About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« A good solution, but only if you don't understand the problem | Main | Help or hinder? »

It could never happen here

By Dave Birch posted Jan 15 2009 at 12:43 PM

[Dave Birch] Well well. Now here is an interesting story that hasn't got anything like the attention that it demands:

A South Korean woman barred from entering Japan last year has reportedly passed through its immigration screening system by using tape on her fingers to fool a fingerprint reading machine... A South Korean broker is believed to have supplied her with the tapes and a fake passport, the Yomiuri said, adding that officials believe many more foreigners might have entered Japan using the same technique.

[From Woman fools Japan's airport security fingerprint system]

Now, I wonder if the Japanese ministry of immigration (or whatever) chose that particular system on the basis that it was (according to the vendor) foolproof? That is certainly the perception of biometrics, particularly amongst politicians, but who can say? I suppose the risk analysis they carried out -- I'm sure they must have carried out a risk analysis -- would have put impersonation as a theoretical probability with a low likelihood and low chance of success. Ooops.

Other elements of this story are fascinating. The biometric system ( which cost four billion Yen) was installed in 30 airports in 2007 to improve security and prevent terrorists -- or at least terrorists that you already know well enough to have their fingerprints -- from entering into Japan. It work like the EU's system for detecting multiple asylum applications, by reading the index fingerprints of visitors and cross-checking them with an online database. Pretty secure, and only the most dedicated, well-funded and intelligent international terrorist masterminds would present a realistic threat to the integrity of the scheme. So who was the criminal terrorist genius who got through? Well, in this particular case, the woman was deported in July 2007 for illegally staying in Japan after she worked as a bar hostess. That's right: a bar hostess. She was barred from re-entering Japan for five years, but was caught in the country a year later. Clearly, her risk analysis around identity and authentication was different from the governments: it made economic sense for her to buy a way round the system just to work as a hostess, much less to bring down the government etc.

This goes back to the question that we were discussing before, about whether biometrics -- in of themselves -- make things better or worse. If people (the Home Secretary, for example) are convinced that biometrics are perfect, then they adjust their thinking to reconstitute issues in terms of problems that biometrics can solve. Of course, if I were to advance that perspective to government, I would be told "ah well, our system is better / newer / designed by the military". And, indeed, we are trialling a different system at the moment

The system at Manchester Airport can be used by adult biometric passport holders from the UK and Europe. It works by scanning passengers' faces and comparing them to the photographs digitally stored on their passports.

[From BBC NEWS | UK | Passengers test new face scanners]

Interestingly, a similar system was introduced into Japan -- I kid you not -- to stop children from buying cigarettes from machines. In that case, the gasping tots were able to defeat the bimetric security system using a very sophisticated and unimaginably devious mechanism...

The face-recognition machines rely on cameras that scan the purchaser’s face for wrinkles, sagging skin and other signs of age. Facial characteristics are compared with a database of more than 100,000 people, and if the purchaser is thought to be well over 20 years old (the legal age), the sale is approved. If the purchaser looks too young, they are asked to prove their age by inserting a driver’s license. According to Fujitaka, the machines are 90% accurate.

[From Magazine photos fool age-verification cameras ::: Pink Tentacle]

Yes, that's right. The kids held up pictures from magazines. Doh!

These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]


TrackBack URL for this entry:

Listed below are links to weblogs that reference It could never happen here:


How many times does one have to repeat that unattended biometric checks are of limited utility...

How many times does one have to ask what reason the Home Office or anyone else has for relying on today's mass consumer biometrics?


The comments to this entry are closed.