Biometrics

Reading Between the Lines

• By John K. Waters
• 10/01/09

Biometric tools draw information from a person's identifying physical components, providing a virtually fail-safe level of protection for K-12 schools.

THE ACADEMY OF APPLETON, WI, is best known as the first US school accredited by the UK's University of Cambridge International Examinations (CIE) department for its K-12 program. That accreditation, afforded by one of the world's foremost providers of international curriculum certification and assessment services, brought much prestige to the private institution, along with a unique security mandate.

"We needed a way to secure the room in which we store the examinations that come from the university," explains The Academy's head of school, Jody Marriott Bar-Lev. "We're actually required by the CIE to maintain a secure room with restricted access-- something more restrictive than just a locked door."

Back in 2004, Bar-Lev and Beth Wendt, The Academy's two co-founders, invested in a "hand geometry" scanner called the HandKey to secure the school's entrance. A year later, freshly certified by the CIE, the school figured that applying the technology to the test-storage room was a logical next step.

At Seminole County Public Schools, the use of biometric scanners produced a 17 percent rise in lunch sales at one high school.

Now there are no keys to the room and only two people-- Bar-Lev and one other faculty member-- have access to it.

To enter the room, Bar-Lev places her hand on the "platen," a small shelf in the scanner, and spreads her fingers and thumb between four raised pins. A digital camera set above the platen records an image of the hand that is converted by software into a mathematical value, then compares it against a template created from several images of the hand taken previously and stored in the device. Once the match is confirmed, Bar-Lev is let in.

In its original role as gatekeeper to the school building, the HandKey acts as a second level of security. The entire faculty, as well as parents picking up their kids after school, first must enter a PIN number on a keypad to open the outer door to the school grounds, and then place a hand into the scanner to open the inner door. Tom Brigham, spokesperson for the maker of the scanner, Bermuda-based Ingersoll Rand Security Technologies, calls the procedure "layering" because it requires two credentials.

"For the most part it was the parents who wanted this level of security," Bar-Lev says. "We haven't mandated it for any of the students, but we all wanted the building to be secure and to know who was coming and going, and when."

A Range of Applications

The HandKey scanner is an example of a type of identification technology known as biometrics, which has been making its way into school districts for the past decade. In addition to their security uses, biometric systems are currently used in schools for cafeteria purchases, library checkout, student attendance, and teacher time clocks, among other applications.

Biometrics is a category of combination hardware-software systems that recognize a person by taking a measurement of an individually distinct physical trait, like a fingerprint or the shape of a face. Fingerprint scanners are a common sight these days. They protect access to everything from laptop computers to ATM machines. But the list of biometric tech tools includes iris and retinal scanners, facial recognition systems, handgeometry analyzers, voice-print technologies, and emerging systems that identify vein patterns in the palm of a hand (see "The Next Frontier: Vein Patterns"). Even behavioral identifiers, such as handwriting ID solutions that measure the pressure, speed, and rhythm of a person's writing and gait analysis technologies that recognize you by the way you walk, fall into the realm of biometrics.

The software and hardware that make up these systems comprise three basic components: a sensor, a computer, and a hunk of software. The sensor detects the physiological characteristic presented; the computer that the scanner is connected to accepts that input as it would a pass code typed into a keypad or the swipe of a bar code; and the software analyzes that input against a stored piece of computer code that serves as a template, which was created from an initial scan of that same trait when the user "enrolled" in the system, then verifies the identity of the person on the other end of the appendage. The sensor makes few mistakes, wrongly rejecting only about one person in 1,000.

Hand-geometry scanners take a 3-D reading of the size and shape of a hand to confirm identity, Brigham explains, and an adaptive learning algorithm embedded in the system's software adjusts itself to natural changes in the hand resulting from things like warm and cold weather, aging, and even pregnancy. The device can even account for artificial influences, such as jewelry.

That approach works fine with adults but can be ill-suited for use on students, whose hands are growing and changing, rendering the initial template unusable. Instead, K-12 schools' most favored biometric sensor technology, according to industry consultant International Biometric Group, is the fingerprint scanner. And that technology is most often seen at lunchtime.

Seminole County Public Schools began testing its first biometric identification system in the cafeteria of Pine Crest Elementary School in 2007, the first district in Florida to try the technology. The system was a point-of-sale (POS) solution that employed a "universal finger ID system" from Minnesota-based Educational Biometric Technology. Students in the cafeteria line would place a finger on a fingerprint scanner installed at the cash register. The device would verify the print and deduct the price of the lunch from the student's account.

During that initial test implementation, the district ran into an unexpected glitch: Some of the students' fingers were too small for the fingerprint scanners to get an accurate reading.

"Biometrics is one of the more effective ways to implement a security and authentication system that keeps kids out of places on the network where they don't belong."

"The fingers of the youngest children were so tiny that the system had a hard time getting enough points for accurate identification," recalls Sharon Reid, manager specialist in charge of the cashiers and student accounts for the district. "We sometimes have to re-scan them in first or second grade when they're bigger."

As technology glitches go, it was minor, and Seminole soon expanded the program to Millennium Middle School, and then added three high schools. This year the district plans to add two more high schools and eventually include all of its schools.

The promise of biometrics as POS technology, says Rob Enderle, president of IT analyst Enderle Group, is mainly one of efficiency. Students don't have ID cards to lose or passwords or PIN numbers to forget. Or, for that matter, lunch money to get stolen. "Laying a finger on a scanner is a much more efficient way for kids to pay for their lunches," Enderle says. "It's a pretty good bet that they'll always have their fingers with them."

