Inside This Issue 1. MDTA's Facial/Finger Project 2. Pennsylvania goes to PARIS 3. California CAFIS 4.Point Of View 5.FHA Biometrics Study Biometrics In Human Services USER GROUP Volume 1 Issue 2 November 1996 SECOND ISSUE Welcome! This is the second issue of the Biometrics in Human Services User Group Newsletter. The Biometrics in Human Services User Group (BHSUG) membership is open to all state, federal, provincial, educational or other governmental organizations interested in keeping pace with the latest developments in this field. The focus of BHSUG is providing a platform for sharing ideas and innovations, distributing findings, identifying best practices, recommending and creating useful standards for both human services users and technology developers for this market. In this issue, you will read a detailed account about Massachusetts MDTA's unique combination facial and finger imaging project. New York's plans to pilot finger imaging at ATM's with Citibank. You'll get an update on the Pennsylvania PARIS system now in the RFP stage. A new section called "Point Of View" appears for the first time this quarter and allows vendors and consultants alike to pitch their point of view on emerging technology. This month fingerprint standards are the focus. In addition, we've got info on the new "VeinCheck" biometric technology, Jim Wayman's update on the Federal Highway Administrations Biometric Standards Study, and the California CAFIS biometric system. If it's news in Human Services Biometrics, you'll read about it here! Dave Mintie, Editor REPORTS FROM THE STATES New York Update By Richard Nawrot New York's current database size has climbed to 765,433 clients. Since the inception of our biometric identification system, there have been 24,848 case closings, 433 denials and 1,219 matches. AFIS/EBT DEMONSTRATION Discussions are being held with our EBT contractor (Citicorp) to begin our planning and design sessions regarding the implementation of the AFIS/EBT demonstration. This demonstration will test the feasibility and effectiveness of utilizing the finger image in lieu of a PIN for the transaction of benefits at point of service locations. INTERSTATE MATCH New York and New Jersey have agreed to conduct the first interstate match of finger image data for the purpose of detecting clients in receipt of benefits in both states. Although matches are currently performed utilizing demographic data, such matches cannot detect those clients that use false identities in each state. We expect this match to take place in November. Pennsylvania Automated Recipient Identification System (PARIS) By Sandra Mateer It is not difficult for a person with multiple identities to apply for and receive cash, food stamp, and medical assistance coverage concurrently in multiple cases without being detected. To address this type of welfare fraud, Act-20 of 1995 was passed by the Pennsylvania General Assembly and signed into law by Governor Thomas J. Ridge. Act 1995-20 mandates (Section 414) that an Assistance Recipient Identification Program be implemented to eliminate duplication of assistance to recipients, deter fraud, and assist law enforcement officials in their duties. In response, the Commonwealth's Department of Public Welfare (DPW) plans to issue an RFP (Request for Proposal) for an automated fingerprint identification system (AFIS) in November 1996. This system, referred to as the Pennsylvania Automated Recipient Identification System (PARIS), will capture digitized fingerprint, photo, and signature images of cash, food stamp, and medical assistance "payment name" recipients, who are required to visit county assistance offices (CAOs). -Implementation of PARIS will coincide with the statewide roll out of an electronic benefit transfer (EBT) system. To minimize scheduling confusion and inconvenience, each recipient/applicant will be scheduled for a single appointment for image capture, and EBT card (the "ACCESS" card) issuance and training. In addition, the ACCESS card design will combine digital imaging and thermal printing technology to create a tamper-proof- identification card complete with the recipient's photograph and signature, as well as text, logos, background patterns, and a holographic overlay. -For more information on PARIS, contact Sandra E. Mateer (Tel: 717/772-4742; FAX: 717/787-0939; Internet: smateer@state.pa.us), or call James Weaver (Tel.: 717/783-8477; FAX: 717/787-1678). In addition, copies of Act 1995-20 can be obtained by contacting the Pennsylvania Legislative Research Massachusetts Department Of Transitional Assistance Image Identification System (IIS) By Alfred Fuoroli [Editors Note: The following article was the basis for a presentation at CardTech/SecurTech Government 96' and appeared in the CardTech/SecurTech Proceedings. It is reprinted with the author's permission. Alfred Fuoroli is the IIS Project Manager ] BACKGROUND Since 1982 the Department Of Transitional Assistance (DTA) has required recipients to present a photo ID to transact their food stamp benefits. This system was a DEC IV Photo ID system with a centralized processing facility. The process, from a picture capture to return to the local office took 3-5 days. In the interim the recipient received a paper non photo ID card to transact their first months benefits. On average the Department issued 9,000 Photo ID cards and 9,000 paper ID cards each month. In September of 1994 the Department began a cash assistance EBT pilot. As part of that pilot the Department also piloted an over the counter instant issuance Image ID system. The process includes capturing the recipients demographic information, the recipient facial image and generating a card. Once the PC based production equipment completed the card was placed in an embosser/encoder which received the information stream from the PC based production equipment, the completed card was then signed by the recipient. Some important lessons were learned from this pilot. The table top embosser encoding machine is the weak link in the process since it was the most prone to breakdown. The two step process must be reduced to one step to insure that the information on the magnetic stripe matches the information on the card, to reduce operator error and to increase equipment up time. The statewide system must insure quick turn around time for IIS failures and the system must be able to continue to capture images, for later mail out, if the production equipment is down but the application is still operating. If the card is to e used for EBT a correct track two is the most critical element in card production. Prior to release of the Image Identification System (IIS) RFP the Legislature required the Department to pilot Finger/Facial Imaging and Matching in the Lawrence local Transitional Assistance office and in the Springfield local Transitional Assistance offices. The Department decided that the finger/facial imaging should be included in the RFP and be an integral part of the IIS workstation. IIS PRIMARY OBJECTIVES With these lessons in mind we developed the RFP. The objectives of the statewide system included the following. * Produced a complete card including encoding in a one step process; i.e., when the operator chooses enter after capturing all the required information a finished card is produced by the process. * Search and retrieve the last set of images and/or demographic information at the beginning of the card production process. This allowed for less operator key entering and verification of identity prior to card issuance. The search and retrieve access a central database, each location has on-line access to all statewide images. * Allow the production of seven (7) card types. This was necessary to prepare for EBT, to accommodate USDA FCS card type requirements and to create employee ID cards. Each card contains different data elements and different colored banners depending on the type of card. * Work independently of the server if the workstation experienced network problems. In addition to network security, a separate user security system was developed to work independently of the network on the desktop workstation. * Continue to capture the images if the card production equipment was inoperable. The cards will be created at a later date when the production equipment is repaired. The card can then be mailed to the recipient. * A blank card perpetual inventory system as part of the production process. * Query ability by four defined identifiers and paper print capability. * Ability to capture biometrics information as part of the card production process and at a single workstation. PERFORMANCE REQUIREMENTS The system will store or retrieve images and/or data in less than 15 seconds while supporting 100 simultaneous transactions. The production equipment will create a complete card once information is captured within approximately two minutes. The system can continue to capture the next recipient's data while the previous recipient's card is being produced. CHOSEN VENDOR LAU Technologies (Viisage) of Acton Massachusetts was the chosen vendor. LAU is utilizing NRI as a subcontractor for our finger imaging pilot offices and DataCard as their source of card production equipment and consumable items. LAU technologies (Viisage) was responsible for application development, implementation, documentation, and training. WORKSTATION CONFIGURATION (non finger imaging) Pentium 120 PC with 16M memory 850MB Disk, CD ROM, network card, video card w/1MVRAM and a 17 inch monitor. Framegrabber card inserted into the PC and LAU Technologies proprietary Sensor Mast controller card inserted into the PC. DATACARD II+ card printer with encoder. SENSOR MAST-LAU manufactured, integrated light, facial and signature image capture device. IIS WORKSTATION SOFTWARE DOS/Windows 3.1 Novell 3.12 FTP's OnNet TCP/IP Software Oracle's TCP/IP Protocol Adapter Oracle's SQL*Net ODBC driver for Oracle Lotus Approach LAU Technologies (Viisage) created application IMAGE SERVER REQUIREMENTS Digital Alpha 1000 Unix/Oracle LAU Technologies (Viisage) created database software and routines IMAGE MATCHING Our business objective in image matching (finger and /or facial) is to prevent a single recipient from receiving benefits under more than one identity. The ideal process must fit into the local office workflow and not place DTA workers in a confrontational role. In keeping with our business goals, on-line real time identification of matches is not a requirement. The Department currently captures an matches finger images in three local offices for TAFDC recipients. We capture and match facial images in all offices. Finger images are captured at the end of the capture demographic/images process of the card production process. The system prompts the operator to select capture finger images at the select card screen at the beginning of the process. The facial images used in facial matching are those that are normally captured as part of the card production process. FACIAL MATCHING If the Department is authorized to implement biometrics matching on a statewide basis one of the first decisions to be made would be what type biometrics matching is most efficient. Are finger and facial matching redundant processes and one should be eliminated? Or are they complimentary processes and should be used together to create a more efficient system. One of the ongoing issues with the traditional one to many (1:N) finger matching with large databases is the speed and size of the hardware needed to perform the search. The one to many (1:N) facial matching process can be done quicker with less hardware horsepower. Using these complimentary technologies we could produce a system that uses one to many facial matches as the first sort and then applies the finger matches to a subset of hits. Such a process has the ability to be quicker and less expensive and as accurate as a traditional one to many finger comparison system. EBT READINESS The card produced by the IIS system is ready for EBT and is currently being used for EBT in the Brocton EBT pilot. The card must comply with appropriate ISO standards for card specs. In addition it follows the NYCE network operating rules. It is also designed to be compliant with the QUEST operating rules. The most important aspect of the card, from an EBT standpoint is track 2. Depending on the state's requirements, the EBT card types are: cards issued to the recipient, food stamp authorized representative cards and cash authorized payee cards. You may also wish to issue a food stamp card for recipients whoa are eligible for special services such as communal dining and the food stamp restaurant program. This will allow your EBT contractor to restrict certain card types to certain food stamp authorized retailers. There are many ways of allowing for different card types designation of the PAN. Massachusetts uses the first digit of the unique portion of he Primary Account Number (PAN) (The first number after the (BIN/IIN) as the card type identifier. IIS SECURITY When we moved from centralized processing facility to a decentralized process we increased the exposure of the equipment to theft and unauthorized card creation by 40 times. Security procedures should be established and monitored by office management and internal control staff . Physical security: Each IIS workstation is housed in a separate room with no windows or grated windows. The room is also secured with deadbolt lockable doors and is alarmed. System Security: Network security is managed by Novell with access profiles and individual passwords. If the system can not access the network and must operate in a standalone mode the individual workstation also has security profiles and individual passwords. The system will only create a card with image information that was captured at time of production. Historical image information can not be used to create a new card. In addition to complete audit trail functionality each card is its own unique audit trail. Physical Card Security: When we developed the RFP the Federal EBT Task Force developed a list of card security features prior to choosing our security features. We also required each potential vendor to submit an independent laboratory report that the card meets the required ISO standards and to test the card and render an opinion on its vulnerability to counterfeiting. Each security feature is placed on the card during different parts of the production process. We have three security features placed on the card by a centralized processing facility, the finished product is our "blank" card stock. These security features include a BLUE and BLACK colored back, Micro fine printing on the face of the card and fluoresce lettering on the face of the card. The fluoresce lettering can only be seen with a black light and the micro fine printing can only be seen with magnifying optics. The rest of the security features are placed on the card during the production process and are software controlled. The print on the face of the card is multi colored, the recipients facial image is printed twice o the card, once in the portrait area and once as a ghost under the recipient's demographic information. A holographic overlay designed by the DTA is adhered to the entire finished face of the card. Magnetic Stripe Card Security: In addition to the traditional check digit as part of the