Globally and nationally the issue of biometric ID documents has been gaining momentum. As the world endeavors to meet the US State Department’s biometric passport requirements, Canadian politicians have also started talking about the inevitability of national biometric identity documents.
However, there is little information so far about what is happening and what is proposed. To better inform public discussion, this FAQ provides background about biometrics, ID systems, and the policies that underlie Canada’s policy and decision-making in this area. This is an evolving list of questions, with new questions continuing to be added and answers refined. If there is a question or topic that you think should be included, or an answer updated, please let us know.
What are biometrics?
What kinds of biometric technologies are there?
What makes for a technically workable biometric?
How do biometric ID systems work?
What are the system challenges?
What claims are made about the benefits of biometrics?
What are the main concerns?
Will a biometric ID system help prevent terrorist attacks?
What ID documents in Canada use biometrics?What uses of biometric ID documents are currently being discussed?
Top
Questions:
What are biometrics?
Biometrics are understood to mean the machine-assisted “identification or verification of living persons using their enduring physical or behavioral characteristics” [1]. The term includes all of the hardware, software, firmware, and the supporting information management and retrieval infrastructure used in the process of individuation of a particular individual [2].
1. Johnson, M.L., Biometrics and the threat to civil liberties, Computer, 2004, 37(4): p. 92.
What kinds of biometric technologies are there?
Many different types of biometric technologies are in use or in development. The most common approaches use: fingerprints, voiceprint, hand geometry, face recognition, iris scans, palm recognition, handwriting and signature analysis. Some of the more novel proposed approaches include: walking and running (gait), nasal width and naso-labial angles, earlobe capillary patterns, and even eye movements. Virtually any quantifiable biological process or state is fair game in the pursuit of finding a universal, distinct, permanent, and collectable biometric characteristic.
The common biometrics being considered for biometric ID documents are: facial recognition, iris scans, and finger scans. For example, in 2003 the International Civil Aviation Organization (ICAO) announced that Facial Recognition Technology (FRT), relying on a digital facial image, was selected as the primary biometric identification process for machine readable travel documents for those member states who choose to employ biometric technologies as part of their travel documents. US-VISIT, the biometric entry-exit system at air, marine, and some land ports of entry to the United States, currently collects a digital photo, finger scans of both index fingers and plas to inclue all 10 fingers; while both the CANPASS Air and NEXUS Air programs rely on iris biometrics.
How do biometric identity systems work?
There are three key processes of a biometric identity system: enrollment, authentication, and identification.
In the enrollment stage, people are registered in the system. In the case of a biometric travel document, once the traveler’s identity is proven/accepted by the authorities of the system (i.e., passport officers), then the biometric is captured (i.e. a digital image is taken) and the individual is enrolled when the system converts the biometric into a database template. The template, depending on how the system is designed, is then stored centrally in a database, or on chip in a card or other token, or in both.
The biometric template is then used to “authenticate” an individual’s identity. Authentication is the process where the biometric algorithm compares new input to the established template to answer the question, “are you who you say you are?” Authentication is what is known as a 1 to 1 relationship in which one new subject is compared to one established identity template. For example, the holder of a travel document using an iris biometric system might be required to put his or her ID card into a reader and have his iris scanned in order to allow the system to determine whether the iris of the person carrying the document matches the data held on the card. See also: the Computer Professionals for Social Responsibility FAQ on National Identity Schemes (NIDS), Question 2, which describes enrollment and authentication within a NIDS.
There is a third process that biometric technologies, unlike other identity systems, can perform: identification. If new input does not match a specific template, a biometric system can be asked to search its entire database to determine the identity of the new input subject. Identification is a 1 to many process, meaning that the person being scanned is compared to all the records in the database. This could be used, for example, in an airport setting. If a security watch list held biometric data in the form of a facial biometric, surveillance cameras could be used to try to identify those individuals in crowd situations. One of the largest scale operations of this kind was used at the 2001 Super Bowl in Tampa Bay, Florida [1].
Currently, biometric authentication systems are significantly more robust and reliable than identification systems. It is easier to compare two images for verisimilitude then to try to identify an unknown person who may or may not have a recorded template in the system (if a template does not exist, the person will not be identified).
