:(
I thought it was excellent, never had any problems and got me past some very long queues.
The UK Border Agency's multi-million-pound hi-tech eye-scanner programme is in danger of being scrapped, with two airports ditching the service and registration now closed. A UKBA spokeswoman told The Register that the system was "under review", but Manchester and Birmingham airports have already stopped using their scanners …
I suspect the primary reason for people loving it (me included) was the small amount of uptake - guaranteed short queue. The actual time to manoeuvre through it was no quicker than the manual method, perhaps longer - the processing time on it was torturously slow.
My only objection to it closing being the lack of alternative for some - I'm not renewing my passport just to get a sodding chip in it. Just let it run it's course until all passports are ubiquitous again.
Although step backwards with e-passports - with IRIS I don't even need to take my passport out the bag. Same cant be said of e-passports...
You're not wrong about the e-passports, I finally got a chance to use mine to a couple of months ago at Gatwick... I was all set for the queue when a nice lady shouted out "Anyone with a chip passport over here", and six of us went... Six of us placed our passports flat on the scanner, one proceeded through pretty quickly to the facial scan bit. The remaining five, myself included tried and tried again.
I reread the instructions and confirmed I was doing it correctly (I'm a programmer, so please don't tell anyone I read those twice!).
I checked with my other half, who was the only one it had worked with, that I wasn't doing anything "stupid" and she confirmed she had done exactly what I, and the other four were doing. I even tried the machine she'd just had success with.
At that point I gave up and just walked to the humans who were there for the failure scans. I proclaimed "Stupid broken technology" and received the kind of expression that says "tell me about it" from the person behind the desk.
Still, it did allow a queue jump, just from having the chip symbol on the passport, so I guess a win. Next time I won't waste so much time trying to use the damn thing before opting for the human.
Iris technology has always been good for those people for whom it works. There has been a consistent 3-5% of people for whom it never works, and it still gets thrown by silly things like excess tears in the eyes (so don't yawn or have a cold when you need to go through). So anecdata for the people for whom it works fine is not relevant to whether it is effective as a system.
There's also the trade-off between camera optical quality and price: using cheap optics means relatively low tolerance in where the eye is placed, but they were never going to shell out on decent cameras (ISTR the banks testing high-quality optics for cash point iris recognition were £30k a shot).
Hmm...
"Iris was good technology at the time, but faster and more reliable options have become available and have been rolled out across the border so that's where we are with things."
I call "bullshit".
The people I saw having genuine problems with it were those with glasses. However UKBA kept telling people they didn't need to remove them. The rest all turned out to either not be registered, or looking in the wrong peep hole.
It was superb for avoiding queues - I renewed my passport just before biometrics came along, and it was good til 2015. Looks like I'll be renewing earlier.
If you want to use automatic gates, you now need an e-passport. I've not got one yet either and have a similar expiry date. But I think £85.67 (when you include postage etc) is a bit steep for a passport renewal!
The new e-gates are now finally supposed to be available at all major airports:
http://www.ukba.homeoffice.gov.uk/customs-travel/Enteringtheuk/e-passport-gates/
The only good thing about the electronic gates is that there are no queues. The technology appears to be a crock of shit.
Takes ages to read the passport, then you go through a barrier and stand in front of a camera. This takes even longer.
And all this is with no instructions posted. I expect we are supposed to guess how to use it.
I tried several times to register for IRIS at manchester airport. I can't claim to fly often, but everytime I flew from there, I'd look for the IRIS office to register. The first time I was there too early for the office to be open, the next 5 times I was flying from T2 and due to the refurb's the office was closed. Then when I flew after the refurb's had finished I specifically looked for the office, found it and found a note saying that the office would not be re-opening and to go and register in the office in T1... well, that's fine if you're flying from T1...
I guess it's all moot now, but I did try and register every single time I was in the departure lounge there...
dave
Yes. They stopped manning them ages ago (when management first thought about scrapping the gates) - you actually were supposed to either:
Ring and book an appointment (if you weren't flying).
Or if you were in the departure lounge, ring them on an internal phone. There were supposed to be posters around, but the instructions were mainly on their website. Not great.