Primary Account Number (PAN) track two of the magnetic stripe includes a Card Authentication Value (CAV). The CAV is an encrypted three digit number that allows the EBT processor to authenticate the track two information. CAV's can only be evaluated for accuracy if the transaction is not key entered. CONCLUSIONS Over the counter facial/signature image EBT cards work for public assistance programs. They provide an effective way to capture demographic information, capture facial and signature image, encode magnetic stripe information and produce a card that is ready to access benefits. The card creation and facial/finger matching integrated workstation concept works well. The integrated workstation concept allows the Department to capture all required information at one location in one process stream, prevents the duplicate capture of information, streamlines the process and lessens the development effort. Facial matching is still in the BETA test mode; however we have been impressed with the results to date. The technology works, but more importantly no additional steps are required by the operator the local office to capture the information needed for the facial match. In addition facial matching is less controversial from a recipient and advocate standpoint when compared to finger matching. CONTACTS: Richard Pedrolli, IIS Contract Manager (617) 348-5128 Alfred Fuoroli, IIS Project Manager (617) 348-5244 Len Aiello, IIS Field Operations (617) 348-5725 Fran Hinkley, Director, Systems Technical Operations (617) 348-5206 The California Statewide Fingerprint Imaging System (CA SFIS) project. By Tom Ruggles [Editors Note: Tom Ruggles is the Project Manager for CA SFIS] SFIS Facts: * RFP release date -- 16 August 1996 * Number of counties covered -- all 58 CA counties * Number of enrollment workstations statewide -- more than 200 (we expect perhaps 250-300 or at least one per County Welfare Office -- the precise number of workstations required is up to the winning vendor) * Typical enrollment workstation configuration -- PC (running Windows), Live Scan fingerprint reader, color digital camera for photo images, printer * Expected central site equipment configuration -- unknown (this will be up to the winning vendor) * Target enrollment population -- 6M in 4 years * Expected enrollment and time frames for the initial enrollments -- initial enrollment of 3M by end of first year -- 1.4M existing welfare clients will be enrolled within the first 8 months of operation Will you be issuing an ID card? -- Initially no, although the system must be capable of creating an ID card Will your ID card be EBT compatible? -- I anticipate that it will be compatible. Other topics: The project is called the California Statewide Fingerprint Imaging System (CA SFIS) project. We expect that a contract will be signed in May, 1997 and that the system will be fully functional in all counties by July, 1998. Remote Input workstations will be installed in 3 phases: 10% (approx. 25) Phase 1, an additional 30% in Phase 2, and the remainder (60%) in Phase 3. The CA SFIS will be a state-wide system and it will replace all other systems currently in operation (unless a particular individual county wishes to fund a system on their own -- and in this case the county will still be required to use the CA SFIS in addition to the use of their own system). The CA SFIS will support the AFDC and Food Stamp programs. Medicare may follow at a later date. The State is considering adding the General Assistance (only) population to the CA SFIS -- GA (only) accounts for a very small percentage of the overall welfare population in the State. The CA SFIS will be integrated with the California Statewide Automated Welfare System (SAWS). SAWS is a unified collection of welfare databases. Among the many benefits of the SFIS-SAWS interface, the SFIS-SAWS integration will reduce the number of duplicate records in other state welfare databases. Tom Ruggles can be contacted at struggle@aol.com THE FEDERAL HIGHWAY ADMINISTRATION CONDUCTING BIOMETRICS STANDARDS DEVELOPMENT STUDY By James Wayman The San Jose State University College of Engineering is completing a project with Federal Highway Administration (FHWA) to study the use of biometrics for the identification of commercial drivers. This is not the first FHWA study to address this issue, but rather is one more part of an initiative started 10 years ago by Congress to improve the safety of commercial vehicles and their operators on our nation's highways. In 1986, the U.S. Congress passed the Commercial Motor Vehicle Safety Act establishing a "one-driver, one-license, one-record" policy for commercial drivers. To enforce the act, which made it illegal for a commercial driver to be licensed concurrently in more than one state, the Commercial Drivers License Information System (CDLIS) was established, becoming operational in the early 1990's. In 1988, after hearing testimony from the American Trucking Association that the CDLIS system of identification was too weak to deter licensing fraud and that "unique identifiers, such as fingerprints or retinal images...should be used in the licensing system to make identification foolproof", Congress passed the Truck and Bus Safety and Regulatory Reform Act requiring the Secretary of Transportation to establish, by 1991, "minimum uniform standards for a biometrics identification of operators of commercial motor vehicles". On the basis of a commissioned study of fingerprinting and retinal scanning completed in 1990, the Federal Highway Administration concluded that "more time is needed (for biometrics) technology ...to develop to meet the functional requirements..." In 1995, San Jose State University was retained to re-study the issue of biometrics and commercial driver's licenses. The San Jose study is divided into several sub-tasks. We are working actively with the Federal Highway Administration and the Departments of Motor Vehicles of the various States through the American Association of Motor Vehicle Administrations to: 1) define, specifically, the application of biometrics technology to the national commercial driver's licensing system; 2) establish a general methodology for determining the best biometrics technology for any specific application; 3) establish criteria for selecting candidate technologies for this application; 4) select candidate technologies; 5) suggest candidate standards for a multi-State system based on these technologies; 6) obtain cost and operational data from existing systems employing these technologies in a similar application; 7) discuss implementation issues, such as system design, cost/benefit, and estimated system performance. We have determined that there are two potential applications of biometrics technology to commercial driver's licenses. The primary application is to prevent the issuance of multiple licenses to a single driver. A secondary application it to verify that the license presenter is indeed the authorized holder of the license. Using a taxonomy scheme we have developed, the first application can be classified as a non-cooperative, overt, non-habituated, supervised, standard environment application. The second is classified as a cooperative, overt, habituated, supervised, non-standard environment application. We have established criteria for selecting candidate technologies for each of these applications. The selected technology must be: 1 )demonstrable by the vendors to be useful in this application; 2) supported by independent performance audits of existing system in similar application; 3) supported by multiple vendors using open architectures. It this final criterion, of course, that causes the most difficulty. At