Home > Biometrics > An Onslaught of Biometrics?

An Onslaught of Biometrics?

June 24, 2011


Yes­ter­day, I was stand­ing in a check­out line at the gro­cery store sur­rounded by the usual items — a wide selec­tion of can­dies, celebrity mag­a­zines, and diet tips. Of course, one of the mag­a­zines was adver­tis­ing a com­bi­na­tion of two themes: a celebrity diet. I’ve always found these diets incred­i­bly silly, not because the advice is nec­es­sar­ily bad, but because the whole mat­ter of eco­nomic incen­tives is left out of the equation.

Celebri­ties don’t stay in shape thanks to spe­cial tech­niques or a superb per­sonal trainer. Rather, the profit motive does most of the work. In order to con­tinue mak­ing mil­lions every year, celebri­ties must stay incred­i­bly fit. If each of our read­ers were offered a mil­lion dol­lars per year to stay in shape, we’d all see the pounds falling off rapidly. The aver­age per­son sim­ply doesn’t have the same incen­tives as actors and actresses. Most Hol­ly­wood denizens don’t stay fit because of fab­u­lous diets — they have a very pow­er­ful mon­e­tary incen­tive that keeps them on those diets. The rest of us can cheat; we don’t have a movie shoot com­ing up in a few months.

But isn’t health and a long life enough of an incen­tive? Yes and no. As a doc­tor friend of mine once said, “You want to know the quick­est way to lose weight? Dia­betes.” Essen­tially, his point was that he’ll tell peo­ple over and over to watch their weight and exer­cise, but most don’t get it until they receive a life-threatening diag­no­sis. When faced with a very real direct incen­tive, peo­ple start exercising.

How­ever, incen­tives aren’t only impor­tant for one’s waist­line. They’re even more impor­tant for one’s invest­ments. At Casey Research, one of our 8 Ps of resource stock eval­u­a­tion includes people.

If the indi­vid­u­als who run a com­pany have the right incen­tives, they can do a lot of good. If not, they can do much dam­age to your port­fo­lio. Many incen­tive struc­tures are dif­fi­cult to fer­ret out. For exam­ple, I was study­ing an energy com­pany a few months back and really got a good feel for it. One of the last things on my list was an analy­sis of the com­pen­sa­tion struc­ture. It seemed appro­pri­ate at first blush: the bonuses were hardly extra­or­di­nary. But here was the catch: I under­stood the deriv­a­tives struc­ture of the firm quite well and fig­ured out that man­age­ment would receive huge bonuses sim­ply by the price of nat­ural gas rising.

The CEO would receive a more than com­fort­able salary of a few mil­lion dol­lars regard­less of the company’s per­for­mance. But if the price of nat­ural gas shot up, the deriv­a­tives depart­ment would make a huge profit, and the CEO would receive mil­lions for his “per­for­mance.” If any­one deserved those mil­lions, it was surely his traders.

With these sorts of incen­tives in place, an excel­lent per­for­mance from man­age­ment is incon­ceiv­able. With the cor­rect incen­tives, an actor can keep look­ing like he’s 25 years old until he’s nearly 50. And with poor incen­tives, a CEO can crash a com­pany staffed by thou­sands of intel­li­gent peo­ple in a mat­ter of years. The impor­tance of peo­ple won’t show up in the stock charts, but it’s a big mis­take to over­look this factor.

For the rest of the issue, Alex Daley will cover advance­ments in bio­met­rics. The reti­nal scan and fin­ger­print iden­ti­fi­ca­tion have been the stuff of movies for ages. Is it time for bio­met­rics to finally apply in our daily lives? Alex answers this ques­tion and more.


The Com­ing Bio­met­rics Onslaught

By Alex Daley

For many years tech­nol­ogy prog­nos­ti­ca­tors have warned about the com­ing onslaught of “bio­met­rics”: a fin­ger­print instead of one’s credit card at the ATM to draw cash, or a reti­nal scan at the bor­der to ver­ify one’s iden­tity against one’s pass­port. Yet with decades of research and devel­op­ment behind the tech­nolo­gies, very few wide­spread uses of bio­met­rics have found their way into our lives.

That is start­ing to change, how­ever — and if the lat­est tech­nol­ogy is any indi­ca­tion, you can prob­a­bly expect a lot more bio­met­rics in your life real soon.

When we think of tech­nol­ogy, we often dream of the whiz-bang new capa­bil­i­ties it has brought to our lives, from ATMs to DVRs to smart­phones. For a tech­nol­ogy to go main­stream, first and fore­most it gen­er­ally has to also reduce someone’s “pain” — whether that be sav­ing busi­nesses money, or allow­ing an indi­vid­ual to con­ve­niently catch his or her favorite program.

Ulti­mately, it usu­ally comes down to the end user of a piece of tech­nol­ogy who has to like the out­come before it will really catch on in a big way. Just because banks would pre­fer to save money with ATMs doesn’t mean cus­tomers will pre­fer them over live tellers. But put them in places where one can’t put a bank — like con­ve­nience stores and malls — and sud­denly they are ben­e­fi­cial to both par­ties. That’s a recipe for wide­spread proliferation.

