Over ten years ago, I used to work for a company that provided system [and device] to track when employees arrived and left the building.
Most of these employees work in the fields handling heavy equipment. Most of them had no fingerprint since they'd been worn out. We ended up using palm recognition.
The idea that "all people have a unique fingerprint" is a widely believed falsehood.
Anyone who thinks of the condition as a disease or deformity or handicap, is likely to agree that it should be "cured" if possible. After all, it's a public health harm to everyone else allowing them to breed and inflict their deformity on innocent babies that would have otherwise been normal.
And then one day an actual disease based on a germ of some sort comes along that just loves to live in the valleys of human fingerprints, and the entire human race dies because we erased the few people we had that would have been immune.
I don't understand the excuse for failing to recognize that the value of diversity outweighs it's inconvenience. I don't know how long that has been grade-school knowledge. If not multiple hundreds of years, sure at least it's been a known thing since before the brith of any currently living person?
We are turning ourselves into human Cavendish banannas.
Similar story here. The company I worked for provided devices which would create and read a topological map of the back someone's right hand.
There were a couple of instances where users would be missing fingers or had deformities that would throw the machine off. In these cases we would have them put their left hand upside down in the device and map that instead.
In cases where there was issues with the original and alt methods we could remove the check altogether (employ would place their hand and it would go through so nothing was suspicious). This only happened once in the hundreds of thousands of people I'd deployed to.
As an aside, this method of tracking users in and out of work was markedly more digestible than reading someone's fingerprints and increased user adoption.
Working in 1st 2nd and 3rd world we heard all kinds of stories from employees not wanting to provide fingerprints from not wanting to be framed for murder to stealing a part of your soul by extracting sacred finger marks (similar story to photos in some cultures).
It's disappointing how rigid society can be: it's my way or the highway.
When someone doesn't have a particular, not inherently required characteristic to access something, there should be a series of fallbacks, but all too often this just excludes people.
This can be seen in all areas of life, in different severities:
- the entire topic of accessibility is about letting people make use of the abilities they have despite the ones they don't have. Not having functional legs doesn't have to prevent people from filing a document in the office.
- technology which once was optional but never essential becomes required with time. Booking a doctor's visit over the phone only, buying goods over the internet only, filing taxes only with a computer, accessing a bank account only with an Android program. All that with no fallback to the post office or a personal visit.
- the requirement to pass payments through an intermediary is getting more common. Gone are the days of paying bills or getting salary directly at the office, and the sphere of buying at the point of sale is losing the cash fallback, if stories from Asia are to be believed.
None of the technological changes are bad as options, but when they become the only choices, they work to disenfranchise people, especially ones related to banking and travel freedom. Debit/credit cards are not accessible to a huge chunk of the world's population, and even in Europe, getting a bank account as an immigrant can be hard.
Another thing that strikes me in the article is calling the condition "disease", without providing any evidence that it has any negative health impact. On the other hand, it matches the definition of disability as something the society imposes [0]. That would make this a paradoxical case of someone not impaired but disabled.
Yet at the same time, that series of fallbacks has a tendency to become an attack vector on the process and a weakness in the system.
To take a tech example, TLS downgrade attacks: you want to keep things working for older clients, but it’s possible for some party in the middle to intercept the traffic and feign non-support of the newer version (or stronger cipher suites), in order to push both parties to the older version or cipher suite, and if that older version or cipher suite has anything broken about it, now you have an easier target.
Applied here, if you allow a no-fingerprints route that’s less secure, be aware that attackers will devise ways of getting onto that path for their own malicious purposes. Perhaps they’ll forge a doctor’s certificate, perhaps use some kind of acid that temporarily removes their fingerprints, that kind of thing.
It’s an unfortunate balance. With TLS, you decide eventually at some point that the problems of still supporting the old, less-secure version are too serious, and so tough luck for people stuck on the old version. With this, I certainly hope it would err much more on the side of not locking people out of the System. (Fortunately, although this particular condition is very rare, there are a much larger number of people that have damaged fingerprints or fingerprints that don’t work in whatever readers get used.)
I once watched someone crash every fingerprint reader in an extremely high traffic border crossing. The police kept asking him to try the next one, much to the dismay of everyone queueing. The machines would BSOD and they'd shut that kiosk. At the time, I joked that his fingerprints were malware or specifically designed to cause a buffer overflow somehow.
Sounds to me these men are victims of abusive software bugs. They have a finger print... it may not be unique or normal. But pressing their inked finger onto paper will leave a print. I assume the software is looking for common pieces of a fingerprint to work. Said software isn’t considering the edge case of a smooth or mostly smooth finger pad.
The fact that the government workers are letting buggy software determine eligibility for drivers licenses and passports is the real issue here. It’s really sad.
Just reading this makes me so frustrated. I can’t imagine how frustrating it would be to be them. I hope this article helps these men get the exposure they need to end this.
It's not a software bug. People did this sort of thing before fingerprints. It used to be fairly common for immigrants and refugees to not know their birthday. The beurocracy was often unable to cope with that idea, as they wanted to use name and date of birth as the unique identifier. A lot of people just made something up to make immigration happy, which then resulted in problems down the line as they didn't recall what they made up.
