Biometric solutions are typically used for security and access control across businesses and government organizations. The US government has taken keen interest in biometric applications and has been aggressively funding advanced research programs in businesses that offer biometrics.
The Intelligence Advanced Research Projects Activity (IARPA), a U.S. government organization that funds academy and industry research, announced the launch of the Odin program in October 2017. Odin aims to develop biometric presentation attack detection technologies to better identify unauthorized user attempts and imposters. IARPA’s other programs such as Biometrics Exploitation Science & Technology and Janus also aim to “significantly advance biometric technologies.”
In April 2017, IARPA awarded AI biometric solutions provider Crossmatch a contract of $5.8 million to “develop next-gen biometric presentation attack detection technologies.” In June 2017, it funded a four-year $12.5 million contract to SRI International, an independent, nonprofit research center to “address vulnerabilities in the current biometric security systems,” specifically, fingerprint, iris and face scanners.
Biometric technology has captured the interest of many investors outside of IARPA as well. SenseTime, a Chinese AI company that offers a range of AI business solutions, including biometrics says it set a record by raising $410 million in July 2017.
How AI Biometric Technologies Work
There are two categories of biometric identification and recognition solutions: Physical and behavioral.
Physical biometric solutions use distinctive and measurable characteristics of particular parts of the human body, such as a person’s face, iris, DNA, vein, fingerprints, etc., and transform this information into a code understandable by the AI system.
Behavioral biometric solutions operate in a similar way, except they use unique behavioral characteristics, such as a person’s typing rhythm, way of interaction with devices, gait, voice, etc. This encoded biometric information is stored in a database and digitally sampled during authentication and verification.
A facial recognition biometric system identifies and verifies a person by extracting and comparing selected facial features from a digital image or a video frame to a face database. For example, an algorithm may analyze the distance between the eyes, the width of the nose, the depth of the eye sockets, the shape of the cheekbones, the length of the jaw line, etc., and encode the corresponding data as “face prints,” which can then be used to find appropriate matches in a destination database.
Readers with a deeper interest in facial recognition may want to explore our full article about facial recognition applications.
Speaker (Voice) Recognition
Speaker or voice recognition differs from speech recognition in that the former recognizes and identifies a speaker using voice biometrics and the latter analyzes what is being said. Voice biometrics include both physical characteristics, such as the shape of the vocal tract responsible for articulating and controlling speech production, and behavioral characteristics such as pitch, cadence and tone, etc.
Voice biometric solutions digitize words by reducing them to segments comprising encoded frequencies or formants and produce a model “voice print” unique to a person. This voice print is used for identification and authentication of the speaker. Our previous coverage on natural language processing has explored voice recognition in greater depth.
Most fingerprint biometric solutions look for specific features of a fingerprint, such as the ridge line patterns on the finger, the valleys between the ridges, etc., commonly known as minutiae, which are then converted to stored digital data. In order to get a fingerprint match for verification or authorization, biometric systems must find a sufficient number of minutiae patterns. This number varies across systems.
Behavioral biometrics identify and measure human activities, such as keystroke dynamics, voice print, device usage, signature analysis, error patterns (accidentally hitting an “l” instead of a “k” on two out of every fifth transaction), etc. Such behavioral biometrics are typically used as an additional layer of security, along with other credential or biometric information.
Most physical biometric solutions systems authenticate the user only once and usually at the beginning of an action, such as logging into a device or opening a door. Behavioral biometric technology attempts to fill the gap of authentication in a scenario during an action.
For instance, the original user may provide his/her credentials to another person after the user has been successfully authenticated (akin to tailgating). In order to minimize such possibilities in this case, behavioral biometric solutions analyze users’ interactions with their devices, recording activities that vary from normal usage patterns.
Palm, Fingerprint and Vein Biometrics
Veridium claims to offer a TouchlessID smartphone application which allows officers to scan a suspect’s hand and instantly compare it with finger or handprints in their connect database.
When on the field, looking to quickly confirm a suspect’s identity, or when attempting to learn more about a potential suspect, an officer can open the app on his or her smartphone and open a camera-like interface. From there, the officer can hold a scan button on the screen to scan the palm side of a suspects hand. The app will then scan a hand print database, connected before app use by the law enforcement agency. If it finds a match, it will present the names, images and prints of that identity on the smartphone screen.
