- Email: [email protected]
EC proposes to establish an entry-exit system
TECHNOLOGY
www.biometrics-today.com
ISSN 0969-4765 May 2016
data breach
Philippines election data breach sees 15.8m people’s fingerprint data posted to the web
A
massive data breach in the Philippines saw the loss of 55m voters’ details. The entire database of the Philippines’ Commission on Elections (Comelec) is reported to have been compromised and posted online. Trend Micro investigations found 15.8m records of fingerprints in data posted publicly on the web. Comelec spokesperson James Jimenez is reported to have said, “I want to emphasise that the database in our website is accessible to the public. There is no sensitive information there. We will be using a different website for the election, especially for results reporting and that one we are protecting very well.” Security intelligence firm Trend Micro blogged, “With 55m registered voters in the Philippines, this leak may turn out as one of the biggest government-related data breaches
in history, surpassing the Office of Personnel Management hack last 2015 that leaked PII (personally identifiable information), including fingerprints and social security numbers of 20m US citizens.” Trend Micro acknowledged Jimenez’ reassurances but added, “There are however discrepancies in the statements made and our findings. Comelec officials claimed that there were no sensitive information stored in the database. However, our research showed that massive records of PII, including fingerprints data were leaked.” However, fingerprint expert Chris Johnson told Wired that the biometric data may be utterly useless without access to the software that can interpret it. Johnson said there was little risk of people’s fingerprints being replicated or used for identity fraud if criminals only have access to these codes and not the images to which they relate.
EC proposes to establish an entry-exit system he European Commission has presented revised proposals for an entry-exit system to speed up, facilitate and reinforce border check procedures for non-EU nationals travelling to the EU. This is part of the broader ‘Smart Borders Package’, addressing the role of information systems in enhancing external border management, internal security and the fight against terrorism and organised crime. This comes as Italy is to introduce the fingerprinting of migrants crossing the Mediterranean
Contents News Philippines election data breach sees 15.8m people’s fingerprint data posted to the web 1 EC proposes to establish an entry-exit system 1 Thumbprint biometrics at Singaporean borders 2 Reactions to pizza provide novel brain biometrics 2 SkullConduct measures conduction of sound through the skull for ID and authentication 2 Biometric tech collaboration creates a new Rembrandt 2 Researchers flag up facial recognition racial bias 2 Japanese government pilots fingerprint payments ahead of Tokyo Olympic Games
3
Behaviosec partners with Nationwide and Unisys to build behavioural biometrics app 3 Facial recognition supports six-minute loan applications 3 NEC demonstrates IOT manufacturing solution with facial recognition
12
Technavio predicts future for gait, multimodal, keystroke and palm vein biometrics 12
Features Voice of the people: the case for biometrics in government Gregory Pal, Nuance, discusses how biometric tech can support government. 5
borders
T
TODAY
biometric
as soon as they are picked up by rescue boats, according to local reports. The proposed EC entry-exit system will apply to all non-EU citizens who are admitted for a short stay in the Schengen area (a maximum 90 days in any 180 day period). It will store alphanumeric and biometric data that is a combination of four fingerprints and a facial image. • Facial recognition technology will be tested at Paris’ Charles de Gaulle airport from next month, reports ConnexionFrance.com. Continued on page 2...
Biometrics: great for physical security, possibly a big mistake for cyber security? Hitoshi Kokumai, Mnemonic Security Inc, argues there is a false sense of security around devices that are protected by both password and biometrics.
7
Using biometrics to understand your business’s risk profile Derek Northrope, Fujitsu, reports.
