Biometrics: history, risk and future

What image a person will leave in history is sometimes a very accidental thing. Even if Jia Gongyan pats his head, he probably won’t know that in a thousand years, he will be regarded as the earliest discoverer of fingerprint recognition technology.

To most people, the name Jia Gongyan is quite unfamiliar, but if we are interested in Confucianism, especially Zhou Li, we will know that he can be called the number one person in this field. This Confucian student of the Tang Dynasty used his research on Zhou rituals to become a Ph.D. in the reign of Emperor Gaozong of the Tang Dynasty. The rank of this official post was not high at the time, but the work it assumed was very important and noble to the Confucianists. He will not only participate in the Confucian Classics teaching in the Imperial College, but also participate in the interpretation of Confucian classics. Jia Gongyan compiled two classic commentaries-“Zhou Li Yi Shu” and “Yi Li Yi Shu”, both of which are now important references for studying Zhou Li.

In “Zhou Li·Di Guan”, an official position of the Zhou Dynasty, “Sishi”, was introduced. It was stated that the officials in this position “were the price to be measured, to settle the letter and to stop the litigation. Jia Min banned counterfeiting and defrauded, and robbed him with punishment.” What does that mean? That is to say, officials such as Sishi use measures to determine prices to attract buyers, use “agents” to build the trust of buyers and sellers to avoid litigation, and appoint subordinates such as Xushi and Jiashi to prohibit counterfeiting and use penalties. Prohibition of riots and eradication of thieves-from this description, we can see that the position of “Shishi” is very similar to the current market supervisors. In the above description, a word called “mass agent” is mentioned. Zheng Xuan, a great scholar in the Han Dynasty, once gave a comment on this: “The quality agent is a bundle of two books, the same but the other, if this is written.” From Zheng Xuan’s description, we can easily see that the “substantial agent” is actually a kind of contract document written on a slip. When the transaction is concluded, the buyer and the seller divide it into two as a proof. However, after Zheng Xuan’s comment, a concept of “hands-on” was put forward. This Han dynasty noun was no longer familiar to the Tang Dynasty, so Jia Gongyan would provide further comment on this comment. He wrote in “Zhou Liyishu”: “The handwriting of the Han Dynasty is now the drawing finger coupon”, that is to say, the “Handwriting” of the Han Dynasty is actually equivalent to a kind of “painting finger coupon” in the Tang Dynasty. Contract documents-this kind of document is easy to see in the museum. It requires the signing party and the intermediary to put their fingers on the paper and draw three knuckles on the index finger as proof

Originally, this comment of Jia Gongyan was very common, even inconspicuous. But after many years, the German scholar Robert Heindl accidentally saw this passage and was immediately excited. Not only did he write the content of the text into his book “Fingerprint Identification” published in 1927, he also praised Jia Gongyan for being the first person in the world to discover and explain the nature and application of fingerprints. As a result, Jia Gongyan, an ancient man, has an additional identity for no apparent reason—the first person to be fingerprinted. However, if we fully understand the above story, we know that Jia Gongyan can only be regarded as a recorder of the fingerprint application at that time. Even Zheng Xuan, who recorded the “hands-on”, would be earlier than Jia Gongyan. For hundreds of years. From a practical point of view, many unearthed cultural relics show that the history of the Chinese people’s use of fingerprints as a certificate of contract can be traced back at least to the Warring States Period. Some scholars even believe that the fingerprints on some pottery with a longer history are identified by fingerprints. A kind of evidence.

It seems that Europeans have adopted fingerprints much later. Compared to applications, Europeans seem to be more focused on the nature of fingerprints themselves. Historical documents prove that as early as the Roman period, someone had observed the fingerprints left on the scene of the murder and tried to use it to handle the case. However, due to the technological conditions at the time, this inquiry did not produce any results. In the 17th century, more and more people were searching for the mystery of fingerprints. For example, the British morphologist Nehemiah Crew described the various shapes of fingerprints very accurately in the Philosophy Bulletin in 1684. By the beginning of the 19th century, scholars represented by Czech physiologist Jan Evangelista Pulkinje had begun to try to classify fingerprints. By the middle of the 19th century, people had begun to guess that the biological information of fingerprints was unique and consistent for people, so this property could be used to assist in identification. One of the representative figures is the British William James Hershel (WilliamJamesHershel). He was curious about the nature of fingerprints since he was a child, and he did not hesitate to burn his fingers with chemical reagents to verify the fact that the fingerprints were the same shape before and after rebirth. Later, when he worked as a civil servant in the Indian colony, he collected a lot of fingerprint information and discovered the fact that different people’s fingerprints are different. He wrote this discovery into a paper and published it in the 1880 journal Nature. . Almost at the same time, Henry Faulds, an Englishman living in Japan, discovered the same facts through observations of large numbers of people and monkeys, and published the results in the journal Nature. In 1892, Francis Galton, the famous cousin of Darwin, used statistical and mathematical methods to prove that the probability that two people’s fingerprints are exactly the same is only one in 64 billion. It is almost impossible for different people to be the same.