this time, only fingerprint system vendors can demonstrate use of their equipment in the primary, non-cooperative application. Additionally, independent audits of performance of non-cooperative fingerprint identification systems are available. Despite the compatibility problems of flat-scan fingerprint systems and the inapplicability of the ANSI/NIST image and compression standards developed for rolled-print, forensic applications, we believe that flat-scan fingerprinting represents the only feasible technology for the primary application. We are studying cost and operational data from existing, large scale, social service applications for projecting performance of fingerprinting in the CDLIS environment. With regard to the secondary application, several technologies meeting the first two criteria are available, including hand geometry, voice, and fingerprinting. To implement the new North American Driver's Licensing Agreement (NADLA) and provisions of the North American Free Trade Act (NAFTA), the Immigration and Naturalization Service (INS) is also actively studying the use of a biometrics identifier for commercial drivers at border crossing. We are working with INS to coordinate our efforts at technology selection. Our research effort will conclude in June, 1997, and will result in a final report documenting our conclusions, outlining additional technical work development of national, industry-wide standards for all selected technologies. e-mail: biomet@email.sjsu.edu Web page: www-engr.sjsu.edu/graduate/re_biom/main.htm (408) 924-4037 POINT OF VIEW [Editors Note: Point of View is new to this issue. This months topic deals with the issues of emerging civil standards in the biometric community. Contributors are vendors and consultants working in this complex field. Their comments represent their personal point of view.] Fingerprint Identification Standards for Emerging Applications By Gordon H. Dechman Automated Fingerprint Identification System (AFIS) technology has been proven in law enforcement over the last 25 years, and the use of AFIS technology is rapidly expanding in a number of new applications areas including welfare. However, the rush to capitalize on the benefits of the technology, in advance of appropriate standards and technology validation methods, is likely to result in a widespread failure to achieve the very valuable programmatic expectations over the long term. For serious large-scale positive-identification applications, no other currently-available biometric technology comes close to fingerprints. Fingerprint identification technologies are: * well established: fingerprint identification has been used in law enforcement applications over the past 100 years, and has become the de facto international standard for positive identification of individuals. * proven: AFIS (Automated Fingerprint Identification System) technology has been developed, refined and proven in demanding law enforcement applications over the last two decades. * legally accepted: The legal precedents which have been established in the U.S. court system make fingerprints the only biometric proof of identification which is readily accepted in legal proceedings. * mature: Fingerprint identification technologies are well beyond the R&D stage, as evidenced by the fact that a number of viable manufacturers produce competing products for a wide-spread and well established marketplace. In most other biometrics, the technology is only available from a single vendor, making any large-scale long-term application very risky. Recent advances in computing and digital imaging technology have led to the introduction of new AFIS methodologies using electronic "live-scan" plain impression1fingerprint images as the basis for identification. The proliferation of plain-impression AFIS systems is rapid and accelerating at the state and federal level, in large-scale applications, including welfare, driver's licensing, border control, immigration and military personnel identification. These new identification applications are being treated as straightforward applications of AFIS technology. Plain-impression AFIS applications are relatively new, with a few well-publicized success stories and no documented reports of significant problems. All AFIS vendors and several integrators currently offer applications that use plain-impression fingerprinting, which is an effective endorsement of the plain-impression technologies. Furthermore, plain-impression AFIS applications are not nearly as complex as those in law enforcement, and the associated fingerprint scanners are simple and relatively inexpensive. Many, if not most, lab-collected prints "look" better than inked prints. In fact, however, the new applications of AFIS technology, especially in welfare, are pressing the limits of AFIS capabilities. The new applications of plain-impression fingerprint technology depart from law enforcement applications in the use of radically reduced fingerprint information to minimize capture times and storage requirements, coupled with requirements for unprecedented levels of identification performance. Consider the following significant differences between the proven AFIS applications in law enforcement and the new plain-impression applications in welfare: * Law enforcement AFIS applications use "nail-to-nail" rolled fingerprint impressions as the basis for all identification processing. A plain-impression print can be less than 50% of the area of the equivalent rolled print, providing significantly less data for identification processing. * The proven law enforcement AFIS applications use either 8 or 10 finger images to achieve identification accuracy. Plain-impression AFIS applications only use 1 or 2 finger images. The other 8 fingerprints are not captured, and are not available for backup comparisons. * AFIS systems were designed to cope with the typical problems of inked fingerprints, such as smearing and over-inking or under-inking. Electronic live-scan images are subject to image distortion, image breakup and other quality problems that are significantly different from the problems experienced with inked fingerprints. * In law enforcement applications, the AFIS produces a "candidate list" of possible fingerprint matches (usually 10 - 100 records) which are reviewed manually by an expert fingerprint examiner to determine if any of the candidate records is truly a match for the search record. Most new plain-impression applications are fully automatic, and require that a unique match candidate be identified by the system, without manual intervention. In addition, for most welfare applications, very high identification accuracy is required, in terms of both False Positive and False Negative errors. AFIS accuracy, cost-effectiveness and interoperability is totally dependent on the quality of the fingerprint images. In the vein of the old "garbage in, garbage out" adage, if the quality of the fingerprint images is poor, the AFIS system's identification performance is certain to be reduced. As such, the plain-impression live-scan fingerprint scanners could well be the single most important element of the new applications. The following considerations suggest the seriousness of the vulnerabilities which can result from fingerprint scanners: * Electronic fingerprint scanners are known to be subject to one or more types of geometric distortion as well as image breakup and other types of image quality problems, that do not have an analog in inked fingerprinting. These problems may not be correctable using standard AFIS image processing methods and may contribute significantly to reduced identification accuracy, especially in large