It's a cunning and subtle plan - if you look at all the expensive out of action technology and just give a slight shrug then you are obviously British.
If you stare at it saying, "how can all this not work in a modern technological western country" then you are obviously a foreigner.
Brilliant eh ?
At Schiphol they have Privium which is also an iris recognition system but this is paid for by subscription which isn't cheap at something like €150 per year, but it would keep subscribers to frequent travellers who would know how to use the system properly.
No they cannot. Repeat after me - UK cannot join Shengen because of the _OTHER_ circus - the national identity one.
Shengen requires:
1. A working national ID system which is mandatory, not elective like passports.
2. A working database to back it up which provides appropriate audit and appropriate access control. Anyone having access to anything is definitely not acceptable.
3. The access control not just there, but used properly by assigning the correct rights and scopes of access. Council clerks snooping on parents to verify that they are not cheating on kindergarden applications are definitely not acceptable. Neither is acceptable to give inappropriate access to a private company - example Consignia and the RIPA (in the initial gov't exec orders and guidelines to enforce that).
None of that is available in the UK and none of this will be available any time soon as it will leave a number of "vested interests" out of a job.
As someone who travels through all of Shengen multiple times per year and someone who deals with taxes, NI, etc in a typical Shengen "database nation" I can say - UK only loses out of that.
Sod it, so I'll have to endure the queues for passport control in future instead of walking pretty much straight up to an IRIS booth and onward. Bollocks.
I've had zero problems getting my eyes lined up in the 5 years I've been registered but have seen loads of people fail to understand that they need to hold their head still to get it to work.
The e-Passport gates are in my experience, shit. The ones at T4 in LHR are always out of order, the ones at T5 were turned off last time I was there and the ones at Stansted failed to let about 90% of people in front of me in the queue through for seemingly no reason.
I'll also be missing out on the confused look on peoples faces who didn't read the sign that clearly stated that the IRISH booths were for registered people only and would then get the arse when they'd get to the front of the queue and realise they'd joined the wrong queue and have to go to the back of the queues at the desks.
If these, or any other officials, were actually paying attention to what all that new technology does, instead of letting themselves be dazzled by the slick salescritters and marketeers, they wouldn't have bothered. Biometrics are fine and useful for criminal investigations. Not so much for casual identification. At all.
Cut all that crap and invest in competent customs and border agents. Enough of those and the queues will vanish faster than you can install yet another pervy scanner.
The whole thing was never about reducing queues but reducing staff. In the long term this is supposed to save money except it rarely does because the machines are a) very expensive and b) not very reliable and usually c) don't increase the security of the situation.
Every time I fly to and from the UK I'm amazed that the queues seem to take the airports by surprise when they know well in advance from the airlines how many people they need to be able to process. This can be quite farcical at times: I remember one guy closing the ticket scanner in a vain attempt to reduce the number of people joining the queue for the body scanning: another wasteful money pit. The solution is simple: hire more staff when you know you're going to busy. Who knows, people who pass through controls might spend more at the countless tat bazaars that now fill airports. Manchester's "shopping slalom" is particularly annoying and I am severely tempted to let my luggage catch the odd display as I'm herded through.
Instead we got more "security officers", for which read barely literate goons manning the pervy scanners. And we've gotten less secure, but lots more harassed, in the bargain. The costs went up, the security surcharges too, and all it bought us was having to remove our coat, belt, and shoes before boarding, and a bigger chance of getting brought up on charges for clearly harmless but ill-conceived jokes.
The problem of course is that detecting "something funny" requires people experienced at assessing people. The whole rigamole is about rather arbitrary symptoms (kept secret and kept a moving target both), assuming "where there's smoke there must be fire", and a lot of nitwits with attitude to fiddle with them buttons on the expensive machines.
For all I care you board with a pocket knife, a leatherman, a "that's no knife, this is a knife", matches, even sticks of TNT in the back pocket, a couple bottles of water or wine or whiskey, and whatever else you fancy, as long as the rest of the passengers can trust you're not going to be a problem. That, however, the current crop are completely and utterly unable to ascertain. And no technology is going to change that.