Tammy Madison, food services manager at Seminole's Lyman High School, which got its first fingerprint scanners last year, says that, at her school at least, Enderle is right. "The system really speeds up the lines," Madison says. "No more bar code craziness to deal with. No more problems with kids using other kids' account numbers or stealing their passwords. We love it."

Seminole County's food service director, Dan Andrews, has said that his district's biometric system "virtually pays for itself." The district says that a group of 30 students gets through the lunch line 90 seconds to two minutes faster using the scanners. The result: Lunch sales at one high school rose 17 percent because of the quicker lines.

Yet, despite the growing appeal of biometrics in the cafeteria, the technology is still considered mainly a security tool, according to Enderle. "Biometrics is one of the more effective ways to implement a security and authentication system that keeps kids out of places on the network where they don't belong," he says. "Teachers, remember, aren't that good at hiding their passwords, and kids are very good at finding them out."

Using biometric scans to replace or augment passwords "hardens" the network, Enderle says, allowing network administrators to ensure that the users who get into certain areas of the network actually have permission to be there. Users log on through a sensor connected to their computer. The sensor could take a variety of biometric readings. Virtually all laptop makers offer a model with a built-in fingerprint scanner. Some provide facial recognition systems that use a laptop's webcam to match a stored image of the user's face. Computer mice with built-in thumbprint readers are increasingly commonplace. These kinds of systems are also used to secure the machines themselves, informing the laptop or desktop that the person signing on to use the device is actually the person allowed to do so.

"You have to remember a password," Enderle says, "which teachers are afraid they won't do, so they write them down. You can't blame them for that, especially when they work with systems that require passwords to be changed every few months. They're getting smarter about hiding them; I don't see as many passwords on Post-it notes stuck to computer monitors as I used to. But if you don't see it there, nine times out of 10 it's taped under the keyboard."

According to Reid, Seminole County is starting to implement more security-oriented applications with its biometric system. The technology is already being used in some of its schools to secure media centers, and the district's transportation department is considering employing the system to make sure that the right children get on the right buses. School librarians are also looking at it as a way to improve the process of checking out and tracking loaned books, and schools are considering potential applications of the technology in front-office enrollment and for tracking classroom attendance.

"The potential of this technology in our district is enormous," Reid says.

Is It Fingerprinting?

Not everyone, however, has greeted the advent of biometrics in schools with the same enthusiasm. Concerns about personal privacy and potential misuses of the information gathered by these systems have sparked an antibiometrics movement both here and in the UK. The UK's LeaveThemKidsAlone.com and its sister organization in the US, BanTheScan.com, argue that biometric devices are allowing schools to fingerprint children without parental consent, that no independent research has shown any benefits of the technology to the students, and that vendor claims that the systems store computer code that can't be reverse engineered to the original fingerprint are false.

One of the most often quoted authorities on the websites of these organizations is Kim Cameron, chief architect of identity in Microsoft's Identity and Security division. "We have to look at this in a broader context than simply getting the lunch line moving more quickly," Cameron says. "We have to look at the technology in the context of the question, What does identity mean to these kids, to their education, and the way they relate to the digital world?"

Cameron questions vendor claims that the information gathered by fingerprint scanners doesn't constitute a true fingerprint. Some districts reassure parents by claiming that, essentially, the systems keep only a few key markers, not the whole print. That strategy, they say, creates a unique identifier used specifically in that system, not a fingerprint. Lyman High School Principal Frank Casillo, in a letter posted on the school's website, tells parents, "Student information is safe and protected, since actual fingerprints or images of their fingerprints are not kept on file."

But Cameron argues that the case on reverse engineering of these "templates" is not yet open-and-shut, citing studies on his blog that suggest it is feasible to trace the code back to the original print. He argues that a more secure technique is biometric encryption, a process that combines a password and a finger scan. (The Academy uses this approach.) Incorporating multiple factors in the making of the template makes it virtually impossible to reverse engineer an identity, Cameron says. "A template created from a combination of a fingerprint and a password can't be used to get back to your fingerprint."

He adds, "Of course, it'll slow down the lunch line."

Biometrics vendors seem acutely aware of concerns about fingerprint ID systems. Rarely does the word fingerprint even appear in the newest published promotional materials of biometric solutions providers. Instead of "fingerprint scanners," their systems are "fingertip readers" or "finger readers" or "finger ID systems." The maker of the HandKey shares this sensitivity, emphasizing that its product does not record a fingerprint or a handprint.

"I guess fingerprinting has an unavoidable criminal connotation that people just have a hard time getting away from," says Bill Rust, research director for IT industry analyst firm Gartner. "The idea that you're fingerprinting your kid just smacks of institutional mistrust and, well, Big Brother. It's not like the eyeball scanning stuff, which does the same thing but makes you feel like a secret agent."

Rust expects the usefulness of biometrics in schools, including recognition of its value in the instructional process, will outweigh any perceived ills in the long run. He says biometrics could, for example, help to secure the identities of students in distance learning programs. "For most schools right now, this is probably a back-burner issue, because everyone is struggling to maintain programs. But this is technology that really could have some possibilities going forward."

In the short run, Cameron advises districts that deploy biometric technologies to give parents the opportunity to opt their children out of the system. "Without that," he says, "you set up a confrontation about the technology of identity that is harmful, frankly, to the future of society. We have to end up with a technology infrastructure that we can all trust."

This article originally appeared in the October 1, 2009 issue of THE Journal.