Theory, Characterization and
Testing of General Biometric
Technologies
(Advanced Course)
Jim Wayman
Office of Research and Graduate Studies and
College of Engineering
San Jose State University
1
For Further Details See
“National Biometric Test Center Collected
Works 1997-2000”
www.engr.sjsu.edu/biometrics/nbtccw.pdf
“Biometric Standards Development Final
Report” (1997)
www.engr.sjsu.edu/biometrics/fhwa.htm
2
A SHORT HISTORY
• Bertillion - 1880
• Fingerprinting -1880
– Faulds
– Herschel
– Galton
– Twain
3
A DIGRESSION: GALTON
ON BERTILLION
“There was...a want of fulness in the published accounts
of it, while the principle upon which extraordindary
large statistical claims to its quasi-certainty had been
founded were manifestly incorrect, so further
information was desirable. The incorrectness lay in
treating the measures of different dimensions of the
same person as if they were independent variables,
which they are not.... The chances against mistake
have been overrated enormously owing to this error;
still, the system was most ingenious and very
interesting”. Galton, Memories of My Life (1908), p. 251.4
DÉJÀ VU IN THE 21st
CENTURY
DNA -- NRC I and NRC II
1 error in 103 vs. 1 error in 1010
US DOJ at Daubert hearing on
fingerprinting
1 error in 1097
Iris Recognition
1 error in 1078
5
A SHORT HISTORY
(cont’)
•
•
•
•
•
•
Speaker Verification - 1950
Fingerprinting - 1960
Hand & Retina - 1970
Face - 1980
Poock’s access control lab - 1985
Miller’s Personal ID News - 1987
6
MILLER’S
DEFINITION
“The automatic identification or
identity verification of living,
human individuals based on
physiological or behavioral
characteristics”
7
A SHORT HISTORY
(cont)
•
•
•
•
•
•
•
Sandia National Lab Report - 1991
Biometric Consortium - 1992
Iris recognition - 1994
FERET - 1994
SJSU’s Biometric Lab - 1995
Real Biometricians get mad -- 1996
BC goes to Dept. of Commerce - 1999
8
THE PROBLEM
• What can be generalized?
• What can be stolen?
9
GENERAL APPROACH
REQUIREMENTS
• Applicable to all biometric
technologies
• Minimally disruptive to current
approaches/vocabularies
• Leading to mathematically elegant
descriptions
10
OUR FINDINGS
(THE REALLY GOOD STUFF)
•
•
•
•
•
•
System description
New words/concepts
Distributional issues
“Best Practices”
Test results
Statistical analysis
– Bickel’s equation
– Cotton ball squashing
11
SYSTEM DESCRIPTION
DATA
COLLECTION
SIGNAL
PROCESSING
DECISION
BIOMETRIC
PATTERN
MATCHING
DECISION
PRESENTATION
QUALITY
CONTROL
SENSOR
FEATURE
EXTRACTION
TRANSMISSION
COMPRESSION
STORAGE
DATABASE
EXPANSION
TRANSMISSION
IMAGE STORAGE
12
NEW
WORDS/CONCEPTS
• False rejection/acceptance of a
hypothesis
• Two possible hypotheses:
– Sample in the database
– Sample not in the database
13
NEW
WORDS/CONCEPTS
• Basic measures:
–
–
–
–
–
–
False match
False non-match
Failure to acquire/enroll
Throughput rates
Bin error
Penetration rate
• Equations to derive false
rejection/acceptance from basic measures
14
DISTRIBUTIONS
• Good progress on analytic representations
15
“BEST PRACTICES FOR TESTING
AND REPORTING BIOMETRIC
DEVICE PERFORMANCE”
www.cesg.gov.uk/biometircs
• Stolen directly from NIST SV protocols and
Philips, Martin, Przybocki (2000)
• Technical, scenario, operational tests
• Good faith genuine attempts
• Zero-effort, unknown impostors
• Uniformity or randomization of
environmental (i.e.channel) variation
16
TEST RESULTS
17
FVC2000 -- UNIV.
OF BOLOGNA
FRR
1
FNMR
1
Sag1
Sag2
Cspn
Cetp
Cwai
Krdl
Uinh10^-1
Utwe
Diti
Fpin
Ncmi
10-1
10^-2
10-2
10-3
10-5
10-4
10-3
10-2
10-1
FMR
10^-3
10^-5
10^-4
10^-3
10^-2
FAR
10^-1
18
DoD FRT2000
(www.dodcounterdrug.com/facial
recognition/FRT2000/documents.
htm)
• One-Year Aging under FERET Lighting
19
CESG/NPL TEST
PROGRAM
20
“BEST OF THREE”
DET
21
KNOWN AND
UNKNOWN IMPOSTORS
standard
normalised (best practices followed)
normalised (best practices not followed)
False Rejection Rate
100%
10%
1%
0.1%
0.0001%
0.001%
0.01%
0.1%
1%
10%
100%
False Acceptance Rate
22
BICKEL’S
EQUATIONS
• Cross-comparisons are not
independent
• Find confidence interval for false
match rate when cross comparisons
are used
23
BICKEL’S
EQUATIONS
24
COTTON BALL
SQUISHING
• For biometric measures in vector
space, can we relate
– size of space
– number and distribution of templates
– measurement error radius (no “zoo”)
• to the probability of successful
impostors?
25
COTTON BALL
SQUISHING
by James2 and Wayman
P{no squishing} = P{Y>2r}
• where Y is minimum distance between any of the
M templates and r is the uniform template error
radius in Rd
by Onoyama, et al (1983)
• P{Y>2r} = exp (-c M2 2d rd)
• c = volume of ball in Rd * ||f(x)||2 /2
• and f(x) is the density function of the M templates26
THE ROAD AHEAD
1. Statistical analysis -- “Doddington’s
Zoo”
2. Security Assessment
National Information Assurance
Partnership (US)
Common Criteria (ISO 15408)
2nd Annual International CC Conference
Brighton July 18-19
27
THE ROAD AHEAD
3. Vulnerability
X9.84 Annex E
T. van der Putte and J. Keuning,
“Biometrical Fingerprint Recognition:
Don’t Get Your Fingers Burned”, Proc
IFIP TC8/WG8.8 (Kluwer Academic
Press, 2000)
WVU Center for Identification Technology
28
Research
THE ROAD AHEAD
4. Privacy
National Research Council,
“Authentication Technologies and their
Impact on Privacy”
5. Business case
Fingerprinting in social services
INSPASS
29
Banking industry