While we could not find a demo for Veridium’s Touchless ID, this 2-minute video shows how Veridium ID claims to use both hand and face biometrics for access control. However, it is not clear whether its facial biometrics features have been implemented in law enforcement.
According to Veridium, its technology was used by a national police force in Europe who wanted to cut down on time needed to manually confirm a nearby suspect’s identity while also limiting the chance of wrongly jailing an innocent person. While the study noted these interests, it did not note any numbers related to wrongful arrests or suspect identity confirmation time.
According to the case study, implementation required no new hardware needs as the police force was already equipped with smartphones. To match prints, the force connected data from the country’s national Automated Fingerprint Identification System (AFIS).
While this case study was not clear about the results, it noted that this application was considered cost and time efficient for the force. It is not clear whether this force was isolated to one country or the whole of Europe. The study also did not note the time of this pilot or if the work with this entity has continued since.
CTO John Callahan has received his PhD in computer science from the University of Maryland. He also worked on biometric technology while in a previous position with the U.S. Navy’s Office of Naval Research.
Crossmatch claims to be a “risk-based composite authentication and biometric identity management” company. In 2014, it merged with Digital Persona, another biometric company, to launch its key biometric solution platform for enterprises called DigitalPersona Composite Authentication.
The platform offers the “broadest set of authentication factors,” including fingerprint scanning, face and voice recognition, and behavioral biometrics, such as keystroke, swipe and mouse action tracking, the company said. In November 2017, Crossmatch announced its partnership with BehavioSec , a Sweden-based behavioral biometrics company, which powers the behavioral biometric analyses functions of DigitalPersona.
In September 2017, Crossmatch partnered with Oxford Computer Group, a Microsoft Gold Partner that offers identity and security solutions. This announcement claims that the DigitalPersona software will be offered to Oxford’s Microsoft customer base.
Apart from the enterprise platform, the company also seems to offer a wide range of biometric solutions, most notably, fingerprint scanning and detecting solutions across various business sectors, including finance, government, law enforcement, retail, etc.
The video below shows use cases of its various biometric solutions for law enforcement, including the Digital Persona Mobile ID, an app that comes with fingerprint recognition software, which helps store and identify security and agency personnel through their biometric information.
According to a case study published by Crossmatch, the company was approached by an unspecified law enforcement organization in the United Kingdom with hopes of
- Replacing traditional time-consuming strategies for taking and matching fingerprints
- Identifying suspects more quickly
- Integrating government databases with their criminal booking processes
The organization began to use Crossmatch’s L Scan® Palm Scanners and “Store and Forward” product for Electronic Fingerprint Transmission (EFT).
Law enforcement also launched Crossmatch enrollment kiosks in over 370 police stations around the country. According to the study, these kiosks use the above noted technologies to scan, log, match and transmit palm and fingerprint information of those brought into the stations. The study noted that, in total, the kiosks received 2,500 enrollments, or scans, per day and were used on average for 3.3 million fingerprint searches every month.
The case study did not note how long the technology had been implemented for or if it has led to any results, such as arrests.
Another case study from the company notes that their software and technology of another vendor were used in a pilot with an unspecified state superior court system. The courts were looking for a more modern approach to ink-and-paper fingerprinting that was done after sentencing and used for further legal documentation.
The study also notes that they were looking for an accurate, cost-effective biometric solutions, however no information was given about the costs associated with the court’s original strategies.
The study notes that the court’s old strategy of using ink fingerprints could provide inaccuracies, as flawed or blurred ink prints could not always match an individual with their files once the prints were logged in the state legal system’s Automated Fingerprint Identification System (AFIS) database.
According to the study, Crossmatch’s scanning solution was able to integrate into the state’s database platform. Those sentenced began scanning their fingerprints with Crossmatch’s products, which automatically added them to the database.
The study also noted that the state’s eight-courtroom system was able to implement the software within four weeks and chose to continue use after the pilot was complete. It did not, however include any further numbers or information.
