score, confidence, 86 percent. It brought up an image of that person.
We happen to know that that is actually the same individual because this is his image when he first joined Polaroid ten years ago. He did not have a beard. You could see there was substantial aging going on, and also the lighting and background were different.
So as an investigative tool, it can allow the DMVs to ensure that only one driver's license is issued to one individual.
Other applications of this tool include actually tracking missing children. In fact, facial technology was just recently chosen by the NIJ and their prime contractor Answer as the facial recognition engine for an information system under the development for the National Center for Missing and Exploited Children. So there is a lot of positive at that level.
Page 55 PREV PAGE TOP OF DOC
Over the next few months, systems for combatting marriage fraud, things that we really don't normally think about, asylum fraud, voter registration and national IDs, worldwide, based on this technology will be deployed.
Let us move on to another application of this technology, which is the use of facial recognition in information security.
As you know, we all live in a network society today. We all are on the computer. We are all connected on a network and our expectations for access to our information from anywhere have increased, but so has our vulnerability against access by an unauthorized individual. The problem, as you stated, Mr. Chairman, is how do we protect our privacy and safeguard our information without drowning in a sea of numbers and pass codes?
Face recognition technology offers a simple solution. All you need is an inexpensive video camera, something similar to this, and your face. When a computer is capable of recognizing who is in front of it, it can be programmed to grant access only to those it recognizes as authorized individuals. From then on, as you can see, every file database or record will be delivered only to an authorized face. The computer shuts down as soon as the authorized individual turns her face or moves away from the monitor. That is all it takes; no logging in, no worrying about pass codes or any procedure.
So from the end user point of view, this is a high level security but also convenience. It is security that takes human nature into account. We don't want to have to worry about numbers and pass codes.
Page 56 PREV PAGE TOP OF DOC
In fact, this is a commercial product, and a consumer version of this has been available for the last 9 months for about $60. So it has gone beyond just corporate and banking and Government agencies to the mainstream consumer.
Finally, I want to show a very quick application that this subcommittee might be interested in, which is the application of facial recognition in banking, and more specifically the application in smart cards.
As you may know, smart cards are cards that include memory and a processor, micro-processor chips, just like this. They can fulfill different roles and different applications. They can serve as your ATM card, as an alternative to cash. They can carry medical records. They can carry your driver's license, your frequent flier membership card. They can carry a whole list of information about you.
Of course, since a single card can carry so much information, can enable its holder to do so many things, it is very imperative that security mechanism that protect the content when a card is lost or stolen be in place. We need something to protect the privacy of information that goes on the card.
Biometric technology offers the desired safeguards. By placing biometric information on the card at the time of its issuance, one can prevent unauthorized use. For example, if a digitized facial image is encoded inside the card, then no one can use your card unless they have your face.
Page 57 PREV PAGE TOP OF DOC
Let's see a quick demonstration of this. There is a card. The system will attempt to—what happened here is the biometric information on the card was read by the system and was matched against what is live from the video camera. And if the match is successful, the person is allowed in.
Let's see, for example, if somebody else tries to use Julia's card; if she lost her card, somebody else attempted to use that card. What the system will do it will take an image of the person, will take a graph but will not open up and will not allow this person access to the information on the card. So this renders the card worthless, and its contents inaccessible to anyone but yourself. It is really one of the most effective mechanisms for protecting privacy.
There are many applications of this technology. One was already mentioned, the INS center commuter lane, which is bringing down two hours' worth of wait to about a few minutes; Langkawi airport in Malaysia. We would be happy to provide additional information about these and many other projects after the meeting.
As you can see from our demonstrations today, computerized facial recognition technology has many applications that positively affect the day-to-day lives of many people. It is a tool that can solve problems facing our modern society.
However, as is the case with any powerful tool, especially in new technology, it is understandable that there will be concerns regarding the potential for abuse. Of course, it is up to society to discover and define the responsible uses of innovation. We are ready and available to work with you and the public interest groups to address any privacy concerns.
Page 58 PREV PAGE TOP OF DOC
In this process, I urge that we remain focused on the real issue and the ultimate cause of concern, and that is not the technology itself but the information databases.
Without a database, a biometric system cannot function. Thus, you can channel the technology into positive applications by deciding what databases can be built. No one will argue that a database of known terrorists or drug traffickers invades someone's privacy.
Thank you.
Mr. CASTLE. Thank you, Dr. Atick. I guess we are getting into some kind of a vote here, but we will be able to go ahead at least through one more witness and maybe two.