Although Europeans have been slow to apply fingerprint recognition, they quickly applied these findings to practice after recognizing the scientific nature of fingerprints. For example, Herschel and Foltz both began to advocate the use of fingerprints as proof of identity in the criminal investigation process, and Herschel even suggested using fingerprints as credibility for transactions.

Compared with Herschel and Foltz, others have to go further-since fingerprints can be used to identify individuals, why not go further and use it to manage more people What? In 1908, French Representative Reville joined forces with Alphonse Bertillon, who was well-known at the time and known as the “first person in criminal forensics,” and proposed a proposal to suggest that the government should collect fingerprints and For other physical characteristics information, establish an “anthropometric ID card” for management. After four years of controversy, the bill was finally passed in 1912. An era of using fingerprints and other “biological keys” for identification and management has been fully opened.

In the next 100 years, the fingerprint recognition technology has been continuously improved, and its application has also been continuously deepened. At the same time, people have also discovered that human faces, irises, voiceprints, DNA, etc. have unique and unique properties similar to fingerprints, which can be used to identify and manage people. As a result, a new technology that uses computers and high-tech means such as optics, acoustics, biosensors, and biostatistics to achieve personal identification through the inherent physiological and behavioral characteristics of the human body is born. Up. This technology is the biometric technology that we are very familiar with now.

However, for a long period of time, the application of biometric technology was limited to a small range of criminal investigation and social management. The reason is simple: Whether it is collecting or analyzing biological information, huge costs are required.

It wasn’t until the turn of the century that this situation changed. This change first comes from the technical level. In the late 1990s, biometrics technology gradually matured. On the one hand, with the development of hardware technology, the cost of equipment used to collect and analyze “biological keys” has begun to drop significantly. A landmark event was the introduction of the first mobile phone with fingerprint recognition in 1998 by Siemens. Although this was more of a commercial gimmick at the time, later, this design became a key to the popularization of biometrics. On the other hand, the evolution of algorithm technology has also greatly improved the speed and accuracy of biometric identification. Under the combined effect of these two factors, the road for the widespread application of biometrics has been opened up. At the same time, some demand-level factors have greatly promoted the development and popularization of biometric technology. In 2001, the “911” terrorist attack occurred in the United States. After the attack, the US government quickly strengthened its homeland security. In order to ensure local security, the United States has begun to collect biometric information of foreigners on a large scale, and has developed and deployed biometric devices such as facial recognition and fingerprint recognition in the country. This objectively played a huge role in promoting the development of biometric technology.

In recent years, with the advancement of technologies such as smart phones, mobile internet, and artificial intelligence, biometrics has become popularized rapidly. Nowadays, face recognition and fingerprint recognition are no longer the patents of the public security department. We have to swipe our face every day to turn on the phone, swipe our face to check in, press our fingerprint to check attendance… We must provide a biometric key when performing identity authentication, and make transaction payments. It is necessary to provide the biological key when signing the contract.

It should be said that the benefits of the popularization of biometrics are very obvious. With technologies such as swiping faces and pressing fingerprints, we no longer need to memorize cumbersome passwords, and the efficiency of identity verification is greatly improved at once. Not only that, because our biological keys are unique, theoretically, the accuracy of using them for identity verification is much higher. It is precisely because of the above advantages that biometric technology has quickly gained social recognition and related industries have achieved rapid growth. Specifically in my country, the development of biometrics technology is particularly rapid due to the huge artificial technology, broad application scenarios, and relatively loose supervision.