[1] McCullagh, Declan, Call it Super Bowl Face Scan I, Wired Magazine, February 2, 2002.
What are the challenges for effective biometric ID systems?
Essentially, a biometric system consists of statistical pattern recognition software. Biometric systems are susceptible to three types of errors that limit their effectiveness in given contexts. The types of errors are known as the Failure to Enroll (FTE), False Rejection Rate (FRR), and False Acceptance Rate (FAR).
Failure to Enroll: The FTE error occurs at the point of enrolment or registration in the system when, for whatever reason, the individual’s biometric cannot be captured or translated into a template. For instance, the grooves in some individuals’ fingerprints are not sufficiently deep to allow that biometric to be captured, or an individual might not possess the physical feature that forms the basis of the system, like eyes or fingers.
False Acceptance Rate (FAR): The FAR is the rate at which the biometric software inaccurately authenticates an individual with a stored template. A false acceptance occurs when an individual is matched to an identity that is not truly theirs. In other words, the person is accepted by the system even though the template or identity document they are being compared to is not really who they are—the system has falsely accepted them.
False Rejection Rate (FRR): The FRR is the error rate of individuals inaccurately rejected by the system. A false rejection occurs when an individual presents valid biometric ID documents but the system cannot successfully match them to their established template.
Generally, systems balance these false acceptance and false rejection rates by modifying the degree of sensitivity in the readers. If the readers are set at a very low tolerance, then the slightest variation between the new reading and the template will produce a false rejection even if the document belongs to the person being scanned. If the readers are allowed a high tolerance, allowing more room for variation, then the likelihood of FAR increases. A very low tolerance level may reduce the FAR but may also produce long lines as people are falsely rejected by the system and are subjected to further scrutiny.
What are the arguments in favour of biometric technologies?
Arguments in favour of using biometrics for identity documents tend to break down in two main types: increased security, and greater efficiency or convenience.
The security argument is comprised two aspects: security of personal information, and national security. Supporters argue that, when used for personal information security, biometric technologies will help solve identity theft and fraud. By using a biometric instead of a PIN, for instance, only the individual with the corresponding biometric would be authenticated. Biometrics are also often suggested as a means of increasing national security, particular in the context of passports and other travel documents. This argument maintains that being able to definitively link an individual to the identity document they present will increase national security.
The second type of argument in favour of biometrics relates to their ability to increase convenience and efficiency. Particularly with commercial biometric systems, one of the often cited reasons for implementation is convenience. Biometric venders maintain that biometric based checkout counters at grocery stores, for example, will be more convenient for shoppers—no need for a wallet or even a credit card as long as you have your finger!
At airports, machine-assisted processing promises greater efficiency. The argument suggests that biometric identity readers will reduce check in times.
Lack of public participation and accountability:
One of the most significant concerns with the current approach to policy and decision-making around biometrics ID documents is the lack of public information about specific initiatives. Public debate and participation allows for free speech and democratic scrutiny from multiple perspectives—presenting the position and concerns of the general public. Open transparent debate contributes to a government’s ability to develop better, more acceptable public policy with greater accountability. Without access to information, the possibility of open debate and democratic participation is seriously hindered.
Overstatement of benefits
At least some of the benefits of biometric technologies may be overstated. For example, in the case of increased personal information security, advocates suggest that using biometrics will eliminate identity fraud and theft. This perspective however, does not take into consideration that biometrics--a statistical pattern recognition technology—do not function with absolute certainty. Nor do biometrics, as a technological solution, address issues of hacking, human error, or administrative protocols that plague current systems. In essence, biometric technologies are one more layer of technological bureaucracy susceptible to hacking and other forms of circumvention.
There is also the concern that identity theft could become more serious in a biometric ID system. For instance, if an identity thief was to enroll successfully in a biometric system using another person’s identity, or obtain access to someone else’s template, the original individual cannot, for example, get a new face like a new PIN. The victim, whose identity was stolen, will have a much harder time reestablishing the validity of their identity, faced with contradicting biometric data.