This is the prob­lem that bio­met­rics has suf­fered for decades: End users not only usu­ally get lit­tle to no ben­e­fit, but they incur a sig­nif­i­cant per­ceived (and pos­si­bly actual) risk by using the sys­tem and giv­ing up a dig­i­tal copy of this highly per­sonal iden­ti­fi­able information.

Give a crim­i­nal a record of your fin­ger­print, and he will find a way to sub­mit that record to the sys­tem with­out actu­ally need­ing your fin­ger. Advances both in tech­nol­ogy, as well as in secu­rity prac­tices, have made that sce­nario less likely. Con­nec­tions between sen­sors and com­put­ers can be made vir­tu­ally hack-proof using secure com­mu­ni­ca­tions tech­niques that are resis­tant to spoof­ing and man-in-the-middle attacks. Data is encrypted from end to end. Much more thought is put into secu­rity of new tech­nol­ogy now than a decade ago, thanks to the high-profile breaches we have all become so accus­tomed to hear­ing about these days.

But even if bio­met­ric sys­tems have become rel­a­tively secure, up to this point they have been gen­er­ally unre­li­able. For many decades, the pri­mary pur­suits of bio­met­ric researchers have been the two ends of the spec­trum, from the seem­ingly sim­plest and most read­ily avail­able — the fin­ger­print — to the fig­u­ra­tive holy grail — the retina scan. Both have suf­fered from major, insur­mount­able problems.

Fin­ger­prints, despite the pos­i­tive rep­u­ta­tion gained from tele­vi­sion crime dra­mas, are sim­ply not that unique. The sys­tems used to mea­sure them dig­i­tally are cheap and widely avail­able now. How­ever, they have a ten­dency to achieve large error rates when match­ing against large data­bases of sam­ples. This is because they are inher­ently impre­cise, sam­pling just a few spots. If they are to be made more pre­cise, the cost sud­denly becomes rel­a­tively imprac­ti­cal for the lim­ited improve­ment in match rates. Fin­ger­prints just make bad iden­ti­fiers. The machines also usu­ally require you to phys­i­cally touch the sen­sor, which can make them less durable and sub­ject to breakage.


We’ve all seen the movie scenes where reti­nal scans are much more pre­cise. They look at the pat­tern of tis­sue in the eyes which is incred­i­bly unique, and doesn’t suf­fer from the pre­ci­sion prob­lems that fin­ger­prints have been long known to have. It also doesn’t require a user to touch the actual sen­sor, since it uses light to take its mea­sure­ments. That means less wear and tear and more reli­a­bil­ity. But it also requires the user to keep the eye­ball rel­a­tively still (a very hard thing for some peo­ple to do), and usu­ally to put one’s head into a machine that makes it eas­ier for the hard­ware to see and rec­og­nize the eyeball.

In one word: uncomfortable.

Researchers have posited that tech­nol­ogy could be devel­oped to make reti­nal scans work from across the room — in a mat­ter of mil­lisec­onds — just by hav­ing a user look at a focal point (like a cam­era lens at the DMV). How­ever, the real­ity has proven more com­pli­cated than the the­ory (as it usu­ally does), and no work­ing sys­tem like that has ever been demon­strated to work in the field, at a low cost, and be mass producible.

That’s where the local hos­pi­tal comes in — if you live in New York City, that is. The NYU Lan­gone Med­ical Cen­ter has recently launched a new biometrics-based reg­is­tra­tion sys­tem for patients. At check-in to the med­ical cen­ter, one is asked to present a hand for a quick palm scan.

The sys­tem they’ve employed, pro­vided by HT Sys­tems, uses infrared light to read the pat­tern of veins in a palm. The result is an image like this one:

It might not look like much, but this image of the blood-flow pat­tern within a hand has proven about 100 times more reli­able than fin­ger­prints, accord­ing to the test­ing done by NYU Lan­gone prior to choos­ing the sys­tem. It is less intim­i­dat­ing than a reti­nal scan, much cheaper to imple­ment, and alto­gether more practical.

The vein pat­tern is matched up against the med­ical records data­base, and if a patient already has a record he is checked in imme­di­ately, with no forms to fill out. The elec­tronic health record (which launched in tan­dem with the bio­met­ric check-in sys­tem) is then acces­si­ble to the doc­tors and nurses who need it through­out the hos­pi­tal system.

The impe­tus behind the sys­tem from NYU’s per­spec­tive was to avoid costly mis­takes when reg­is­ter­ing patients. Their data­base has over 125,000 records with match­ing names. When using forms, mis­takes hap­pen where the wrong patient is checked in, and the wrong med­ical records are pre­sented to the doc­tors and nurses. In the best of sce­nar­ios, this causes con­fu­sion and delay. In the worst-case sit­u­a­tion, seri­ous injury or death can result when the wrong med­ica­tion is given or sim­i­lar mix-ups occur. Such errors bring seri­ous lia­bil­ity to the hos­pi­tal, so their moti­va­tion is obvi­ous for want­ing a sys­tem that can poten­tially reduce human error, save time, and reduce liability.