Due to the broad application prospects of biometrics technology, more and more companies have begun to devote themselves to this industry, and those established IT and Internet companies are rapidly conquering cities in this field by virtue of their advantages. In recent years, companies like Google, Microsoft, IBM, Amazon, etc. have all extended their tentacles to this field. But the strange thing is that this trend has been unexpectedly reversed recently. On June 8 this year, IBM issued a statement announcing that it would no longer provide general-purpose face recognition and analysis software, and permanently exit the market. Immediately afterwards, giants such as Amazon and Microsoft also issued similar statements.

The giants’ joint boycott of facial recognition and other biometrics technology can not help but make people wonder: Why did biometrics, which were still highly sought after yesterday, suddenly not “sweet”? There are of course many reasons for the changes in the attitudes of the giants, but the most direct one comes from politics. After the riots broke out in the United States due to the death of Black Freud, racial discrimination became the most sensitive topic, and biometric technology, due to its characteristics, was easily attacked as a tool of racial discrimination. For example, because blacks have darker skin, it is more difficult for machines to collect their facial features, which makes it difficult to recognize blacks. Originally, this was only a technical problem, but in the context of the turbulent political movement, this technical problem may very well be called the truth of some people. In the face of this situation, these giant companies have adopted the attitude of “one thing is worse than one thing less” and temporarily slowed down their pace.

In addition, if we carefully analyze the statements of the giants, we will find that their statements are still very ambiguous. Take IBM as an example. In the statement, it only announced its withdrawal from the “general” facial recognition software market. What about the “dedicated” facial recognition technology market? It did not state its position. This is very subtle. In fact, as long as we have an understanding of the industry, we will know that the profit of general-purpose facial recognition equipment is low, while the profit of dedicated facial recognition equipment is higher. From this point of view, giants such as IBM are actually just sloppy, taking the opportunity to abandon the less profitable market, and concentrate their efforts on more profitable areas.

If we put aside the political factors and just look at the direct reason that caused the giants to withdraw-it is difficult to recognize the face of black people, we will find that this in itself is also a common defect of biometrics. Why can we use biological keys for identification? In fact, the principle is to sample key points, and then compare the characteristics of these sampling points. In this context, many factors may interfere with the recognition results. On the one hand, some external environmental factors may have a relatively large impact on the accuracy of biometrics. On the other hand, changes in people’s own biological characteristics may also interfere with the accuracy of biological recognition. Events such as plastic surgery, injuries, age changes, and even wearing contact lenses may affect the results of biometric identification. Given the above situation, if we rely entirely on certain information for identification and management, the probability of error will be very large.

Of course, the shortcomings of biometric technology and the corresponding risks are more than these. In addition to inaccuracy, security issues are an important factor that plagues biometric technology. As mentioned earlier, biological information is unique, consistent, and difficult to replicate. These characteristics mean that under normal circumstances, identification technology can help us complete the identification of people more quickly and accurately, and greatly improve the efficiency of identification. But these characteristics also mean that once the relevant information falls into the hands of criminals, they can forge their identities at a lower cost. Now that the application of biometric technology has become more and more extensive, it has become easier to collect and obtain personal biometric keys. Each of us may be collected biological information without knowing it. If someone obtains this information from a certain channel, they can make a model of a face and a hand to complete identity forgery. Of course, in many cases, what they have to do may not be so troublesome. Due to the shortcomings of the current algorithm, the biometric identification in some places is very rough, and people can fool the machine with some very simple information. For example, there was a news report not long ago that some elementary school students used photos to deceive a courier company’s express cabinet using face recognition. Obviously, in this case, people’s financial security is difficult to guarantee.

In particular, it needs to be pointed out that compared with traditional information, biological information has significant irrevocability, which is likely to increase the risk of information loss. In the past, if the bank password was cracked, the customer could avoid the loss by simply changing the password. However, if the bank uses biometric information such as faces and fingerprints to replace the traditional password, once the information is stolen, it is impossible for the customer to change the password. Avoid losses.

In addition to security, privacy issues are also an important consideration. Now, in order to enjoy the convenience brought by biometric technology, people have to pay for their own relevant information. Under normal circumstances, once they hand over this information, they have no ability to control the flow of this information. This means that with the increasing popularity of biometrics and the increasing frequency of biometric information collection and exchange, the probability of personal information and privacy leakage will increase exponentially, and the difficulty of controlling information leakage will also increase.

Not only that, with the development of deep learning technology, people can also train and develop a fake model through some public biological information technology. For example, in recent years, some people have used Deepfake technology to graft the facial information of some stars onto pornographic movies. In this process, the biological information used by criminals can even be completely public. Obviously, in the face of such a situation, personal information and privacy protection will become a difficult problem for people.