Root documents:
A major issue with biometric travel documents relates to the enrollment process and how the individual initially proves his or her identity. While biometric ID documents are intended to be highly secure, the process of validating an individual’s identity in order to issue a biometric ID document is (currently) based on other documents like birth certificates and driver’s licenses—which have been known to be falsified on occasion.
Threat to privacy:
Biometric ID systems are can threaten privacy and other civil liberties, depending on how they are designed, what accountability processes are put in place, and the degree of transparency of the system. One foreseeable concern include, depending on how and when the documents are used, and whether this is recorded centrally or shared by networks, is greater levels of systemic surveillance. This could lead to monitoring particular individuals’ movement and /or affect freedom of movement. Privacy concerns also emerge from infrastructural issues of how biometric information—highly personal and sensitive—is stored and used. If the infrastructure and protocols of the system are not transparent, it will be difficult for people to know how their information is being used, shared, and disclosed.
Will a biometric ID system prevent terrorist attacks?
One of the key justifications for the implementation of biometric ID systems is they will help prevent terrorist attacks. However, none of the perpetrators of the World Trade Center attacks, the Londonbombings, or the Madrid bombings, used false IDs. Using biometric IDs to authenticate individuals may only help security by making it harder for an individual to impersonate someone else, but it will not prevent people who legally obtain identification.
If the system is to have any hope of preventing terrorist attacks, it must include a data matching process against watch lists and other data sources that allow authorities to infer a particular person as a threat, which is usually based on past criminal activity or anomalous behaviour. Individuals with no past criminal activity will not be caught by the system, while innocent individuals maybe falsely accused based on anomalous behaviour.
So a terrorist who has a clean record and does not behave in a way that draws suspicion, will not be flagged by the system no matter how sophisticated the biometric data is. This is particularly problematic since the current terrorist threat often comes from individuals who blend in. Training manuals seized in a raid in London are clear that potential terrorists are instructed to blend in, to avoid any activities that would lead to suspicion. [1] The terrorists who attacked the World Trade Center in 2001, for instance, all had legal visas, likely would have been able to obtain biometric ID documents under their own name, and most would not have been flagged by any internal security checking mechanism. Thus, detection systems that focus on identifying abnormal or suspicious behaviour are not likely to help deter terrorism. More information here.
The other problem is data matching systems risk identifying individuals who pose no threat and subjecting them to additional scrutiny and security procedures. We need only to think of the US no-fly lists and some of the more notorious identification errors – Yusuf Islam (formerly Cat Stevens) being barred from entering the United States, or Senator Ted Kennedy being flagged by the no fly system – to understand how these systems of data matching can have significant effects on individuals.
Bottom Line: biometric ID documents can only authenticate an established identity (which may be falsified) and DO NOT REVEAL INTENT—a first time suicide bomber will not necessarily be stopped by the system; and most suicide bombers do not reoffend.
If too much credence is given to biometric technologies, as a society, we may develop a false sense of security—thinking we are safer than we really are.
What ID documents in Canada use biometrics?
Biometrics are already used in several state issued ID documents. These include the voluntary border crossing cards CANPASS, NEXUS, FAST, and the Alberta Driver’s License.
CANPASS Air is a voluntary border crossing card. Under the CANPASS program, run by the Canadian Border Services Agency, frequent travelers to Canada, once enrolled, are able to pass more quickly through Customs. The CANPASS program also includes: Remote Border Crossing, Private Aircraft, Commercial Aircraft, and Marine components. For more information click here.
NEXUS is a joint program between Canadian Border Services Agency, Canada Customs, Citizenship and Immigration Canada, and US Customs and Border Protection. It includes Air, Highway, and Marine sub-programs. Like CANPASS, it is for individual travelers, but NEXUS is accepted in both Canada and the United States. NEXUS Air is the most established program, followed by NEXUS Highway. NEXUS Marine will conduct a pilot test this summer (2006) in the St. Claire/Lake Erie area. The NEXUS programs are part of the Smart Borders Declaration and Action Plan between Canada and the US.
NEXUS Air
Biometric used: NEXUS Air uses an iris biometric.
Who is eligible: Permanent residents and citizens of Canada and the US are eligible to apply to this program.
Application process: The process involves an application, security check, followed by an interview. The successful applicant then enrolls in the program to receive their ID card.
