Interview with Judith
Markowitz, PhD
President J. Markowitz,
Consultants
|
July 20,
2001
Interview with Judith
Markowitz, PhD
|
Why was the BioTrusT project
created?
BioTrusT was the idea of
some providers of biometric solutions, all
members of TeleTrusT's biometric
working group AG6. They envisioned a
mass test to evaluate the
general user acceptance as a step towards
preparing the public for
biometric systems, particular in Germany. They
also wanted the test to
conform with with strong privacy and consumer
protection regulations.
Our first step was to get
sponsors. They are the S-Finanzgruppe — one of
the major retail banking
organizations which has 40+ million customers —
and the German Ministry
for Commerce and Technology (BMWi).
S-Finanzgruppe is not only
a sponsor, it also provides technological
analysis, operational support,
and users to the project. TeleTrusT
provides project management
and support services. The project began in
April 1999 and is currently
funded until March 2002. Plans are to continue
the work until the end of
2003.
Are there comparable projects
anywhere else?
Although there are many
biometric projects, BioTrusT is unique. One
unique feature is its unparalleled
multidimensional and multi-biometric
approach that, in addition
to S-Finanzgruppe and TeleTrusT, includes
partners as diverse in size
and outlook as
* Large financial services
organization (GAD/Cooperative Banks)
* Research (university)
* Consumer advocates
(AgV)
* Privacy advocates/data
protection (ULD)
* Government German
Ministry for Commerce and Technology (BMWi)
* Biometric vendors
Currently we have 14 different
companies providing different recognition
solutions for face, fingerprint,
Iris, signature, voice, and lip movement.
How is the project
organized?
BioTrusT is structured in
Phases:
* Phase 0 Stargate,
is a demonstration and development platform
that will remain in operation until the end of the project
* Phase 1 Access
control/security, tests different technologies in
controlled environments
* Phase 2 PC-Access,
tests standardized modules (BioAPI) with
different technologies in distributed individual PCs
* Phase 3 ATM
Analysis evaluates the use of biometrics for ATMs
* Phase 4 Homebanking/E-Commerce
Why was speaker verification
included?
Speaker verification is
one of many biometric technologies being
evaluated. It is of specific
interest, as all mobile phones and many PCs
have microphones built in.
That may eliminate the need for specific
sensors. By the way, my
family has been using speaker verification for
some years to secure access
to our our home. My young son loves it.
How did you become involved
in BioTrust?
I'm an independent consultant.
After 25 years with IBM I joined
TeleTrusT's biometric working
group. I helped TeleTrusT to establish the
project and sign up the
sponsors. I am now the BioTrusT project manager.
What is the current status
of the BioTrusT work?
We completed Phase I (access
control) in March 2000. We are currently
running Phase 0 (demonstration
platform), Phase 2 (PC test of BioAPI
compliant technologies)
and Phase 3 (ATM evaluation). We had a Workshop
in early June which provided
a detailed status report on these phases.
Last year's workshop on
May 3 detailed the findings of phase 1. All
presentations are available
(most in German only) on the BioTrusT website.
How do you evaluate field-test
performance with such diverse biometrics?
We use two methods. We get
user acceptance information through a series
of questionnaires that each
user completes. The questionnaires are
completed over time and
at different points in the user’s experience
with the biometric. Secondly,
we examine the system log files, where
the hard facts are available
for analysis.
Have any unexpected issues
come up so far?
As with many large technology
projects there are plenty of issues. There
is user turnover, which
is expected. Some users leave the project and
new applicants are eager
to join. The technology is more complicated
than anticipated. Finally,
managing priorities where the major participants
are so different is not
easy.
What impact, if any, has
compliance with BioAPI made on the work BioTrusT is doing?
We lost several months of
work. Phase 2 calls for a standard biometric
interface but BioAPI was
not ready so we had to create a BioTrusT
standard which we built
using what was available from the BioAPI
consortium at that time.
When BioAPI's reference implementation became
available last fall,
we analyzed it and decided to abandon our
BioTrusT specific approach
in favor of BioAPI. It then took the
companies involved in Phase
2 a couple of weeks to implement BioAPI.
Today, the majority of the
companies with BioAPI-compliant solutions
are members of BioTrusT
and, I have heard that the only BioAPI
compliant application today
is the BioTrusT screen saver.
What advice would you
give other projects evaluating biometrics?
There is no single piece
of advice that I can give because there are
many biometric projects
and many of them have very talented people.
However, if anyone needs
help or has specific questions, they can
contact me at the BioTrusT
email addresses.
What are the next steps
in satisfying BioTrusT's mission?
Our next step is to finish
Phase 2, which should provide us with the
standard building blocks
for both a larger field test and appropriate
evaluation schemes.
We also have to define the
next steps in phase 3 because one of the
things that we have learned
from the current evaluation is that ATM's
may not be ideally suited
for an initial general biometric deployment.
ABOUT BIOTRUST
BioTrusT is an interdisciplinary
pilot implemetation of applied biometric
schemes in banking. Biometric
technology developers and system operators
work together to provide
solutions that comply with German data security
requirements for dealing
with biometric identifiers.
BioTrusT is a project operating
within the TeleTrusT project
framework. It began in 1999
and its primary objectives are to evaluate
biometric identification
and prepare the consumer market to use
biometric identification.
This mission includes testing compliance with
standardization, performing
research and evaluation of technology, and
examining legal, privacy,
and data protection aspects of biometric
implementation and use.
More information is available
at www.biotrust.de
|
|
|
|
|
|