A fingerprint is there to either identify you or confirm that it is you. Now, if we would allow the software to accept a smooth fingerprint as assign it to a person then this would allow anybody to impersonate that person without additional identification means. This is not a software bug, but a security feature.
Of course the software should be able to detect that there is no fingerprint and require the operator of that software to check for the identity by other means.
Sometimes we don't always have human operators and more things are automated.
Yet another proof you need another factor of authentication. From my experience with multiple mass enrolments of fingerprint authentication of software (more than a million people combined) about 20% don't have usable fingerprints.
Let me repeat that - never rely a 100% of any piece of biometric or any other type of authentication. Have a fail-safe mode for each.
And what about people with missing fingers or hands? Or those who work manual labor and their fingerprints simply get scarred too much to match their records?
Small correction: biometric properties are a form of identification, not authentication. Identification of the body part in question, not the person that is (as elegantly demonstrated by Wesley Snipes in Demolition Man).
As always with these techniques: step one is to introduce a system that covers 99.99% of people. Step two is to let the remainder fight their way through court while getting financially ruined until a judge orders you to facilitate them too. Governments can mitigate step two by just hoping these exceptions will give up.
Quite a significant proportion of people have fingerprints which cannot be read[1]. Phone fingerprint readers never work. This causes no end of trouble with airport immigration in various places. I spent a couple of hours in a back room at Boston airport while various people attempted to read my fingerprints (I have them, but they never work in those airport machines).
Why do they not work though? I mean, the reader should just be reading a series of lines. Are they too close together in your case or something, or too twirly? I appreciate that this may be a personal question but I hope you can overlook this given that we are on a semi-technical forum. It seems an interesting problem (though I am not a fingerprint engineer)
Surely people are born without hands — can they not get passports? A driver's licence I would perhaps understand, but certainly they should be able to be issued a passport?
Prior to the pandemic my phone could be reliably unlocked with my fingerprint, and I could access my bank accounts and confirm transactions with them.
Since the pandemic started, the extra regular and thorough hand-washing caused my phone to stop recognising my fingerprint most of the time.
Now to unlock I usually have to use another method instead, and some financial apps won't let me in or let me confirm transactions at all because they require the previously registered fingerprint, so I have to use the web version of those services.
Had to deal with fingerprinting for a couple work gigs. One thing that really messed up the process was me putting in bathroom tile. Between me using my fingers to smooth the grout and other manhandling/construction - I apparently wore off the prints enough to cause issues with the reader.
Same thing happens to me when manually sanding and doing any concrete work without gloves. The sandpaper and concrete acid remove enough of my fingerprint so as to not be recognizable anymore.
[+] [-] WhyNotHugo|5 years ago|reply
Most of these employees work in the fields handling heavy equipment. Most of them had no fingerprint since they'd been worn out. We ended up using palm recognition.
The idea that "all people have a unique fingerprint" is a widely believed falsehood.
[+] [-] Brian_K_White|5 years ago|reply
Anyone who thinks of the condition as a disease or deformity or handicap, is likely to agree that it should be "cured" if possible. After all, it's a public health harm to everyone else allowing them to breed and inflict their deformity on innocent babies that would have otherwise been normal.
And then one day an actual disease based on a germ of some sort comes along that just loves to live in the valleys of human fingerprints, and the entire human race dies because we erased the few people we had that would have been immune.
I don't understand the excuse for failing to recognize that the value of diversity outweighs it's inconvenience. I don't know how long that has been grade-school knowledge. If not multiple hundreds of years, sure at least it's been a known thing since before the brith of any currently living person?
We are turning ourselves into human Cavendish banannas.
[+] [-] cryptixvi|5 years ago|reply
There were a couple of instances where users would be missing fingers or had deformities that would throw the machine off. In these cases we would have them put their left hand upside down in the device and map that instead.
In cases where there was issues with the original and alt methods we could remove the check altogether (employ would place their hand and it would go through so nothing was suspicious). This only happened once in the hundreds of thousands of people I'd deployed to.
As an aside, this method of tracking users in and out of work was markedly more digestible than reading someone's fingerprints and increased user adoption.
Working in 1st 2nd and 3rd world we heard all kinds of stories from employees not wanting to provide fingerprints from not wanting to be framed for murder to stealing a part of your soul by extracting sacred finger marks (similar story to photos in some cultures).
https://us.allegion.com/en/home/products/categories/biometri...
[+] [-] gbraad|5 years ago|reply
Even the tools or superglue I use prevents my fingerprints to recognized most of the time. And that is just for hobby.
[+] [-] enw|5 years ago|reply
[+] [-] rhn_mk1|5 years ago|reply
When someone doesn't have a particular, not inherently required characteristic to access something, there should be a series of fallbacks, but all too often this just excludes people.
This can be seen in all areas of life, in different severities:
- the entire topic of accessibility is about letting people make use of the abilities they have despite the ones they don't have. Not having functional legs doesn't have to prevent people from filing a document in the office.
