Interview with Judith
Why was the BioTrusT project
BioTrusT was the idea of some providers of biometric solutions, all
members of TeleTrusT's biometric working group AG6. They envisioned a
mass test to evaluate the general user acceptance as a step towards
preparing the public for biometric systems, particular in Germany. They
also wanted the test to conform with with strong privacy and consumer
Our first step was to get
sponsors. They are the S-Finanzgruppe — one of
the major retail banking organizations which has 40+ million customers —
and the German Ministry for Commerce and Technology (BMWi).
S-Finanzgruppe is not only a sponsor, it also provides technological
analysis, operational support, and users to the project. TeleTrusT
provides project management and support services. The project began in
April 1999 and is currently funded until March 2002. Plans are to continue
the work until the end of 2003.
Are there comparable projects
Although there are many biometric projects, BioTrusT is unique. One
unique feature is its unparalleled multidimensional and multi-biometric
approach that, in addition to S-Finanzgruppe and TeleTrusT, includes
partners as diverse in size and outlook as
* Large financial services organization (GAD/Cooperative Banks)
* Research (university)
* Consumer advocates (AgV)
* Privacy advocates/data protection (ULD)
* Government German Ministry for Commerce and Technology (BMWi)
* Biometric vendors
Currently we have 14 different
companies providing different recognition
solutions for face, fingerprint, Iris, signature, voice, and lip movement.
How is the project
BioTrusT is structured in Phases:
* Phase 0 Stargate, is a demonstration and development platform
that will remain in operation until the end of the project
* Phase 1 Access control/security, tests different technologies in
* Phase 2 PC-Access, tests standardized modules (BioAPI) with
different technologies in distributed individual PCs
* Phase 3 ATM Analysis evaluates the use of biometrics for ATMs
* Phase 4 Homebanking/E-Commerce
Why was speaker verification
Speaker verification is one of many biometric technologies being
evaluated. It is of specific interest, as all mobile phones and many PCs
have microphones built in. That may eliminate the need for specific
sensors. By the way, my family has been using speaker verification for
some years to secure access to our our home. My young son loves it.
How did you become involved
I'm an independent consultant. After 25 years with IBM I joined
TeleTrusT's biometric working group. I helped TeleTrusT to establish the
project and sign up the sponsors. I am now the BioTrusT project manager.
What is the current status
of the BioTrusT work?
We completed Phase I (access control) in March 2000. We are currently
running Phase 0 (demonstration platform), Phase 2 (PC test of BioAPI
compliant technologies) and Phase 3 (ATM evaluation). We had a Workshop
in early June which provided a detailed status report on these phases.
Last year's workshop on May 3 detailed the findings of phase 1. All
presentations are available (most in German only) on the BioTrusT website.
How do you evaluate field-test
performance with such diverse biometrics?
We use two methods. We get user acceptance information through a series
of questionnaires that each user completes. The questionnaires are
completed over time and at different points in the user’s experience
with the biometric. Secondly, we examine the system log files, where
the hard facts are available for analysis.
Have any unexpected issues
come up so far?
As with many large technology projects there are plenty of issues. There
is user turnover, which is expected. Some users leave the project and
new applicants are eager to join. The technology is more complicated
than anticipated. Finally, managing priorities where the major participants
are so different is not easy.
What impact, if any, has
compliance with BioAPI made on the work BioTrusT is doing?
We lost several months of work. Phase 2 calls for a standard biometric
interface but BioAPI was not ready so we had to create a BioTrusT
standard which we built using what was available from the BioAPI
consortium at that time. When BioAPI's reference implementation became
available last fall, we analyzed it and decided to abandon our
BioTrusT specific approach in favor of BioAPI. It then took the
companies involved in Phase 2 a couple of weeks to implement BioAPI.
Today, the majority of the companies with BioAPI-compliant solutions
are members of BioTrusT and, I have heard that the only BioAPI
compliant application today is the BioTrusT screen saver.
What advice would you
give other projects evaluating biometrics?
There is no single piece of advice that I can give because there are
many biometric projects and many of them have very talented people.
However, if anyone needs help or has specific questions, they can
contact me at the BioTrusT email addresses.
What are the next steps
in satisfying BioTrusT's mission?
Our next step is to finish Phase 2, which should provide us with the
standard building blocks for both a larger field test and appropriate
We also have to define the
next steps in phase 3 because one of the
things that we have learned from the current evaluation is that ATM's
may not be ideally suited for an initial general biometric deployment.
BioTrusT is an interdisciplinary pilot implemetation of applied biometric
schemes in banking. Biometric technology developers and system operators
work together to provide solutions that comply with German data security
requirements for dealing with biometric identifiers.
BioTrusT is a project operating
within the TeleTrusT project
framework. It began in 1999 and its primary objectives are to evaluate
biometric identification and prepare the consumer market to use
biometric identification. This mission includes testing compliance with
standardization, performing research and evaluation of technology, and
examining legal, privacy, and data protection aspects of biometric
implementation and use.
More information is available