So let's go to you, Mr. Fuller, for your testimony.
STATEMENT OF CLINTON C. FULLER, CHIEF OPERATING OFFICER, THE NATIONAL REGISTRY, INC.
Mr. FULLER. Thank you, Mr. Chairman. And I thank Members of the subcommittee for having me here today.
The National Registry Incorporated, or NRI, is a public company founded in 1991, with a mission of developing commercial applications of biometric technology.
Page 59 PREV PAGE TOP OF DOC
NRI became involved in the implementation of some of the first biometric systems designed for use by financial institutions. In addition to the Purdue Credit Union System that you saw earlier, members of the Houston Municipal Employees Credit Union have the option of using finger image identification when conducting transactions in their branches, rather than providing traditional forms of ID such as a driver's license or a mother's maiden name.
Later this quarter, Western Bank of Puerto Rico is scheduled to deploy a new branch system that will include the use of biometrics for both customer identification on selected transactions and for internal employee ID for operator log-on, for supervisory transaction, approvals and overrides. The bank already uses a current NRI biometric product for employee access to the bank's central databases.
NRI has been working with the financial industry representatives since 1995. At that time, the major barrier to entry for this technology was cost. In 1995, prices for a finger image based technology, which was considered at the time the most proven biometric, were in the range of $2,500 per workstation. As the first low-cost of finger image scanners became available, something like this unit that has a finger image scanner built into the keyboard is manufactured by Key Tronic, the largest keyboard manufacturer in the United States, and other biometrics became viable, such as iris and facial imaging, interest within the financial industry began to increase and the opportunity to develop sound cost-benefit based business cases arrived.
As 1997 progressed, we saw the focus turn more and more to the business benefits. Where in 1996 the focus had been on how does it work and, more importantly, does it really work, by mid-1997 the focus had shifted to the cost justification and the practical issues of security enhancement.
Page 60 PREV PAGE TOP OF DOC
Questions about the overall viability of biometric technology waned as information technology and security personnel became more knowledgeable.
As a result of our work with the financial community, it became clear to us that biometric authentication offers a number of distinct advantages over other commonly used means of identification. First of all, biometrics provide true positive identification. Password or card-based systems only tell you that whoever performed a given transaction possessed the needed card and personal identification or PIN number.
While this might lead you to believe it was probably the account owner, these methods of identification do not provide any real proof about who actually performed the transaction. In fact, this distinct lack of proof is the reason many automated teller machines in use today have cameras photographing each transaction. Biometrics, on the other hand, provides positive verification of the individual who performed the given transaction.
Biometrics can also enhance customer service. Many forms of customer identification, such as signature verification, photo ID, even PIN numbers, are perceived by customers as something that slows down the process of performing a transaction. Biometrics, on the other hand, enhance customer service by providing quick and easy identification. There is nothing to remember, no risk of leaving a card or an ID at home. Even if their paper credentials are lost or stolen, customers can continue to transact business quickly and easy.
Another benefit of biometrics is they require no teller or operating interpretation. Some systems in use today, such as signature verification or photo ID, require an employee to examine the documents and make a judgment about whether the signatures or the photos match. Errors can and do occur.
Page 61 PREV PAGE TOP OF DOC
Biometric identification depends on computer algorithms to make a yes/no decision, removing the burden of examination and decision from the employee.
And finally, biometrics can act as a deterrent to fraud. If we accept that the cost of fraud is ultimately passed back to the consumer, and that many acts of financial fraud are perpetrated against innocent consumers, then we must consider the possibility that implementing biometrics can provide real benefit to the majority of consumers.
When we examine the issue of fraud in a business environment, we traditionally separate attempts into two categories: Internally generated fraud and attempts external to the organization.
Internal fraud has become a major issue in corporate America. One survey of 1,300 information systems chiefs in the United States and Canada report 45 percent had suffered a loss related to information security. When asked how the losses occurred, 42 percent of respondents cited malicious act by company insiders.
Biometrics provide an easy and effective tool for combatting many types of internal fraud. One use is for employee identification in place of a password when logging into the institution's computer systems. This has a dual benefit of enhancing security and lowering internal operating costs. Without the need to change passwords, calls to internal hotlines are reduced and, of course, the risk of one operator obtaining another's password is eliminated.