Unless of course next to your fancy IBM 9974 mind reader at the airport gates you add an IBM 9975 mind writer to stamp out anything the state doesn't want to see in the traveling mind, and an IBM 9976 mind controller to make sure the passengers stay put in their airliner seat. While I daresay the ethical implications go a bit beyond warrantless tapping or shutting down anything, I'm not at all sure the various governments of the supposedly free and democratic western and first world wouldn't jump at the chance. For your own protection, of course.
This post has been deleted by its author
"UKBA is busy investigating the scandal that erupted when it was claimed that fingerprint checks were regularly abandoned"
It's only a scandal if fingerprint checks work. The scandalised assume that they do. But then the scandalised don't necessarily know the first thing about the technology and don't have to use it.
Brodie Clark, former head of the UK Border Force, did have to use it. And he said the technology doesn't work. You can watch him say it to the Home Affairs Committee here -- http://www.parliamentlive.tv/Main/Player.aspx?meetingId=9445&st=11:36:43 starting at 12:18
Now, how sure are you that there was a scandal?
Still wavering? How about we add in the fact that at Calais, for "clandestines" only, UKBA have abandoned fingerprinting? Staff have got better things to do -- http://www.dmossesq.com/2012/01/theresa-may-damian-green-keith-vaz.html
You can be scandalised about fingerprint checking being dropped if you like. Or you can be scandalised about fingerprint checking being adopted in the first place. I'd go for the latter, me.
Aadhaar is an Indian identity management scheme operated by the Unique Identification Authority of India (UIDAI) to register all 1.2 billion Indians, identifying them by their biometrics only. They're on track to register 200 million Indians by 31 March 2012 and have just been authorised to register the next 200 million.
Here's a bit of homework, two short reports to read:
1.Role of Biometric Technology in Aadhaar Enrollment -- http://uidai.gov.in/images/FrontPageUpdates/role_of_biometric_technology_in_aadhaar_jan21_2012.pdf
2. India boldly takes biometrics where no country has gone before -- http://www.planetbiometrics.com/creo_files/upload/article-files/India_boldly_takes_biometrics_where_no_country_has_gone_before.pdf
From 1., you will find that UIDAI are using fingerprints and iris scans as a single, composite, "multi-modal" biometric. The biometric failure to enrol rate is 0.14%. The false positive identification rate is 0.057%. The false negative identification rate is 0.035%.
From 2., you will find that UIDAI recommend that any national identity management scheme which doesn't use iris scans is doomed to "catastrophic failure". Ditto if the scheme isn't multi-modal. Ditto if the scheme doesn't use competing matching algorithms at the back end. Catastrophic. Failure.
Q1. What are the performance figures for the UKBA scheme equivalent to UIDAI's 0.14%, 0.057% and 0.035%? If we don't know the answers to those questions, we don't know if the UKBA scheme is good, bad or indifferent.
Q2. UIDAI don't bother to use face recognition. Why do UKBA?
Q3. UKBA don't use iris scanning, multi-modal or competing matches. What is to stop their scheme, IABS (the Immigration and Asylum Biometric Service) from being a catastrophic failure?
Q4. Do you think IABS will make the UK border secure and the 2012 Olympics safe? Why?
Those percentages seem impressively small until you multiply them by 200,000,000 at which point we find that 280000 indians will fail to enrol in the system -- too bad for them.
If you tried checking the population's ID once each, 70000 people would be wrongly decleared to be using false ID, and 114000 would get away with using someone else's (or perhaps be identified as a terrorist instead -- it's not clear what false positive means here).
So it seems like somewhere between a quarter and half a million indians are likely to end up one ID check away from a pretty unamusing time after this system is implemented.
With a new passport it took me ages to (unnecessarily) re-register my eyes. The LHR and LGW offices were regularly closed during their posted hours. Why bother now when they have newer machines that use the pp's chip.. except that this is a 2 stage process whereas the eyeballs were ready for a 1 phase check.
You could often tell who was going to be trouble in the Iris booth - if they wiggled their arses and bobbed around, it was going to go Sorry.. and throw the perp back. Back into where? In LHR the rejects faced the non-EU "come when _we_ say so" queue.
My name is Tom Ankers and I am a solution architect for a leading, UK based, biometric systems company.
