Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.10: Biometrics in identity management
 |
Title: THE INTEGRATION OF BIOMETRICS IN ELECTRONIC DOCUMENTS ISSUED BY THE GOVERNMENT |
 |
The integration of biometrics in electronic documents issued by the government
In this section, we investigate the possibility to integrate biometrics in electronic documents issued by the government, which is an application of the government controlled ID model (Type 1). We discuss some of the privacy issues that arise with the integration of biometrics in these documents, and we present some solutions to tackle them.
Identity documents and issues
Identity documents come in many flavours and have many applications. According to their purpose, we can distinguish between “general purpose” identity documents on one hand, like national identity cards, and identity documents that were issued for a specific purpose on the other hand, like health insurance cards, travel documents or passports.
In general, identity documents provide three basic functionalities: identification; authentication of the owner; and storage of information needed to perform the first two functions, or other information related to the owner’s identity such as the owner’s address, gender, noble condition, etc.. Depending on the application, these functions are performed automatically or manually. Many governments already claim to be issuing biometric passports or eID cards because the owner’s digital picture is stored in the document. This picture is, in many cases, only usable for manual verification of the owner’s identity, and requires the presence of a human verifier. One can argue that this is hardly a biometric document.
The intended usage of the documents often determines their structure and limits their potential for including biometrics. Nowadays, travel documents are often no more than a paper booklet containing an integrated RFID chip with limited functionality; while the majority of the European national eID cards are smart cards with extended computational capabilities; e.g., many eID cards can be used to generate electronic signatures for strong authentication or to create legally binding signatures. Tamperproof smart cards offer more flexibility to include biometrics in a secure and privacy-friendly way than RFID chips.
Biometrics add security to applications because they provide a stronger link between the card and the card holder, thus between the physical and the electronic identity (see also above, section ).
e-Government applications are used on a large scale, often nationwide, and therefore not all biometric modalities are suited for integration into identity documents because they do not offer a high degree of distinctiveness. However, one might consider using a “less unique” modality if it is only used to control the release of less critical information. An evaluation of suitable biometrics for e-Government applications and smart cards has been carried out by Dessimoz and Richiardi.
Privacy issues with biometrics have been explained in chapter , and in the following section we will present three possible architectures that offer a decentralised solution for integrating biometrics in identity documents.
As mentioned previously, one of the main functions of identity documents is to authenticate the holder. Very often, electronic identity documents are used to authenticate users online, with the incentive of getting access to a certain resource on the Internet. Therefore, the described systems also fit in the access control model (Type II).
| |
   |
|
| 31 / 40 |