In addition to the above problems, systemic discrimination caused by biometrics is also a concern. In 1912, after France used “anthropometric ID cards” to manage homeless people, certain people with special biological information became the focus of attention. According to some theories, these people may have a greater probability of committing crimes, so focusing on control becomes a crime prevention measure. More than a hundred years later, our technology has made far more progress than the French police. At that time, they could only use fingerprints and phrenology for identification. Now we have big data, which seems to be more Scientifically help us predict who is more likely to be called a criminal. If people use relevant technology to discriminate against people, then this will be a very terrible thing.

Based on the above factors, perhaps we should really spend some time thinking about how the next step of biometric technology should go.

Through the above analysis, we can see that while biometric technology greatly improves efficiency and brings us many conveniences, it also brings us many risks and troubles. So, in future practice, how should we weigh the pros and cons brought by biometrics, and what path should we continue to develop? There are two completely different views on this issue: one view believes that the development of new technologies is unstoppable, and in order to improve efficiency, it is inevitable to appropriately bear risks and sacrifice privacy; the other view believes that, Should be like today’s giants such as IBM, avoid the potential risks of biometrics as much as possible, and would rather sacrifice the speed of technological development, but also ensure people’s safety and privacy.

Although the above two attitudes have their own reasons, in general, they are slightly extreme. In fact, efficiency, security and privacy protection are not inexorable. As long as we do a good job of supporting various technologies and systems, we can fully exploit our strengths and avoid weaknesses, and try to control risks while taking advantage of biometric technology. In order to achieve this goal, the following work may be worthy of attention:

First of all, at the technical level, we should further improve the biometric technology so that their accuracy and efficiency will continue to be improved. Specifically, we can consider changing the past strategy of using fingerprints, palm prints, human faces and other single biometric information to identify identity, and instead use a comprehensive use of multiple biometric information for identification. If the recognition of one type of information is inaccurate, the recognition of multiple types of information will greatly improve the accuracy. In the process of information collection, care should be taken to store the information separately, so that even if a single piece of information is stolen, it cannot be simply used for forgery. In the process of transmitting and using information, technologies such as blockchain and secure multi-party computing can be used for encryption protection. Through such processing, we can greatly improve information security while effectively improving the accuracy of recognition. Even if some criminals obtain some biological information through loopholes in some of these links, it is difficult to use them to successfully forge identities.

Secondly, at the legal level, the promulgation of corresponding laws and regulations should be accelerated so that the protection of biological information can be followed. At present, many related laws in my country have already mentioned issues related to biometrics. For example, Article 1034 of the Civil Code clearly stipulates that the personal information of natural persons is protected by law; The Security Law also emphasizes the requirements of network operators for the protection of user information; and in the revised “Information Security Technology Personal Information Security Regulations” that will be implemented in October this year, it also includes the collection and collection of biological information. Provisions related to transmission and storage. However, on the whole, the provisions of these laws and regulations are still too broad, with regard to specific issues such as “who has the right to collect biological information”, “who has the right to use biological information”, and “under what circumstances is it necessary to collect biological information”. The question did not give a good answer. Therefore, in order to allow people to better understand how to regulate the collection and use of biological information in real-world scenarios, more detailed regulations and interpretations are needed.

Third, the collection and users of biological information should consciously establish a set of usage specifications to prevent potential risks from occurring. Specifically, entities that use biological information should stipulate different usage rules, identification standards, protection measures, management systems, and main responsibilities in accordance with the different identification levels, sensitivity, importance, and urgency of public needs of the data. Clarify the institutions that have the power to collect and use relevant data, as well as the initiation conditions and process specifications for related work, call them as needed, and implement management responsibilities. In the process of information collection and use, measures such as de-identification and encryption should also be actively used to pre-process the data to minimize the risk of data leakage. In addition, we should prepare a risk plan for information leakage at any time, and immediately intervene in the event of a problem to minimize the loss.

Finally, each of us should strive to be vigilant and minimize the leakage of biological information as much as possible. Those with suspicious motives for collecting biological information should be actively rejected.

If we achieve the above points, it is possible to solve the problems arising from this while actively advancing the development of biometric technology, so as to truly make good use of this “double-edged sword”.

Leave a Reply

Your email address will not be published. Required fields are marked *