I have been involved in many high scale identity systems and felt compelled to add my own comments.
1) roll-out of iris technology at UK airports does not signal an end to biometrics in airports for security. It simply means the current solutions have not performed and the correct considerations for user experience and the operating environment have not been made. With advances in camera lens technology (or at least the improved affordability of) better user experiences can be made. We have recently installed a brand new "iris at a distance" system at Gatwick airport - passengers are quickly enrolled\verified in the matter of seconds without any direct involvement at a distance of 3M from the device. This is a state of the art, multi-million pound solution which demonstrates the big role biometric technology can have for border security.
2) the reasons the airports use biometric systems is not "to reduce staff numbers\costs". The core concern of airports is security. If anything they also simply wish to secure their airport and have passengers checked in and into the shopping areas as quickly as possible. The airports make a commission of the money shops make so it is in their interest to have people processed quickly (and securely). I do not work for an airport so have no reason to unnecessarily defend their cause however I have worked closely with some of them and understand the problems and demands they face.
3) I agree with comments made regarding the India program. An approach is to use score based fusion algorithms to provide multi-modal match scores and greatly improving the confidence of identification. A number of systems are deploying this sort of technique - the iris at a distance technology used at Gatwick can also perform face matching so before long we may see fused score identification being performed at border points.
Thank you for that interesting post, Mr Ankers.
Who is making the investment in biometrics here? Is it a private sector airport operator, risking its own money? Or is it UKBA, a public authority investing public money, i.e. your money and mine? There is a fusion, or confusion here, which it would be useful to resolve.
In your experience, what are the performance characteristics of the iris scan and face recognition biometrics that you mention? What is the failure to enrol rate, the false match rate and the false non-match rate? And what are the volumes involved, have your systems registered 5,000 airport users, 5,000,000, ...?
With two-dimensional face recognition, many studies suggest that the false non-match rate is between 30 and 50% for the first two months after registration, which is useless, and then falls off a cliff -- sort of double useless. There is obviously no point fusing the iris scan biometric with 2-D face recognition. But are your clients perhaps using 3-D face recognition?
In which case, that's fine, but it stops being centrally relevant to the matter at hand, because UKBA and their smart gates don't, they rely on 2-D.
(continued ...)
(... continued)
The airport operators may not install biometrics technology to help to reduce headcount. But UKBA do, please see the evidence of Dame Helen Ghosh, Permanent Secretary at the Home Office, when she appeared before the Home Affairs Committee on 22 November 2011, http://www.dmossesq.com/2012/01/theresa-may-damian-green-helen-ghosh.html :
"... there are plans, over the SR10 period [up to 31 March 2015], to reduce the staff of the Border Force by around 900 people, from almost 8,000 people at the start of the period. But that is driven as much by technological introductions like e-gates, as well as a risk-based approach. Border Force will be getting smaller ...".
Are UKBA investing our money wisely? Does the biometric technology their plans depend on work? Does it work well enough to replace human beings? All the respectable published academic evidence suggests that the answers are no, no and no.
In light of which, with the Olympics coming up and border security an even greater concern than usual, it's about time the Home Office gave us some performance figures to work with, something which, disclosure, they currently resist, and resist very energetically, http://dematerialisedid.com/bcsl/foi.html .
I also understand the technology is getting better. The problems I have with biometrics, however, are more fundamental than that.
First, biometrics are the exact opposite of cooperative identification. They're adversarial in approach. Fingerprints, for example, are great to to investigate crimes because you inadvertendly leave them bloody everywhere. That's useful to ferret out perps, but not so useful for protecting privacy. It invites rather than stops attempts at impersonation. Elevating their importance by using them for casual identification like at the airport, means you now have to wear gloves each time you go out.
They also have the exact opposite of the properties you need for a sustainable system. They don't stand compromise, for they're always easier to fake than to replace. However hard faking is, recovery from compromise is still harder. Since we're talking real world use here, compromise will happen. Thus, using biometrics is elevating the needs of the system over the needs of the citizen it claims to seek to protect. As such, the biometric approach for this purpose is inherently faulty.
Same thing with those new pervy eye-staring devices. You like them because they're spendy. Fat margins, good for the old CV. For everyone else they mean you now have to wear dark glasses every time you're near such a thing. Soon, they'll be integrated in CCTVs, meaning you need to wear glasses everywhere to retain some semblance of privacy.
It is touching in a sad way you still actually believe the security circus is about security. It is not. It is about being seen to do something, anything. Harassing passengers so they feel safer, for surely harassed terrorists will think twice?
I'd ask if you paid attention beyond your niche, but I don't really need to when you're clinging to arguments that even a five year old could tell you are bunk. For all the industry's and the governments' combined cranial prowess, nobody dared admit that what they're doing is not, and cannot be, effective.
In all the aftermath of 9/11 are only three effective airport security measures: Matching luggage to passengers, adding sturdy doors to cockpits, and teaching passengers to fight back. The last bit didn't need any officials, the people figured that out for themselves. All the rest is wasted taxpayer money. It's your meal ticket, but that doesn't change that to the taxpayer it is complete wastage.
If you want effective security, you need to focus on people. Not on their bodies, not on what stuff they're carrying. On what they're intending to do. And you still need people for that one. In fact, even if IBM brought out those mind interfacing apparatuses, I'd still want people to deal with people. As a philosophical choice, putting ourselves first, instead of inventing ever more sophisticated machinery that treats people like things to be dealt with like they were a special class of moving, talking, unruly and annoying objects.
You'll disagree because it's your meal ticket, but all the same, you're part of the big brotherisation, not part of a safer world. Sorry.
"First, biometrics are the exact opposite of cooperative identification. They're adversarial in approach. "
"It invites rather than stops attempts at impersonation".
"They also have the exact opposite of the properties you need for a sustainable system. They don't stand compromise, for they're always easier to fake than to replace."
"Thus, using biometrics is elevating the needs of the system over the needs of the citizen it claims to seek to protect."
"Same thing with those new pervy eye-staring devices. You like them because they're spendy. Fat margins, good for the old CV. "
"It is touching in a sad way you still actually believe the security circus is about security. It is not. It is about being seen to do something, anything"
One of the neatest critiques of the whole security theatre.
Very neatly done AC.
The problem with this system was that it was never publicised properly (non-registered users block gates with comments "How do I know if I am registered?"), lack of proper user training, would only take 5 minutes on a mock machine when you register, and lack of staff support when it didn't work to get the hapless user out of there instead of blocking the (maybe one of two) gates. This could have been so much better. I for one never had any problems with it, glasses or not, and I could jump massive queues, even more of a pain now when an A380 kicks out. However I do realise that if the system were ubiquitous it would not be a method to jump queues. In the end, if you have registered then it could be better than a false passport as someone would have to go to great lengths to copy irises onto contact lenses, but not impossible.
Everytime I went through passport control, the agent would mention "you should sign up for IRIS." I rarely had extra time to do so, but eventually I was at Gatwick when the registration office was open (it was frequently closed) and I had time. I stopped regularly flying out of LHR soon after (BA dropped the early morning flight to Cologne). It was over 6 months before I was back through LHR. (I was using other London airports but they lacked IRIS). When I tried to use the IRIS, my registration was EXPIRED! I was surprised it expired. It was never mentioned when I registered. I know it was for frequent travelers, but they have to use the airports that have IRIS. Fail.
If it takes 3-5 secs for a system to decide if a picture of your face matches the one in *your* passport.
How long will it take for it to check A Passenger against the roughly 6 million faces of the EU suspect persons database?
While all the other gates (WAG about 10 000 across the sea and airports of the 27 member states) are doing the same?
Wasn't one of the "benefits" of this system going to be *reducing* the time through the gate?
Went through Heathrow last night with my family and there was a major delay at the new facial recognition system. It took ages to capture and process the pictures and when it did, it got the results wrong- It recognised my wife as my 5 year old daughter and visa versa. Now why the original images where not attached to the boarding card, I don't know. Each card was scanned and then the picture taken. What the system should have done was match the 'front' and 'back' end pictures and returned a matching percentage, rather than searching through the database of all pictures taken and trying to find a match.
Still we had a great laugh about it with the immigration officer.