NIST: Both Fingerprints, Facial Recognition Needed to Protect U.S. Borders

The agency recommends a 'dual approach' as the best option to make sure visas are issued properly and that the person holding the visa is the proper recipient of the visa.

by / February 11, 2003
WASHINGTON, D.C. -- A dual approach that employs both fingerprint and facial-recognition technology is the best option for a biometric system that would make the nation's borders more secure, according to scientists at the Department of Commerce's National Institute of Standards and Technology (NIST).

After studying mature biometric technologies, NIST -- in conjunction with the Departments of Justice and State -- made the recommendation in a report recently transmitted to Congress.

The study was mandated by the PATRIOT Act and the Enhanced Border Security Act.

NIST's Information Technology Laboratory spearheaded evaluations to determine the ability of biometrics to enhance border security. The evaluations looked at two applications: positively identifying visa applicants and verifying that the holder of a visa is the person to whom the visa was issued.

Fingerprint performance was measured on an Immigration and Naturalization Service database of 1.2 million prints of 620,000 individuals. The Face Recognition Vendor Tests 2002 measured face recognition performance of 10 vendors on a Department of State database of 121,000 images of 37,000 individuals.

Based on the evaluations, as well as practical considerations, NIST recommends the use of at least two fingerprints to positively identify visa applicants and a dual system of face and fingerprints to verify the identities of visa holders at points of entry into the United States.

In its evaluation of possible future border crossing systems, NIST noted that each fingerprint or facial image would require 10 kilobytes or less of computer memory storage. A card with 32-kilobyte storage capacity could store two fingerprints and a facial image, and many existing smart cards easily could do the job.

NIST also recommends that any future visa system incorporate several existing information technology standards and specifications -- biometric information could be scrambled using public key infrastructure (PKI) systems that incorporate the Digital Signature Standard.

This information scrambling would make the system tamper resistant.

The information could be stored in cards that meet the Government Smart Card Interoperability Specification. Additionally, the data could be stored in a way that meets existing standards already used by law enforcement agencies to store fingerprint and mug shot information.