In addition to providing identification for sign-on, biometrics can be extended into high risk areas of the bank for transaction level approval. High value transactions, such as a wire transfer, represent an obvious area of vulnerability within the financial industry. Other areas, such as human resources, trust and accounting, also have special security and confidentiality needs.
Page 62 PREV PAGE TOP OF DOC
Implemented selectively, biometrics can be tied directly into these systems, ensuring only authorized users access to sensitive data or initiate transactions.
In terms of deterring external fraud, there are also a number of applications to consider when evaluating the possible benefits of biometric identification. The first and most obvious is customer identification. A biometric provides a quick, easy and highly secure method of verifying customer identity when performing routine transactions such as cashing a check. As banks move into the world of Internet transactions, the issue of positive identification becomes even more critical.
Several types of biometric identification, including finger imaging, voice recognition and facial image recognition, can be easily installed on a home PC, affording valuable protection to both the end user and the bank.
The end user knows their accounts are secure from access by other household members or individuals who might be alone in the home, such as a babysitter. The bank has positive identification for each transaction in case there is a question or a dispute.
In effect, biometric ID becomes the equivalent of the camera placed in the ATM, providing a record of who completed each transaction. As the price of biometric technology continues to drop over the next year, we expect to reach a level which makes it easily accessible for the home computer user.
Business accounts are another area that can benefit from the use of biometrics. Many banks now provide on-line access to corporate accounts to enable controllers and key executives to track their cash position on an up-to-the-minute basis. However, the workstations with on-line access are often placed in unsecured office environments. As with home banking, biometric technology can ensure that only the authorized personnel can access information on it, and initiate transactions.
Page 63 PREV PAGE TOP OF DOC
Mr. CASTLE. Mr. Fuller, we are starting to run into a time problem in our votes. Mr. Metcalf and I are going to have to go vote. Could you possibly summarize in the next 30 seconds or so, so we could do that?
Mr. FULLER. Sure. In summary, NRI believes that biometrics are finally reaching the point where they will become affordable and cost justifiable for both business and personal use. If implemented responsibly, biometrics can solve a number of security issues within the business environment while simultaneously improving end user convenience.
Ultimately, as the cost of fraud decreases and systems become friendlier and easier to use, it will be the consumer who benefits.
This concludes my remarks. Thank you.
Mr. CASTLE. Thank you. I really appreciate the testimony of both of you. It is always better if we can do this consecutively. Unfortunately, votes are now intervening. We have two votes, and this one will close out in about six minutes and another one will go on for awhile.
I think the best thing to do is probably to break until 12:30. And that way, if you wish to take any kind of a break and get a quick lunch downstairs or whatever, you can do it. Hopefully, at that point, we will have an hour's run and we can finish with everybody so we can be done with the whole panel around 1:30.
Page 64 PREV PAGE TOP OF DOC
If any of you have a time problem, see Mr. Lopez here. If you have a plane or something you have to deal with, we will try to juggle as best we can to make sure we get in all of your testimony. There is a lot of interest in making sure we do hear all of this, so we will try to do the very best we can.
I apologize. And hopefully there won't be another series of votes after this. But I think it is about an hour's break after this series of votes. And we can start again at 12:30 and hopefully, as I said, wrap it up at 1:30. Thank you.
[Whereupon, at 11:55 a.m., the hearing was recessed, to reconvene at 12:30 p.m.]
Chairman CASTLE. I am sorry to be ten minutes late. But you may rest assured I was doing important things. I understand there are no changes to schedule, so we will just continue right down the line. Mr. Fuller had just finished before we broke. So Mr. Van Naarden's turn has arrived.
Mr. Van Naarden.
STATEMENT OF ROBERT VAN NAARDEN, VICE PRESIDENT OF SALES MARKET & SERVICE, SENSAR, INC.
Mr. VAN NAARDEN. Thank you, Mr. Chairman and Members of the subcommittee for the opportunity to participate in this process. Sensar, Incorporated is a very good and wonderful example of the combination of Government research, university research and corporate research because in fact that is where the technology has come from to get us to the point of where we are today.
Page 65 PREV PAGE TOP OF DOC
Let me talk a little bit about the value of biometrics and how that relates to your hearing. To us, it is a simple equation. Biometrics simply provides consumer convenience and trust enhancement. It is a way for the retail and banking communities and many other access control environments and other applications, whether it be airlines or what not, to provide a form of security at a much higher level than we have ever experienced before in our lives and, hence, it provides us through that process more loyalty.
In many ways, it lowers costs for organizations which will be passed through