systems. * Although an AFIS can be "tuned" to be insensitive to the systemic distortion problems of a particular brand of scanner, the injection of fingerprint images from another scanner with different image accuracy characteristics will degrade the identification performance of the AFIS in an indeterminate manner. At least one major AFIS vendor refuses to implement an operational AFIS system that incorporates fingerprint scanners from multiple manufacturers, as a matter of policy. * The FBI has reported informally that poor-quality fingerprint images are significantly more susceptible to image degradation and loss of information, when compressed using the FBI's WSQ compression technique for telecommunications and/or archival storage. WSQ compression is being widely implemented or specified in law enforcement and the new applications. To ensure system performance, cost effectiveness and interoperability, the electronic plain-impression fingerprint scanners must produce consistently high quality fingerprint images, and must be subjected to rigorous standards of quality control, both in manufacture and in operation. Recognizing the impact of image quality on all aspects of fingerprint identification, the FBI, in concert with the National Institute of Standards and Technology (NIST), has led the development of fingerprint image quality standards for law enforcement applications. The FBI has published a definitive set of Minimum Image Quality Requirements1 which is mandatory for the submission of rolled-impression fingerprints to the FBI for law enforcement applications. There are no formal standards for single-finger image quality measurement or quality control. The rush to capitalize on the benefits of AFIS technology in the new plain-impression fingerprint applications areas, in advance of appropriate standards and technology validation, is already leading to problems. In at least one case, the lack of technical standards has led to the creation of a very large fingerprint database of such poor quality that a large percentage of the fingerprint images reportedly cannot be processed by an AFIS. Furthermore, well-known systemic problems of the data collection apparatus may result in data that is incompatible with corresponding data collected by different systems in neighboring jurisdictions. As a result, systems in neighboring jurisdictions may only be capable of supporting interoperability at significantly reduced levels of identification accuracy. Although there are no formal standards for single-finger image quality, the FBI image quality standards are believed to be directly applicable to plain-impression live-scan fingerprint images. The FBI Minimum Image Quality Requirements should be cited in every welfare AFIS acquisition specification. But the FBI standards do not go far enough in specifying how a plain-impression live-scan device or system can be tested to show that: (a) it meets image quality requirements during initial acceptance testing of the system; or (b) it continues to meet image quality requirements during months and years of subsequent operational use. The coordination of federal and state R&D efforts to develop standards and test methodologies, and to solve the problem of interstate and inter-program incompatibilities, has the potential for very considerable cost savings. As such, the federal government has a vested interest, as well as an obligation, to provide technical standards, technology validation methodologies and implementation guidance in the use of plain-impression fingerprint identification systems. Currently, seven federal Departments have some involvement in, and/or responsibility for fingerprint identification applications, and could all contribute to or benefit from the development and promulgation of the needed standards. However, until a lead agency is designated and federal standards can be developed and turned into useful technical guidance and methods, it is left as a challenge to each individual welfare agency to devise the appropriate acceptance and operational tests to ensure the continued peak performance of their systems. [Editors Note: Gordon Dechman is President FingerPrint USA, a small business that provides expert technical consulting in fingerprint identification technologies and applications, and in the specification and acquisition of complex automated fingerprint identification systems. For additional information, contact Mr. Dechman directly (telephone: 703-754-0308; e-mail: gdechman@fpusa.com ) or visit the FingerPrint USA home page at http://www.fpusa.com.] Comments on Extension of Criminal Fingerprint Standards To Social Services Applications By Ellsworth Clark [Editors Note: The following viewpoint was authored by Ellsworth Clark, Director of Systems, The National Registry, St. Petersburg, FL, in response to a request for clarification to some of the issues involved in specifying fingerprint standards for Human Services systems. Eb has an extensive background in both criminal and civil applications of fingerprint technology.] The standards established for the interchange of criminal fingerprint data address the following areas: * The definition of standards for the capture of finger image data. * Processing standards for the finger images (compression) * File formats for the interchange of finger image data The objectives in developing and accepting the standards are to insure the ability to transfer, interpret, and use both fingerprint image and demographic data between and among criminal justice agencies and provide an effective means for transfer of data between non-compatible finger image systems. Much of the impetus for establishing the standards is the national central repository and processing function to be provided by the FBI's IAFIS. Adherence to the IAFIS standards will be insured in that most criminal (and non-criminal civil "applicant") fingerprint cards are submitted to the FBI for search. Although there is currently no similar central system for non-criminal applications, there does exist a need for standards. Currently in process are a number of initiatives for cross-jurisdictional search of welfare finger image files. Connecticut plans information transfer and search of data between itself and the systems used in New York, New Jersey and with other New England States as they implement finger image based welfare systems . It is important that the finger image data being collected and used by the state meet quality levels needed by the State, that they are in a format which can be utilized by another AFIS system in the future, and that any processing performed on the image (primarily image compression) does not reduce the usability of the image. Although both the criminal and non-criminal systems are finger image based, utilize AFIS techniques, and will have the same inter-jurisdictional data transfer requirements, it is not necessarily appropriate that the criminal AFIS standards be accepted in whole for use in the civil community. There are a number of areas in which the quality of finger image information, the nature of its use, and the amount of information needed in data transfer must meet far more rigorous standards in the criminal justice area than in civil processing. Inherent in the design of the criminal system is its use in two basic functions - identification and latent print processing. In the identification function, images from a 10 print card are searched against a database and, if no match is found, registered to the database. The data registered is utilized in the latent function in which finger images from crime scenes, usually of very poor quality, are searched against the database. The latent process