But what about patients? Have they reacted well to the sys­tem, which has been in use for just over a week now?

Despite what one may at first think, patients have appar­ently taken to the sys­tem with very lit­tle push­back. The rea­son most cited is that elderly patients espe­cially find it much eas­ier than try­ing to read and fill out forms every time they arrive. Instead, one just presents a palm and is ready to go.

A hand­ful of patients each day have refused to use the sys­tem, but accord­ing to NYU rep­re­sen­ta­tives the pri­mary con­cern is not pri­vacy but “radi­a­tion.” The sys­tem employs infrared light to do its scan­ning, not x-rays or other dan­ger­ous forms of radi­a­tion, so at least those con­cerns are unwarranted.

In press releases and inter­views online, the rep­re­sen­ta­tives from NYU Lan­gone insist the sys­tem is secure. And one can imag­ine few instances where an attacker, other than a mali­cious one intent on pro­vid­ing incor­rect data to the sys­tem, would have a desire to access or manip­u­late the data. The palm­print alone is not suf­fi­cient to access any med­ical records. That still requires secure login by hos­pi­tal staff. It is only a record loca­tor at this point.

How­ever, if the same tech­nol­ogy is even­tu­ally employed by banks or credit card com­pa­nies — pos­si­bly as a bet­ter alter­na­tive to ATM PIN codes — sud­denly the data out­put by these sys­tems will be much more valu­able. We can only hope that hos­pi­tals, banks, and the com­pa­nies who help them imple­ment these sys­tems use best prac­tices for secu­rity and stick to mul­ti­fac­tor authen­ti­ca­tion (e.g., some­thing you have, and some­thing you know) and secure com­mu­ni­ca­tions. Even then — as recent inci­dents with hacked credit card ter­mi­nals at Aldi, Michaels, and other national chains have proven — every com­plex sys­tem is only as secure as its weak­est point. In this case, we may be reliant on hos­pi­tals to secure our data — some­thing they have proven to not do well so far, with hos­pi­tals around the coun­try guilty of los­ing patient records from clin­i­cal tri­als, epi­demi­ol­ogy research stud­ies, and var­i­ous other programs.

The palm-scan tech­nol­ogy has almost all the ear­marks of a poten­tially main­stream tech­nol­ogy. The sys­tems are cheap to pro­duce, reli­able, and accu­rate. They save their buy­ers money by reduc­ing com­plex mis­takes or fraud. And hos­pi­tal patients are — so far — see­ing a direct ben­e­fit from the use of the sys­tem. One ques­tion now remains: If the bio­met­ric onslaught is finally about to begin, how will it affect our secu­rity? Only time will tell.

For now, we wel­come the con­ve­nience of the new tech­nol­ogy at the doctor’s office, but will remain skep­ti­cal of using it beyond that. We cer­tainly don’t intend to give it up at the local gro­cery store to pay for the junk food that is going to send us to the hos­pi­tal with a heart attack soon enough…

[Did you know that tech­nol­ogy has become the sin­gle largest sec­tor of the Amer­i­can econ­omy? Even so, invest­ing wisely in tech stocks isn’t easy. Put the exper­tise of Casey Research to work for you, with a risk-free, three-month trial sub­scrip­tion to Casey Extra­or­di­nary Tech­nol­ogy. Details here.]


Addi­tional Links and Reads

New York Fed­eral Reserve Mum on Miss­ing Iraq Bil­lions (Politico)

If you’re already in a frus­trated mood, please don’t read this arti­cle. It could result in angrily throw­ing your key­board across the room and smash­ing your mon­i­tor. From the early years of the Iraq war, $18.7 bil­lion in cash is miss­ing — pre­sumed to be stolen by Iraq offi­cials. Whoops! Sorry, taxpayers.

PIMCO’s El-Erian Pre­dicts Greece, Oth­ers Will Default (Reuters)

PIMCO has become increas­ingly bear­ish on Greece and the other PIIGS (but it’s also bear­ish on U.S. Trea­suries). Fur­ther­more, PIMCO’s head of Japan port­fo­lio man­age­ment cut hold­ings of Japan­ese bonds. All this makes one think, “Which country’s bonds are worth buy­ing?” Accord­ing to the same man­ager, those coun­tries are Aus­tralia, Canada, Brazil, and Mex­ico. What has the world come to when Mex­i­can bonds appear attractive?

Who Really Ben­e­fited from QE2 Any­way? (Mar­ket­Watch)

Mar­ket­Watch points out that small investors largely missed the QE2 stock mar­ket boom. Accord­ing to the Invest­ment Com­pany Insti­tute, small investors were cash­ing out right before the boom in stock prices and were jump­ing back into the mar­ket in April and Feb­ru­ary as the run-up lost steam. This is a well-known pat­tern among retail investors — they exit and enter at the worst times.

That’s it for today. Thank you for sub­scrib­ing to Casey Daily Dis­patch.

Vedran Vuk
Casey’s Daily Dis­patch Editor

%d bloggers like this: