FAQ

FREQUENTLY ASKED QUESTIONS ON del-ID® TECHNOLOGY

 

 

What is the difference between Identification and Authentication ?

    Identification may refer to an Individual, an Account Number, or Access Privileges.  The identification process may use a Pass Card, a SmartCard or a simple code typed on a computer workstation or terminal.

    Authentication is the technique of confirming that the Individual invoking the Access Identification procedure is authorized to do so.  Among the traditional methods used are: comparison of a picture on a Pass Card, or the use of a "secret" password.

    The modern direction is towards the use of Biometrics.

What is BioMetrics ?

    BioMetrics refers to the use of an individual's biological or behavioral characteristic (eg, derived from: a fingerprint, the iris of the eye, voice, or an image of hand or face) to Identify or Verify the Identity of the Individual.  See "Biometrics Personal Identification in a Networked Society" by Prof Anil Jain, Michigan State University, for a more detailed overview of the issues.

     

Are there different levels of BioMetrics ?

    There are three levels of Biometric Data Collection: Image, Minutiae or Characteristics, Analog Transformation.  All three can be used for Identification of an individual, as well as for Authentication - with varying degrees of difficulty, depending on the system implementation.

    The first two levels are reversible - the Image or Characteristics collected from an individual for Authentication can be used to Identify the individual outside the Security Authentication System (ie, Privacy is NOT preserved , neither practically nor even in principle).  Note that Fingerprint, Face and Iris are typical of the general Identification Images used by both public (law enforcement) and private (security) organizations.  Any implementation of a truly secure public or private Authentication system must guard against even the possibility of being compatible with databases of such Identification Images.

    Analog Transformation records the Interaction of the individual's finger, face or iris with the analog biometric device - before conversion of the result to a digital form.

     

What is BioMetric Authentication ?

    An Access Security Device collects data in the form of an image or set of characteristics from an individual (eg, from a finger, voice, hand, face, or eye).  The results may be compressed and/or encrypted within the device, then are transmitted to a local computer or SmartCard, or to a Central Security Server, where they are compared against the same set of data previously collected for the same individual.

    Matching is usually NOT 100% accurate (except for systems based on the minutiae of the iris of the eye, or using a transformed interactive image such as the del-ID), so that a high degree of security requires that there must be a small possibility of allowing unauthorized access (called FP or False Positive).  This usually implies there will be a high percentage of rejects of valid attempts at Authentication (called FN or False Negatives).  Commercially acceptable levels are of the order: 1 in 10,000 for FP, and 1 in 100 for FN.

     

Does BioMetric Authentication preserve Privacy ?

    NO, except for the del-ID system.  All (current) forms of Biometric Authentication use digital methods of detecting and/or capturing the Biometric Characteristics that are stored in a database for comparison.  These Biometric Characteristics can, in principle, be used to identify individuals outside the Security Access System.  For example, the possibility exists that the image of a fingerprint, voiceprint or iris scan could be used to generate enough detail that a national database could be searched to identify the individual.  This possibility in itself is enough justification for both government and many private interests to avoid implementing any system that provides for uses outside that of strict Identification and Authentication - within the context of a single security system.

     

     

     

Is BioMetric Authentication subject to Hacking ?

    All data, including Biometrics other than the del-ID , are collected and transmitted in a standard format as a string of bytes or characters - see "DRAFT ANSI/NIST ITL 1-1999 Data Format for the Interchange of Fingerprint, Facial, … Information".  The del-ID Biometric data (delgram) is a string of 8,000 bits with a different sequence of data bits for each Authentication Event.

    Hacking or decryption generally relies on knowing both: the general format of the data stream and some clues as to what the unencrypted data looks like.  The del-ID Abstract Image (delgram) appears as a completely random string of 8,000 bits, generated by a non-digital process, with no "beginning mark", and not even clumped into bytes or characters.  Furthermore, the delgram is made up by digitizing the results of an analog process of Interactive Biometric Feature Extraction - there is NO WAY to correlate the delgram with any Biometric Feature Image of the individual being authenticated.

    The unique analog signal processing in the del-ID system provides automatically for the protection of individual Privacy, and for making Authentication "Virtually Hacker-proof".  Even if the del-ID system were used to Identify an individual, the process used has no reference to a previous image of a fingerprint that could be used outside the del-ID system to identify the individual for any other purpose, or to copy such an image for unauthorized Access by a different individual.

     

How will advances in computing, such as Quantum Computing, have on the issues of Privacy and Hacking ?

    Commercial microprocessors are now increasing their computing power by a factor of 10 every 3 years.  The greatest advances in the future will improve problem solving by thousands or millions of times over present methods by means of radically new computing architectures.

     

    There are two distinct types of computing techniques directly applicable to Hacking:

     

    1) Discovering an RSA encryption key - an ideal type of problem for Quantum Computing (The Sciences, July/August 1999, p.24).  This is a new type of computer architecture and involves completely new types of hardware components.

    2) Pattern Detection (eg, Fuzzy Sorting of all Internet references by Similarity) - now being investigated as Biologic Computing.  This a new architecture of computing which can be implemented with current hardware components.

 

    Quantum Computing (QC ) is capable of direct and successful attacks on encryption systems based on RSA.  Biologic Computing (BC) is a more general tool, less focused than QC for the RSA-type problem, but can be used in Hacking encryption schemes based on more complex transformations.  The best hope for ensuring a long (secure) life to an encryption system today is to avoid relying on RSA-type of encryption security, and to also avoid any obvious patterns generated as data or keys.  del-ID avoids both problems - NOW.

     

What are the details of the del-ID Biometric Authentication System ?

    ØThe del-ID first detects that the finger belongs to a living individual.

    ØThe del-ID then REMOVES all the features normally captured by fingerprint scanners (ie, the surface ridges or minutiae).  The 3-D video process relies on information never captured by a fingerprint process, so even without the life detector a fingerprint image COULD NOT be used in place of a real finger.  Dirt and Moisture DO NOT disturb the video processing.

    ØThe del-ID performs an analogic transformation of the "inner" characteristics of a finger, WITHOUT forming a visual image of the minutiae first.  Thus, there is NO DETAILED Image that can later be recreated from the Authentication Database.

    ØThe finger never comes in contact with a surface that could retain an image that could be used later for ANY purpose.

    ØThe result of the video processing is a bit-string of this analogically transformed data, without reference to placement of data bits relative to any physical location on the finger.  This is equivalent to putting a Picasso abstract portrait on a Rubic's Cube - even if you solved it, you wouldn't recognize the resulting image.  This is called the del-ID Abstract Image (this is called the delgram).

    ØFrom this block of approximately 8,000 bits transmitted to through the Security Network, a selection appropriate to the application (typically 10%, up to 40%), is used by the Authentication Server (or SmartCard) to perform the match against the Database.  This selection is called the Electronic Signature.

    ØNo encryption is necessary, although it may be added to early implementations for compatibility with legacy systems.  Hacking is "Virtually Impossible" as the only option is to send duplicate of a previous 8,000-bit data block - immediately recognizable as a Security Violation.  The same individual using the same Security Access Device will generate a different delgram of 8,000 bits on each use  still containing the information that will cause a TP or True Positive result when matched to the Database.

    ØNot only is it unnecessary to encrypt the Abstract Image before transmission, the delgram itself can be used as a non-RSA encryption key - not crackable by the techniques evolving now for encryption based on mathematical transformations using digital-generated keys, such as the RSA standard.

     

How is Authentication actually performed ?

    Authentication is performed in a secure location - ie, inside a SmartCard, or by a Secure Network Authentication Server.  Implementers are provided with our standard Authentication Software, plus a library of software modules to allow rapid development of unique authentication safeguards, should the application demand it.  Inter-working standards will be set by the Standards Working Groups, as is done now for existing security standards.

     

Is the del-ID compatible with existing Encryption techniques and systems ?

    Yes.  The del-ID can be used securely without the addition of other encryption, and can even replace other methods when the del-ID signature is used as an encryption key.  However, the del-ID can be embedded in a "legacy" system with the del-ID signature used as if it were a very secure password or PIN.

     

What is so special about Analog Transformation ?

    In Engineering, there is an expression: "The Real World is Analog".  Just as digital music (CD) "mimics" real (ie, analog) music, so do digitized images "mimic" the analog reality seen be the lens of a camera.  The great success of "morphing" of digital images, as in films such as Terminator 2, is because digital images are susceptible to manipulation, including decryption, even though it takes a great deal of computing to do so.  From the point of view of digital processing, including digital encryption, an analog transformation appears like a transformation of Reality - no digital process can reverse a transformation that is outside its universe (or domain).

    The del-ID alters its own analog scanning process depending on the detailed characteristics of the individual finger (ie, NOT the fingerprint in the usual sense). It could be said that the analog image encrypts itself before it is encoded as a string of digital bits.  The delgram (or Abstract Image) records the Analog Interaction of the individual's finger characteristics with the del-ID hardware. This strictly a one-way process - even in principle there is no reversal possible - the record of analog interaction cannot be used to form an image for identification purposes outside the system in which it is used!

    Note that the resulting string of bits is not organized into bytes, as digital images must be, nor does the string of bits have any correlation with the real fingerprint - the video processing starts at a random place on the fingerprint image and continues until 8,000 bits have been generated.  Whereas a Pixel in digital imagery usually means a digital approximation of a specific area of an image, there is no such organization in the delgram.  This adds a further degree of "encryption" within the del-ID device itself.

     

Where in the US Government is the del-ID most useful ?

    The del-ID uniquely combines very high security (ie, personal, non-transferable, "virtually unhackable"), with 100% guarantee of Privacy.  The fact that it combines a secure personal biometric authentication with complete Privacy makes it ideal for use in all National Programs: Social Security, Medicare, Medicaid, Welfare, Customs, etc.  There is an obvious extension possible to similar applications operated by State and Local administrations.

    Military Applications include very high security authentication, in peace and war, for:

    Øphysical access to all military installations,

    Øaccess to computer workstations and networks, and

    Øconfirming the identity of personnel, both active and casualty, in the event of loss    of all personal ID.

    Many Critical Infrastructure Installations combine the need for high security and protection of individual privacy, as they combine national security interests with a large proportion of civilian staff.

     

     

     

What agencies, outside of the US Government, have evaluated the del-ID ?

    There have been several technological evaluations made by project groups working on national programs for various foreign governments:

     

    Ø Europe - Mobile Intelligent Agent for Managing the Information Infrastructure (MIAMI).  The del-ID has been chosen as the sole Access Authentication Technology to be initially tested in laboratory and pilot implementations for this project linking the computer systems of all EEC governments into a European Intranet.  Full implementation is scheduled to begin in 2000.

     

    Ø China - National Medical Insurance, Military and Student ID, Old Age Benefits, and National Debit Card System have been targeted under the project management of the Tianjin Global Magnetic Card Co.  GMCC is the sole licensed manufacturer of cards for VISA and Mastercard in China.  An agreement in principle has been signed, with an open implementation schedule.

 

    ØCanada - Projects for a National Social Insurance card, and for two Provincial Medicare card systems are under study, with a decision expected within 6-12 months.

     

    There have been several technological evaluations made by International Corporations for commercial applications, such as secure workstation access, e-commerce (eg, webphone), and physical access security.  These are among the largest and most technologically sophisticated companies in the world.  Project details are Commercial Confidential.

     

Is the del-ID System the same for Military, National Government and Commercial applications ?

    Depending on Licensee requirements, the del-ID can have a different implementation for each class of application.  There is no possibility for a commercial implementation to be used to gain knowledge about access to military security systems.  Commercial applications can be cross compatible at the level of the del-ID device to reduce implementation costs - for example: webphones and workstations for e-commerce, smart card authentication for ATMs and retail use of major credit and debit cards.

    First production units are expected to be available in 4Q 1999.  Specialized units for use in Military and Critical Infrastructure applications must have design and manufacturing details determined as part of a joint development project.  Production Prototypes of such specialized units are typically available four months after agreement on these details.

 
Next Page

[Previous Page]  [Back to Index]  [Next Page]

Copyright 2001 delSecur. All rights reserved.