is far more exacting and its performance and accuracy are greatly affected by the size and quality of the finger image file. The IAFIS image quality specifications were established to meet this type of identification and latent processing. Civil applications require only the Identification function, where less stringent quality specifications have proved satisfactory in meeting realistic performance requirements. Equally important is the source of finger image data. All criminal systems, with the exception of the NCIC 2000, are based on the "rolled" finger which is captured for electronic use by either the scan of an inked card or the use of an expensive 10 print live scan device consisting of one or more scanners capturing the equivalent of the rolled finger and a computer dedicated to the processing of the image. Current and planned civil systems, including welfare, are based on inexpensive single finger live scan devices, interfaced to the computer through conventional frame grabbers. In many cases, the finger capture and processing capabilities are added to existing PC based workstations and future applications will be dependent on smaller, less sophisticated devices which cannot economically meet criminal AFIS standards. The last significant difference between the standards established for criminal AFIS systems and those needed for civil systems is in the amount and form of data needed for information interchange between systems. The IAFIS-specified information in the ANSI/NIST interchange format is specifically designed for the transfer of criminal data, but is more complex than necessary for welfare use. Following are comments on individual criminal justice standards, their applicability and their limitations in use in civil applications. ANSI/NIST - CSL 1-1993 Developed to define the content, format, and units of measurement for the exchange of information, its features are: * A standardized file format. This includes a variety of acceptable finger image formats (high and low resolution, "binary"), use of minutiae data, etc. Additionally, the file format includes a number required control fields, some of which are specific to criminal AFIS processing and optional user specified text fields. * A number of allowable finger image formats; of these, it would be recommended that only compressed and non-compressed high quality gray scale be utilized. * Specifications for the scanned image - high quality gray scale - 500 dpi, 8 bit resolution * Data representation - first bit high, etc. A standard sub-set of fields established by this standard would be appropriate for use in data exchange in civil applications: the image resolution requirements are current "industry standard". It is appropriate for external interchange. It is not appropriate for either internal file handling nor for the exchange of data internally within a system. The ability to meet this file format has been required in a number of recent RFPs in social service and other civil applications. No standard sub-set has been defined. IAFIS -IC - 0110v2 This standard establishes a specific implementation of wavelet scalar quanitization (WSQ) gray scale compression for finger images. In order to meet the specification, the specific WSQ implementation must be certified by the FBI. This compression technique is specifically designed to minimize the loss of gray scale information in the processing of fingerprints, provide a standard compression technique allowing for image interchange, and to insure maximum image quality for both human and computer processing. Initial welfare implementations, which preceded the establishment of WSQ, do not conform to this standard. All current criminal systems require it, and it is a requirement in all current social service procurements. It is currently in use in Connecticut. Note that should WSQ be unavailable at either the originating or receiving location, an uncompressed image may be utilized at a higher cost in transmission and/or storage. CJIS-RS -0010v4 This very extensive standard is a detailed extension of the ANSI/NIST CSL 1993 standard. In particular, ANSI/NIST CSL-1993 declares the demographic record (Type-2) as user-defined. This specification provides the definition of the Type-2 record for FBI use. It addresses: File Format. Included in this standard are extensive, complex, and very detailed fields designed for the interchange of criminal data and finger images. Definition of both mandatory and optional fields are highly specific to criminal justice processes and the submission of transactions to/from the FBI in particular. The complexity and high degree of specificity make this a difficult standard upon which to base a sub-set more appropriate for use in civil applications. There have been no RFPs or installations in civil applications which have required compliance with the specifications of this standard. Finger Image Specifications. Item 3.9.1 references the ANSI/NIST CSL-1993 for the required resolution of finger images - comments as above. Item 3.9.3 requires WSQ as the compression algorithm - comments above. Item 3.9.3 Addresses Fingerprint Image Quality Specifications, which are provided in Appendix F and discussed below. Appendices F and G Appendix F addresses IAFIS Image Quality Specifications - Appendix G is an interim specification which was issued to allow the accrediting of current live scan (10 print) devices and is a relaxed set of specifications for scanning devices, both paper and live-scan. Appendix F (and in the interim, Appendix G) addresses 10 print live scanning devices, latent scanners, and the display (video) and printing of both types of image. As discussed above, the IAFIS image quality specifications were developed for use in the more demanding criminal justice environment, particularly latent image processing. Several areas of Appendix F are clearly not applicable to civil applications - in particular those referencing the acquisition and processing of latent images. Display specifications (Section 4.0), specifically those in section 4.2, Latent Print Comparison Display, exceed those needed in most, if not all, civil workstations. Printer specifications are for the re-creation of 10 print cards; they are not necessarily applicable to printing at most civil application workstations. The most difficult aspect of Appendix F is that of the Fingerprint Scanner Specifications, Section 2.0 (and in the interim, Appendix G). As discussed above, finger capture in the criminal AFIS environment is either by the scanning of an inked card or by use of an expensive 10 print live-scan system. All current civil systems, both government and commercial, are presently based on the use of a combination of a single finger live-scan device with the finger image being captured by a frame grabber from the scanner's video signal. Although several manufacturers of single finger live scan devices have stated their scanners are designed to meet Appendix F, none have been certified and, to our knowledge, none have been submitted for certification. None of the currently installed non-criminal systems meet this specification and, with presently installed equipment, none can meet this specification in the future. As stated in Appendix F, the quality of images must be sufficient to "allow for : (1) conclusive fingerprint comparisons..