Crossmatch’s marquis clients include the U.S. Department of Homeland Security, the US Ministry of Defense, Crate & Barrel and Wendy’s.
While we could not find robust AI experience associated with its leadership team, Crossmatch’s Senior Vice President of Hardware Engineering, Operations, and Manufacturing, Jeff Parker, served as an engineering manager at Hewlett-Packard for over 17 years.
Japan-based Fujitsu Frontech’s signature biometric solution is the PalmSecure Sensor, an authentication device that scans the veins in the palm without the user having to make contact with the device.
A 2015 animated video explains this technology and how the biometric information is stored in the database.
In May 2017, the company announced that Fujitsu Korea and Fujitsu Frontech partnered to provide the vein recognition solution to Korea’s Lotte Card Co Ltd to facilitate a cardless and cashless payment system. “PalmSecure does not save palm vein info in the shape of an image but rather it changes the vein pattern info into data that cannot be deciphered, and then encrypts that data,” the company said.
Reduced hemoglobin inside the vein absorbs near infrared rays that makes it possible to “distinguish vein patterns that differ from person to person,” the firm added. Also, since the vein patterns do not change, as do other biometric factors, this process involves only a one-time registration.
As of March 31, 2017, about 770,000 PalmSecure devices have been shipped to 60 countries, and more than 70 million people make use of this biometrics device, Fujitsu said.
The company offers no case studies on how their software has been used in law enforcement, but has offered multiple case studies showing that their product has been used in hospitals, either for health providers who scan their palms to get into a secure area, or for the patient check-in process.
For example, one case study notes that the George Washington University Medical Center, which reportedly checks in over 1 million patients per year, came to Fujitsu with interests in streamlining and improving the accuracy of its check-in process and EHR (electronic health record) strategy. Prior to the implementation, the hospital was using paper check in forms which were later logged into an EHR.
According to the case study, the hospital piloted multiple kiosk brands which similarly took a fingerprint or other scan and found that Fujitsu’s software, which scans the palm and vein rather than just prints, was the most accurate.
The hospital also said, according to the case study, that this information, as well as health information entered by a patient at the kiosk, could be integrated to an EHR more smoothly than information entered through other kiosks.
We could not find any robust AI experience associated with the company’s executive leadership team.
Face and Eye Biometrics
Tygart Technology said it provides video and photographic analysis as well as biometric recognition systems for state and federal government clients in the United States.
Its key product is MXSERVER, a server-based “video and photo forensic analysis system.” The system processes video and photo collections extracted from confiscated computers, mobile phones, SIM cards and video surveillance systems into searchable resources. The company also said it serves the FBI by providing operation and maintenance services for its automated, national fingerprint identification system.
The video below re-enacts a “real-word scenario,” where MXSERVER could be put to use.
MXSERVER “will help prevent criminal and terrorist attacks from being carried out.” Facewatch is a London-based firm that uses the MXSERVER facial recognition platform to help businesses and police “tackle low-level crime.” The system supposedly alerts businesses when registered criminals enter the premises. It does so by matching the facial biometric information stored in a centralized watchlist.
Recently, Facewatch announced its facial recognition system installed in BRMalls in Brazil helped “capture five serious criminals in the first two months of use.” That story — and a number of other Facewatch testimonials — were covered in depth by American Security Today in October 2017. Facewatch is currently using MXSERVER as its facial recognition engine, although it can work with any system.
Readers with a particular interest in AI for crime detection should read our previous article titled AI for Crime Prevention and Detection – 5 Current Applications.
While we could not find any robust AI experience associated with the leadership team, we found that most of the company’s data analysts and software engineers have at least a bachelor’s degree in computer science or related studies.
London-based Onfido is an online digital verification platform for businesses. Among other compliances and clearances, Onfido also uses facial biometrics, as an additional layer of security, to verify individual persons. The company said it uses machine learning technology to validate a user’s identity and cross-reference it against international credit and watchlist databases.
The video below demonstrates the use of facial biometrics on the Onfido mobile website, which seems to be integrated with a banking platform. The volunteer is asked to verify her identity using two steps. First, photos of her driver’s license are scanned online.
