THE PROBLEM WITH A FINGERPRINT SENSOR

This entry was posted by Friday, 6 September, 2013
Read the rest of this entry »
A THROWBACK?

A THROWBACK?

FINGERPRINTS

The new IPhone is expected to have a fingerprint sensor which MISTER ScienceAintSoBad thinks is a great (marketing) idea. People trust fingerprints. If you really want to protect your phone do it with fingerprints.  It”s as close to perfect security as you can get.

So let me ask you something.

How do we know that fingerprints  can be trusted? Is it for real? Does every single person on earth really have a unique paw print?

It is in courtrooms, where where fingerprints matter the most. And there, the fingerprint evidence is judged by an “examiner” who’s opinion, in effect, is the fingerprint since the jurors don’t get to see the originals.  How good are they? Do they ever  hang the wrong guy? What if the prints are smudged? Or partials? What about examiners who slug back a couple on work days? Are you telling me there’s never a deal where the examiner screw it up?

Matching prints

FINGERPRINT

The International Association for Identification (the fingerprint guys) administered a proficiency test to 156 examiners.

Not that it was worried.

Still.  How could it hurt to have some proof?  Maybe back off some skeptics. The results were a surprise.

“Despite the absence of objective standards, scientific validation, and adequate statistical studies, a natural question to ask is how well fingerprint examiners actually perform. Proficiency tests do not validate a procedure per se, but they can provide some insight into error rates. In 1995, the Collaborative Testing Service (CTS) administered a proficiency test that, for the first time, was “designed, assembled, and reviewed” by the International Association for Identification (IAI).The results were disappointing. Four suspect cards with prints of all ten fingers were provided together with seven latents. Of 156 people taking the test, only 68 (44%) correctly classified all seven latents. Overall, the tests contained a total of 48 incorrect identifications. David Grieve, the editor of the Journal of Forensic Identification, describes the reaction of the forensic community to the results of the CTS test as ranging from “shock to disbelief,”..

(That’s taken from Wikipedia)

They flunked their own test – and  they didn’t do much better when they were retested later. Can we expect better from smartphone sensors?

We don’t know.

Apple probably won’t share its secrets. (Does it ever?)  We won’t know how good the rejection rate is on those sensors but why should they push too hard? The lower the rejection rate (the sloppier the fingerprint sensor is about allowing a false match), the more convincing the fingerprint magic will seem. After all, this more about user convenience.

Until someone swipes the phone.

Loosening up on the rejection rate means the idea that only you can unlock your phone is wrong.  You’re not the only one.  Actually? There are three of you. Maybe a thousand of you. Maybe, even, a million. The odds are still pretty stiff against any one who swipes the phone being among the lucky million.

That’s good enough for me.

The IAI deserves credit for its transparency. At least we know the idea of fingerprinting perfection is an illusion. If, indeed, Apple uses this technology, isn’t it fair to ask for something similar?

0 0 0 0 0 0 0 0 0 0 0 0 0

Both drawings are mine

 

 


Leave a Reply