(2) fingerprint classification".. (not necessarily applicable in civil applications and not used in the Connecticut welfare system).. "(3) automatic feature detection , and (4) overall... AFIS search reliability". The image quality specifications of Appendix F are designed to meet these in the IAFIS application, with very large files, very demanding accuracy requirement and latent search. The general application of these standards to non-criminal systems may well impose (a) an additional and unnecessary expense or (b) an inability to use equipment suited to the application but not meeting the specifications. An additional problem is the application of this standard to one:one matching systems, which have a completely different set of image, processing, and accuracy needs. Appendix F has been addressed in several recent RFPs. To our knowledge there have been no fully compliant responses and, given that no current single finger live-scan devices have been certified, none should have been offered as an existing solution. Summary There are no standards which have been specifically established for civil two finger applications. The "industry", which includes primarily government users and a limited number of successful vendors, have accepted some portions of the criminal justice standards for use. Specifically: * ANSI/NIST 1993 * File Format for interchange (it has never been used, alternates have been proposed for specific applications) * Scanning density (500 dpi, 8 bit gray) * WSQ Compression (not all have employed, virtually all current systems now offer) The FBI's EFTS has not been implemented nor referenced outside of Appendix F, discussed above. While standards are needed and would be useful for civil applications, blanket use of criminal AFIS standards is neither useful nor appropriate. Where applicable, sub-sets would be more appropriate, such as in the formats actually allowed from the ANSI/NIST menu. For additional information, contact Mr. Clark directly at (813) 573-3353 Web page: http://www.nrid.com BIOMETRIC TRENDS Washington, DC. - The Associated Press reported that the FTC is considering a number proposals by credit card companies, credit bureaus and government regulators to combat identity fraud. The major controversy involves "real name fraud" . Crooks use real names, Social Security number and credit history to obtain fraudulent credit cards. Suggestions included biometric fingerprinting systems to check identities. The FTC planned to form a working group from the more than 60 participants to continue the discussion. Perdue Indiana - Biometric identification technology from NRI will enable the members of Purdue Employees Federal Credit Union to conduct a broad range of financial transactions at a new unattended "virtual" branch office. This is believed to be the first operational implementation of positive finger-image identification by a U.S. financial services institution. The biometric technology vendor is The National Registry, Inc. Their software will secure all customer transactions by verifying the identity of Purdue Credit Union members using the computer-based systems at the unattended branch. The "virtual" branch will be supplied by Real Time Data Management Services, Inc. of Norfolk, VA as part of their Credit Union Member Access Service Network called Q-MAN. The unmanned branch is expected to offer the services of a traditional branch at less than half the associated costs. The finger imaging solution will simplify account inquiries and transactions by providing a quick yes/no answer to verify the identity of customers accessing personal accounts. As members access their accounts and conduct transactions, they touch their index fingertip against an optical scanner. The NRI software will confirm or deny their access to the system based on previous enrollment of their finger image into the credit union membership account database. Additional information is available at http://www.nrid.com San Antonio, Texas - North American Morpho Systems Inc. of Tacoma Washington has announced plans to develop a pilot finger imaging system for the Texas Department Of Human Services (DHS). The Lone Star Image System will be a ten month pilot to evaluate the effectiveness of fraud prevention in the AFDC and Food Stamp programs. The University of Texas will help DHS evaluate the program. Texas will be the first state to include food stamp recipients in it's finger imaging program. A total of 4,467 recipients will be enrolled during the first four days of the project in a two county ten office pilot area. The value of the one year contract is $299,360. If the pilot is determined to be successful, statewide implementation could begin as early as September 1997. For additional information e-mail: communications @morpho.wa.com Massachusetts - Keyware Technologies has announced the introduction of a combined facial and voice verification technology integrated into security systems. The system uses a layered verification algorithm to integrate the matching of spoken language and facial images. The speaker recognition and voice verification technology was developed by Lemount & Hauspie Speech Products. Facial recognition development is by Excalibur Technologies. Additional information is available at http://www.keywareusa.com. Ellington, Connecticut - Accu-Time Systems, Inc. (ATS) has announced a new line of employee attendance verification terminals. Their systems use Identix finger scan technology in a package that eliminates the possibility of falsified time cards. There is no need for time cards and badges. Colorado - T-NETIX, Inc., based in Englewood, is promoting applications using their SpeakEZ Voice Print System. Dubbed Customer Verification Service (CVS), the technology is designed for use by banks, brokerage houses and other financial institutions to authenticate customer transactions. The systems verify a customers identity before permitting a transaction. For more information contact http://www.T-NETIX.com Oregon - Unisys Corporation announced a national marketing alliance with JobQuest, Corp. at the American Public Welfare Association Information Systems Management Conference here on September 17, 1996. They report the relationship will help them assist governments to achieve welfare reform objectives. They will be using technologies that enable governments to deliver welfare services and help people gain employment , while reducing administrative costs for welfare agencies. The product is called EIS (Efficiency, Integrity and Self Sufficiency). Technologies employed in the EIS solution include document, fingerprint and photo imaging, multimedia kiosk, notebook computers, portable scanners, and interactive voice response. For information contact http://www.capability.com Delaware - Governor Thomas R. Carper announced that Deleware will employ a two megabyte storage capacity optical memory card to roll out the states pilot EBT program. The Delaware EBT System known as "Card One" will use a card provided by Zerco Systems International. The Delaware Card One can contain a photograph and a digital fingerprint eliminating identification fraud at point of sale at retail stores. The Governor envisions dispensing multiple program benefits including state and federal on just this one card. Japan - IrisScan, Inc. of New Jersey has announced an agreement with Sensar, Inc. of Moorestown New Jersey and OKI Electric Industry Co. of Japan to deploy it's IrisIdent(tm) products in Japan. Together they will be integrating iris recognition with Sensar's imaging systems in Japanese ATM systems. The value of the agreement is reported to exceed $41 million. Australia- Identix Inc., announced that its Sydney-based Fingerscan Pty. Ltd. subsidiary has delivered the first 100 Portable Fingerscan plug-in "reader" versions of the Company's TouchLock II(TM) fingerprint verification system to an Australian Company, Armaguard, a cash transport company. The devices will be used to control access to teller machines and other cash repositories. Armaguard