Where the program is in place: The Vancouver Airport only, both at the Canada Inspections Area and US Preclearance areas.
NEXUS Highway
Biometric used: fingerprint biometrics (each index finger) and a digital photo, which appears on the card
Who is eligible: Permanent residents and citizens of Canada and the US are eligible to apply to this program.
Application process: The process involves an application, security check, followed by an interview. The successful applicant then enrolls in the program to receive their ID card.
Where the program is in place: At 11 border crossings:
- British Columbia/Washington
- Pacific Highway/Blaine
- Douglas/Peace Arch
- Boundary Bay/Point Roberts
- Southern Ontario/Michigan/New York
- The Bluewater Bridge in Sarnia/Port Huron
- The Ambassador Bridge in Windsor/Detroit
- The Peace Bridge in Fort Erie/Buffalo
- The International Tunnel in Windsor/Detroit
- The Rainbow Bridge in Niagara Falls, Ontario/Niagara Falls, New York
- The Whirlpool Bridge in Niagara Falls, Ontario/Niagara Falls, New York
- Quebec/New York/Vermont
- Lacolle, Quebec/Champlain, New York
- St. Armand-Philipsburg, Quebec/Highgate Springs, Vermont
For more information see:
All NEXUS programs
NEXUS Air
NEXUS Highway
NEXUS Marine
The Fast and Secure Trade (FAST) program is a partnership between Canada Border Services Agency, Citizenship and Immigration Canada and the US Bureau of Customs and Border Protection. Unlike CANPASS and NEXUS, FAST is focused on facilitating trade and ensuring the smooth flow of goods across the Canada-US border. It covers importers, carriers, and drivers. All participants must provide their fingerprints and have their photo taken to enroll, following a successful security and criminal record check and interview. FAST is part of the Canada-US Smart Borders Action Plan.
For more information click here.
The Alberta Driver’s License has used a digital facial image and facial comparison software since 2004.
For more information click here.
What uses of biometric ID documents are currently being discussed?
It is likely that requirements to enter the United States, under the Western Hemisphere Travel Initiative, will force Canada to implement some form of biometrically-enabled travel document. Recently, the discourse is pointing to some form of border crossing card. However, e-passports have also been discussed. Other forms of biometric ID documents that have come up are biometric visas and national ID cards.
Border Crossing Cards
Under the implementation of the Western Hemisphere Travel Initiative, as of December 31, 2007 (possibly later if the US House of Representatives follows the US Senate in passing an amendment postponing that deadline until June 1, 2009), all people entering the United States will require a passport or other accepted card to authenticate citizenship and identity, likely requiring a biometric. There has been a significant amount of press coverage from April to the present (June 2, 2006) on how Canada will respond, but the government’s approach remains unclear. Some stories include:
- US security chief stands firm on border cards, CTVnews, April 18, 2006.
- New security cards with suit both countries, Bush says, CBCnews, May 22.
- US likely to delay cards at border, Globe and Mail, May 31, 2006.
- In-depth – Passports to security, CBC, June 1, 2006.
E-passports
Since 2001, there has been talk of incorporating biometrics in the Canadian Passport. The current Canadian passport (redesigned in May 2002) does not use biometrics but uses a number of new fraud prevention features.
The first suggestion of using biometrics (on a smart chip) on the passport appears in the Smart Borders Action Plan of December 2001. The idea of using biometrics in the passport also appears in Canada’s National Security Policy of 2004, “Securing an Open Society: Canada’s National Security Policy”. A total of $10.31 million over three years was dedicated to this initiative.
The original plan was to begin a trial in early 2005, starting with Canadian diplomats, and to launch the passport for all Canadians later that year (see “Canada to introduce biometric passport”, Globe and Mail, July 22, 2004. A copy can be found online. This has not occurred.
The first, (and only) annual report on Canada’s National Security Policy “Securing an Open Society: One Year Later”, released in April 2005, acknowledges a delay but indicates that a biometric passport, using a biometric chip for facial recognition, is being developed and anticipates implementation in for August 2006. However, since that time, the government has changed and “Securing an Open Society” was an initiative of the former Liberal government. It is not clear how the current Conservative government under Stephen Harper will approach the issue of biometric passports.