- technology which once was optional but never essential becomes required with time. Booking a doctor's visit over the phone only, buying goods over the internet only, filing taxes only with a computer, accessing a bank account only with an Android program. All that with no fallback to the post office or a personal visit.
- the requirement to pass payments through an intermediary is getting more common. Gone are the days of paying bills or getting salary directly at the office, and the sphere of buying at the point of sale is losing the cash fallback, if stories from Asia are to be believed.
None of the technological changes are bad as options, but when they become the only choices, they work to disenfranchise people, especially ones related to banking and travel freedom. Debit/credit cards are not accessible to a huge chunk of the world's population, and even in Europe, getting a bank account as an immigrant can be hard.
Another thing that strikes me in the article is calling the condition "disease", without providing any evidence that it has any negative health impact. On the other hand, it matches the definition of disability as something the society imposes [0]. That would make this a paradoxical case of someone not impaired but disabled.
[0] https://aeon.co/essays/what-does-it-mean-to-consider-yoursel...
[+] [-] chrismorgan|5 years ago|reply
To take a tech example, TLS downgrade attacks: you want to keep things working for older clients, but it’s possible for some party in the middle to intercept the traffic and feign non-support of the newer version (or stronger cipher suites), in order to push both parties to the older version or cipher suite, and if that older version or cipher suite has anything broken about it, now you have an easier target.
Applied here, if you allow a no-fingerprints route that’s less secure, be aware that attackers will devise ways of getting onto that path for their own malicious purposes. Perhaps they’ll forge a doctor’s certificate, perhaps use some kind of acid that temporarily removes their fingerprints, that kind of thing.
It’s an unfortunate balance. With TLS, you decide eventually at some point that the problems of still supporting the old, less-secure version are too serious, and so tough luck for people stuck on the old version. With this, I certainly hope it would err much more on the side of not locking people out of the System. (Fortunately, although this particular condition is very rare, there are a much larger number of people that have damaged fingerprints or fingerprints that don’t work in whatever readers get used.)
[+] [-] amp180|5 years ago|reply
[+] [-] computerfriend|5 years ago|reply
[+] [-] lixtra|5 years ago|reply
[+] [-] xahrepap|5 years ago|reply
The fact that the government workers are letting buggy software determine eligibility for drivers licenses and passports is the real issue here. It’s really sad.
Just reading this makes me so frustrated. I can’t imagine how frustrating it would be to be them. I hope this article helps these men get the exposure they need to end this.
[+] [-] nitwit005|5 years ago|reply
[+] [-] bartvk|5 years ago|reply
It also seems to go against disability/accessibility laws. There must be more people that don't have fingerprints, like people with missing limbs.
[+] [-] jankotek|5 years ago|reply
[+] [-] artjomb|5 years ago|reply
Of course the software should be able to detect that there is no fingerprint and require the operator of that software to check for the identity by other means.
Sometimes we don't always have human operators and more things are automated.
[+] [-] treeman79|5 years ago|reply
Knew a girl that had fingers but no arms.
[+] [-] dimitar|5 years ago|reply
Let me repeat that - never rely a 100% of any piece of biometric or any other type of authentication. Have a fail-safe mode for each.
And what about people with missing fingers or hands? Or those who work manual labor and their fingerprints simply get scarred too much to match their records?
[+] [-] Freak_NL|5 years ago|reply
As always with these techniques: step one is to introduce a system that covers 99.99% of people. Step two is to let the remainder fight their way through court while getting financially ruined until a judge orders you to facilitate them too. Governments can mitigate step two by just hoping these exceptions will give up.
[+] [-] rwmj|5 years ago|reply
[1] About 2-3% if you trust this random comment: https://www.reddit.com/r/NoStupidQuestions/comments/62c3oj/m...
[+] [-] clort|5 years ago|reply
[+] [-] Blikkentrekker|5 years ago|reply
Surely people are born without hands — can they not get passports? A driver's licence I would perhaps understand, but certainly they should be able to be issued a passport?
[+] [-] jlokier|5 years ago|reply
Since the pandemic started, the extra regular and thorough hand-washing caused my phone to stop recognising my fingerprint most of the time.
Now to unlock I usually have to use another method instead, and some financial apps won't let me in or let me confirm transactions at all because they require the previously registered fingerprint, so I have to use the web version of those services.
[+] [-] shalmanese|5 years ago|reply
[+] [-] irrational|5 years ago|reply
[+] [-] heelix|5 years ago|reply
[+] [-] irrational|5 years ago|reply
[+] [-] octoberfranklin|5 years ago|reply
[+] [-] bpodgursky|5 years ago|reply
[+] [-] m463|5 years ago|reply
[+] [-] mattkevan|5 years ago|reply
Not a problem most of the time, but he has real difficulty getting through American airport security.
[+] [-] lqet|5 years ago|reply
[+] [-] rgarrett88|5 years ago|reply
[+] [-] h1fra|5 years ago|reply
[+] [-] unknown|5 years ago|reply
[deleted]
[+] [-] stevespang|5 years ago|reply
[+] [-] tamaharbor|5 years ago|reply
[deleted]