plans to use Portable Fingerscans across Australia for its employees' access and for Armaguard's servicing ATMs and other cash repositories in locations where relatively few authorized individuals make routine inspection and servicing calls. The finger reader portion of the unit, generally visible to the public, is not left permanently at the site, so security is enhanced. Los Angeles,CA - North Communications announced a new line of sleek, tough kiosks. The kiosks are designed to have web capability, allow secure financial transactions, live video teleconferencing, can contain document scanners, barcode and smartcard readers, fingerprint scanners. http://www.kiosktore.com Texas - According to a PRNewswire report, the SFG Corporation announced in October that it had signed a letter of understanding to acquire an 80% interest in Biometric Access Corporation. BAC is engaged in research and development of advanced proprietary finger imaging hardware and software. Toronto - Mytec Technologies has announced that it has signed a license and supply agreement with Casino World Holdings, Ltd. to use it's unique biometric technology. According to Mytec, this agreement represents the first application of biometric encryption to secure on-line transactions over the Internet. Casino World has created an interactive multimedia gaming system with real time access to a virtual Internet casino. Biometric Encryption is the process of using a person's finger pattern to code data, such as a PIN or password. The coded data is both secure an private since only the person's live finger pattern can decode the data. http://www.mytec.com [Editors Note: In Issue I Volume I an article on the CANPASS system was authored by Emma Newham. This article first appeared in Biometric Technology Today] Veincheck Biometric Technology By Joseph Rice EU DG13 Framework 4 to Support Vein Pattern Development The European Unions DG13 framework 4 provides 100 million ECUs ( European Currency Units ) per annum for collaborative EU technology initiatives. The veincheck biometric is based on the detection and pattern comparison of subcutaneous blood vessels. A number of vein based access technologies are under consideration. Near Term 1-2 years : Physical Access Intelligent door handle for physical access control: provides automatic id from hands dorsal vein structure ( no card or pin ) limited user population. Testing arranged in major European Financial Institutions. Mid Term 2-3 years : Vehicle Access Network authentication Keypsure. This provides a biometric identification device for the pocket or purse. This takes the form of an intelligent token initiated by the users optical subcutaneous absorption pattern. Essentially the card is drawn across vein pattern a match enables the transmission of an encrypted access code to a vehicle or computer. Advantages vehicle Keypsures have a default option of transmitting the vein pattern in plain text to the vehicle ( The vehicle compares the pattern with registered users patterns: Risky ) but it ensures that legitimate users are never locked out of their vehicles they just need to buy or borrow another Keypsure. Medium Term 3-5 years ( Wrist worn Keypsures ) This system provides a wearable authentication device. The system is enabled by recognising an appropriate vein pattern wrist ( Instep ) The system via the body can authenticate the user to any device system, weapon or another human the user comes in contact with ( touches ). The EU via Framework 4 is very keen on establishing standards for IT and advanced technology systems so the development and testing of this biometric will be rigorous. For further details on veincheck and details on how to participate in this EU sponsored initiative please contact the EU project manager Ms Belen Sancha Arias at q7@pobox.co.uk. The author can be contacted at joerice@innots.co.uk CardTech/SecurTech Government 96' Held in Arlington VA. September 30 through October 1, 1996, this first government focused conference was attended by more than 500. CST seminars were held on Card Technologies, Security Technologies, Citizens Services and Government Operations. The keynote speaker was G. Edward DeSeve, Controller, Office of Management and Budget, Executive Office of the President. His remarks were based on the theme "It's in the cards! The Future of Government Card Applications." COMING EVENTS December 4, 1996 - Chicago - Speaker Verification API standards meeting December 9, 1996 - San Jose, CA, - The National Computer Security Association (NCSA) has organized the Commercial Biometrics Developers Consortium (CBDC), which will be bringing together major vendors of biometric products. The first Consortium meeting was held September 9, 1996 in Atlanta. The group hopes to increase commercial acceptance and public awareness, develop application guidelines and provide market research. A separate user focus group component of the CBDC will permit the user community to discuss their perceptions of biometric strengths and weaknesses, providing input to the vendor group. As the parent organization, the NCSA itself is dedicated to continuously improving commercial computer security through certification, sharing of knowledge and dissemination of information. The 2nd Quarterly Meeting of the Consortium will be held December 9, 1996 in San Jose, CA. For further information contact: David Harper, CBDC Consortium Manager, NCSA, 10S. Courthouse Ave., Carlisle, PA, 17013, (717) 258-1816 Ext. 207, e-mail:dharper@ncsa.com, Web site: http://www.ncsa.com/cbdc December 10, 11, 1996 - San Jose, CA. CardTech/SecurTech '96 West January 26-29, 1997 - Los Angeles, CA. Advanced Card Technology Conference '97 March 11-13, 1997 - Las Vegas, NV. Biometric Conference For Financial Institutions, Sponsored by the Biometric Digest May 19-22,1997 - Orlando, FL, CardTech/SecurTech '97 Got an event of interest to the Human Services Biometric Community? Send your information to the editor at DmintieCT@aol.com or use the mailing address on the last page of the newsletter. RESOURCES YOU SHOULD KNOW ABOUT AFB (Association For Biometrics) Contact: Mr. Peter Hawkes British Technology Group Electronics Division 101 Newington Causeway London, England SE1 6BU http://www.vitro.bloomington.in.us:8080/~BC/afb The Biometric Consortium http://www.vitro.bloomington.in.us:8080/~BC/>* The Human Identification System Project http://www.asti.dost.gov.ph/~shoreadm/HIS.html The Connecticut Biometric Web Page http://www.dss.state.ct.us/digital.htm PUBLICATIONS Biometric Technology Today SJB Services P.O. Box 20 Somerton,Somerset TA11 7YY England +44 1458 274444 http://www.sjb.co.uk Biometric Digest P. O. Box 510047 Q. St. Louis, MO 63151-0047 (314) 851-0924 http://www.anet-stl.com/~wrogers/biometrics/biodigest.html SUBMITTING ARTICLES TO THE BHSUG NEWSLETTER Submissions are invited and encouraged. Submissions must contain the authors name and organization. They must be submitted as plain ASCII text or in Microsoft Word format. All submissions can be addressed via e-mail to the editor: DmintieCT@aol.com or Mail Address: David Mintie DSS Digital Imaging Project 25 Sigourney Street Hartford, CT. 06106-5033 Editor: David Mintie Connecticut Department Of Social Services Advisory Board: Leonard Aiello Massachusetts Dept. Of Transitional Assistance Richard Nawrot New York Dept. Of Social Services Michael Greene New Jersey Dept. Of Social Services The BHSUG Newsletter is a free publication. It is published quarterly and distributed via the internet. Hard copies are available on request. Current and back issues can be downloaded directly from Connecticut's Digital Imaging Web Page: http://www.dss.state.ct.us/digital.htm