Biometrics as part of visa requirements for immigrants and refugees
The Canadian government is set to begin a trial to collect biometric data from immigrants and refugees. Most information about this comes from a May 6, 2006 article in the Vancouver Sun that relies of internal documents obtained through Freedom of Information requests. The trial will cost approximately $3.5 million in the following locations: Vancouver Airport, two border locations in British Columbia, a refugee processing centre in Etobicoke, Ontario, and visa offices in Singapore and Seattle. The biometrics will be used to “confirm” the identity of immigrants, although how this will be done is not clear. [1]
According to a Notice in Citizen and Immigration Canada’s media centre, the test trial will use fingerprint and facial biometrics. The testing will help determine which system is chosen and how to best operationalize biometrics to identify individuals applying to enter Canada. The company contracted to run this test is Unisys Canada Inc. [2]
1. Biometric Screening program planned, Vancouver Sun, May 6, 2006
2. Notice: To Develop Biometric Field Trial, Citizenship and Immigration Canada, Media Centre
National ID Cards
In 2003, then Minister of Citizenship and Immigration Dennis Coderre proposed a national ID card using biometrics for Canadians, and the Standing Committee for Citizenship and Immigration launched a public consultation process with a discussion paper (no longer available online). Minister Coderre also held a stakeholder consultation (by invitation only). The Standing Committee then released an interim report: “A National ID Card for Canada: Report of Parliamentary Committee on Citizenship”. The report recommended against a national ID card for Canada and the
initiative did not continue.
Recently, Minister of Public Safety Stockwell Day intimated that a national ID might be an option, in addition to other considerations including a biometric or e-passport and specific border crossing cards, for meeting the US requirement to present a passport to enter the United States as of December 31, 2007 under the Western Hemisphere Travel Initiative. (see “Day puts national ID cards back on the table”, CTVnews)
For information see:
A National ID Card for Canada: Report of Parliamentary Committee on Citizenship and Immigration, Interim Report (October 2003).
Biometrics: Implications and Applications for Citizenship and Immigration (October 7-8, 2003) S
What is the role of Canada-US relations and border policy in the Government of Canada’s initiatives on biometric ID documents?
Several policies seem to have direct implications for the development of biometric ID documents: the Canada-US Smart Borders Declaration and Action Plan, and the Western Hemisphere Travel Initiative.
The Smart Borders Declaration and its associated Action Plan is a formal agreement between Canada and the United States signed in December 2001. The purpose of this Declaration and Action Plan is to ensure “the secure flow of people, the secure flow of goods, a secure infrastructure, and the co-ordination and sharing of information in the enforcement of these objectives”.
Until December 2004, regular status reports and updates were published on both the Canadian Department of Foreign Affairs and International Trade websites. The most recent Status Report was released in December 2004.
The agreement focuses on information sharing and technological solutions to identification of individuals. With respect to the issue of identity documents and biometrics, the following Action Plan points are of interest:
1) Biometric Identifiers
- Jointly develop common biometric identifiers in documentation such as permanent resident cards, NEXUS, and other travel documents to ensure greater security.
According the December 2004 Status Report:
- Agreed to develop common standards for biometrics
- Agreed to adopt interoperable, compatible technologies to read these biometrics
- Mutual desire for cards that can be used across modes of travel (e.g., marine, air, road)
- Work with the International Civil Aviation Organization to determine and develop international standards for biometrics for travel documents
- NEXUS Air program using iris recognition and the NEXUS Highway program fingerprints
- Canada’s Permanent Resident Card (Maple Leaf Card) was designed with the capability of storing biometrics, although at this time it does not.
- Canada will be issuing facial biometrics in passports on a smart chip by mid-2005 (this has not yet happened)
- US will start piloting passports that include biometrics by the end of 2005 (this has not yet happened)
- Development and expansion of US-VISIT, which collects index fingerprints and facial biometrics from all foreign nationals entering the United States, except Canadians and Mexicans at this time.
2) Permanent Resident Cards
- Develop and deploy a secure card for permanent residents that includes a biometric identifier.