9
Regulars Events Calendar
3
News in Brief
4
Product News
4
Company News
4
Comment 12
ISSN 0969-4765/16 © 2016 Elsevier Ltd. All rights reserved. This journal and the individual contributions contained in it are protected under copyright by Elsevier Ltd, and the following terms and conditions apply to their use: Photocopying Single photocopies of single articles may be made for personal use as allowed by national copyright laws. Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use.
www.biometrics-today.com
ISSN 0969-4765 May 2016
data breach
Philippines election data breach sees 15.8m people’s fingerprint data posted to the web
A
massive data breach in the Philippines saw the loss of 55m voters’ details. The entire database of the Philippines’ Commission on Elections (Comelec) is reported to have been compromised and posted online. Trend Micro investigations found 15.8m records of fingerprints in data posted publicly on the web. Comelec spokesperson James Jimenez is reported to have said, “I want to emphasise that the database in our website is accessible to the public. There is no sensitive information there. We will be using a different website for the election, especially for results reporting and that one we are protecting very well.” Security intelligence firm Trend Micro blogged, “With 55m registered voters in the Philippines, this leak may turn out as one of the biggest government-related data breaches
in history, surpassing the Office of Personnel Management hack last 2015 that leaked PII (personally identifiable information), including fingerprints and social security numbers of 20m US citizens.” Trend Micro acknowledged Jimenez’ reassurances but added, “There are however discrepancies in the statements made and our findings. Comelec officials claimed that there were no sensitive information stored in the database. However, our research showed that massive records of PII, including fingerprints data were leaked.” However, fingerprint expert Chris Johnson told Wired that the biometric data may be utterly useless without access to the software that can interpret it. Johnson said there was little risk of people’s fingerprints being replicated or used for identity fraud if criminals only have access to these codes and not the images to which they relate.
EC proposes to establish an entry-exit system he European Commission has presented revised proposals for an entry-exit system to speed up, facilitate and reinforce border check procedures for non-EU nationals travelling to the EU. This is part of the broader ‘Smart Borders Package’, addressing the role of information systems in enhancing external border management, internal security and the fight against terrorism and organised crime. This comes as Italy is to introduce the fingerprinting of migrants crossing the Mediterranean
Contents News Philippines election data breach sees 15.8m people’s fingerprint data posted to the web 1 EC proposes to establish an entry-exit system 1 Thumbprint biometrics at Singaporean borders 2 Reactions to pizza provide novel brain biometrics 2 SkullConduct measures conduction of sound through the skull for ID and authentication 2 Biometric tech collaboration creates a new Rembrandt 2 Researchers flag up facial recognition racial bias 2 Japanese government pilots fingerprint payments ahead of Tokyo Olympic Games
3
Behaviosec partners with Nationwide and Unisys to build behavioural biometrics app 3 Facial recognition supports six-minute loan applications 3 NEC demonstrates IOT manufacturing solution with facial recognition
12
Technavio predicts future for gait, multimodal, keystroke and palm vein biometrics 12
Features Voice of the people: the case for biometrics in government Gregory Pal, Nuance, discusses how biometric tech can support government. 5
borders
T
TODAY
biometric
as soon as they are picked up by rescue boats, according to local reports. The proposed EC entry-exit system will apply to all non-EU citizens who are admitted for a short stay in the Schengen area (a maximum 90 days in any 180 day period). It will store alphanumeric and biometric data that is a combination of four fingerprints and a facial image. • Facial recognition technology will be tested at Paris’ Charles de Gaulle airport from next month, reports ConnexionFrance.com. Continued on page 2...
Biometrics: great for physical security, possibly a big mistake for cyber security? Hitoshi Kokumai, Mnemonic Security Inc, argues there is a false sense of security around devices that are protected by both password and biometrics.
7
Using biometrics to understand your business’s risk profile Derek Northrope, Fujitsu, reports.
9
Regulars Events Calendar
3
News in Brief
4
Product News
4
Company News
4
Comment 12
ISSN 0969-4765/16 © 2016 Elsevier Ltd. All rights reserved. This journal and the individual contributions contained in it are protected under copyright by Elsevier Ltd, and the following terms and conditions apply to their use: Photocopying Single photocopies of single articles may be made for personal use as allowed by national copyright laws. Permission of the publisher and payment of a fee is required for all other photocopying, including multiple or systematic copying, copying for advertising or promotional purposes, resale, and all forms of document delivery. Special rates are available for educational institutions that wish to make photocopies for non-profit educational classroom use.