Then, she is informed that she has to be authenticated via a “selfie” video. This, the application explains, is to make sure she is not being impersonated. In the “selfie” video, she is instructed to perform two simple steps such as turning her face to the left/right and saying the indicated numbers out loud. It is not clear from the demo or the website whether voice recognition is also part of the verification process.
The company has raised more than $60 million from big firms such as Microsoft Ventures, Salesforce Ventures and Crunchfund. More recently, Crane Venture Partners invested $30 million to fund the company’s R&D in machine learning technology.
Although the company says its application can be used for security purposes, no case studies could be found to show Onfido’s results in a security or law enforcement setting.
Machine Learning Research Team Lead Pouria Mortazavian previously worked as a software engineer at Samsung and received his PhD in Computer Vision from the University of Surrey.
EyeLock said it offers “advanced iris authentication for the Internet of Things.” Its signature product, Nano NXT, is a iris biometric recognition hardware. Nano NXT has a false acceptance rate (the likelihood of the biometric security system accepting an unauthorized user) of 1 in 1.5m in a single eye.
The video below demonstrates a proof-of-concept ATM from EyeLock and Diebold-Nixdorf, a provider of connected retail services, including smart ATMs and kiosks. This “ATM of the Future” appears to require no card or PIN number. The ATM is integrated with the EyeLock iris biometric technology, which combined with the phone banking app, recognizes the user and gives them access to withdraw cash.
The company says it owns more than 75 patents for its proprietary biometric technology. It also cites various partners that use and resell its biometric solutions. Its most recent partnerships include STANLEY Security Solutions, ViaTouch Media and Central Security Distribution.
We could find no case studies relating to the company’s work with law enforcement or with strong data showing the application’s results. While we also could not find a robust AI background in leadership, we have seen that many of the company’s software engineers have a bachelor’s or higher in computer science or computer engineering.
Sweden-based BehavioSec said it uses continuous machine learning to authenticate users based on their behavior patterns, such as pressure, gyroscope, button hit zone, motion, accelerometer, and mouse actions.
BehavioSec’s demo video explains how this technology works:
In 2012, the U.S. Defense Advanced Research Projects Agency invested in its technology, the company said. However, reps have not mention how long the project lasted, how much money was given, or if the company is still working with this branch of government.
While we could not find any specific case studies on the topic, the company announced in 2016 that they had been selected by the Pentagon, an entity of US government which holds classified national defense information, as the software which would be used to improve the government organization’s secure biometric staff login process. It is not clear when this implementation began or if it is still in effect.
BehavioSec also said it secures more than 5 billion transactions a year, although it did not provide information on the types of transactions.
Recently, the BehavioSec technology has been integrated into Crossmatch’s DigitalPersona platform to improve the products biometric capabilities to involve facial, palm and other types of recognition.
CEO Neil Costigan received his PhD in computer science from Dublin City University.
Future Revenue Forecasts in Biometrics
According to a 2017 Tractica report, biometrics hardware and software revenue will grow to $15.1 billion worldwide by 2025, with a CAGR of 22.9 percent. The report also predicts that the cumulative biometrics revenue from 2016 to 2025 will total $69.8 billion.
The report analyzes 142 use cases and infers that the largest revenue segments of biometrics will be fingerprint recognition, voice recognition, iris recognition and facial recognition. The largest application markets for the biometric technologies, according to the report, will be consumer, finance, healthcare, government and enterprise-level physical and IT security.
The iris recognition market will grow from $676.6 million in 2016 to $4.1 billion by 2025, according to the report. During this 10-year period, global shipments of iris recognition devices will increase from 10.7 million units to 61.6 million units annually, with 277.4 million cumulative shipments.
Global enterprise biometrics revenue will reach $1.7 billion by 2024, with a cumulative revenue of $7.9 billion from 2015-2024, at a 28% CAGR, according to a 2016 Tractica report. Healthcare and finance industries show the most potential for revenue growth within the 10-year period of 2015-2024, the report added.
This post was updated on August 16, 2018 with additions made by Pamela Bump
Header image credit: ZKTeco Philippines