Although Canada launched an international award winning permanent resident card (Maple Leaf Card) on December 31, 2003, which includes numerous security and fraud prevention features, it does not include a biometric at this time, but does have the capacity to hold one.
3) Single Alternative Inspection System
- Resume the NEXUS pilot project, with appropriate security measures, for two-way movement of pre-approved travelers and discuss expansion to air travel.
The NEXUS programs have been further developed. The NEXUS Highway program is now in place at 11 border crossings. According the December 2004 Action Plan Status Report, as of October 21, 2004, the program had enrolled approximately 71,000 participants. NEXUS Air is operational at the Vancouver International Airport. And, NEXUS Marine will be piloted this summer (2006).
Western Hemisphere Travel Initiative
The Western Hemisphere Travel Initiative was develop to implement parts of the US Intelligence Reform and Terrorism Prevention Act (IRTPA) of 2004, which requires all individuals entering the United States (including Americans) to present a passport or other secure identity and citizenship document by 2008. The Department of Homeland Security in the US believes that some documents other than passports will be acceptable, such as border crossing cards like NEXUS and FAST.
The current deadlines in the IRTPA are:
- December 31, 2005 - Apply the requirement to all travel (air/sea) to or from the Caribbean, Bermuda, Central and South America.
- December 31, 2006 - Apply the requirement to all air and sea travel to or from Mexico and Canada.
- December 31, 2007 - Apply the requirement to all air, sea and land border crossings.
These impending deadlines have recently caused some discussion in the press, between Canadian and US officials, and among border cities. One concern relates to what type of ID document should be used – a biometric or e-passport, a special border card, an enhanced version of already existing documents like driver’s licenses, etc. There is also significant concern from border cities about the effect of this legislation on trade and tourism. The concern has been so great that the US Senate passed a bill to postpone the deadline from December 31, 2007 to June 1, 2009. The bill has not yet passed in the House of Representatives (as of June 1, 2006).
For more information on the Western Hemisphere Travel Initiative click here.
Department of Homeland Security FAQs.
For more information on changing the deadline for compliance, see:
Border ID cards have a long way to go, report says, Globe and Mail, May 31, 2006
What other policies (domestic and international) have a role in Canada’s position on biometric ID documents?
Two additional policies have direct implications for Canada’s approach to biometric identification and travel documents: Securing an Open Society: Canada’s National Security Policy (2004) and the International Civil Aviation Organization’s May 2003 resolution on biometrics and machine readable travel documents.
Canada’s National Security Policy
In 2004, the Canadian government released its first ever national security policy “Securing an Open Society: Canada’s National Security Policy”. While this publication looks at all aspects of national security, Chapter 7: Border Security is most relevant to the issue of identity documents and biometrics.
Chapter 7 states that Canada will implement facial recognition biometrics (a digitized facial image) in the Canadian passport. The “Security an Open Society: One Year Later” report states that this technology is being developed and tested with the intention of implementation by August 2006 (p. 41). Chapter 7 also states that Canada will continue to work with the United States on completing the Smart Borders Action Plan, including the NEXUS program and the Fast and Secure Trade (FAST) programs.
Given the recent change in leadership of the Canadian Parliament, it remains to be seen whether the Harper government will continue on the course laid out by Paul Martin’s Liberal government.
International Civil Aviation Organization
The International Civil Aviation Organization (ICAO), on May 28, 2003, passed a resolution in 2003 (http://www.icao.int/icao/en/ro/wacaf/APIRG/APIRG14/index.html) that the facial biometric was to be the primary standard for member states wishing to employ biometrics in their travel documents. Following the ICAO announcement, in 2004 the Canadian government announced their intent to include Facial Recognition Technology (FRT) in a new Canadian passport.
ICAO was established in the United States in 1944 by 52 states “as a means to secure international co-operation and the highest possible degree of uniformity in regulations and standards, procedures and organization regarding civil aviation matters.” In 1947 the ICAO was permanently seated in Montreal, Canada and now has a membership of 189 countries.
Home | Online Forum | FAQ | Webcast | Contact
This event was sponsored by the Stepping UP Academic Iniatives Fund at the
Faculty of Information Studies, University of Toronto and by the SSHRC-funded
Information Policy Research Program's Digital Identity Construction project.