On Tuesday 02 February 2010 18:21:16 Debayan Banerjee wrote: > On 2 February 2010 16:40, jtd <[email protected]> wrote: > > On Tuesday 02 February 2010 15:44:47 Debayan Banerjee wrote: > >> http://uidai.gov.in/tenders/RFP_ASDMSA_Volume_II.pdf > > > > Fine document. With all the enrolment holes of existing id > > schemes. On the authentication side I wonder if they have tried > > fingerprinting after 8 hrs in rain / field / shrimp farm. > > Well they can wipe their hands before giving a fingerprint, right?
No you cant. Once the fingers are soaked in water for a few hours, They take a few hours to regain the original elasticity. So the poor sods for whom this billion rupee farce is being enacted are the ones who are the ones who will NOT be authenticated most of the time and not recieve whatever the government was doling out. Children, the one area where all subsidies are justified, cannot be biometrically authenticated (as correctly pointed out in this doc). So it is wide open to fraud - not that others in the populace are any better though. It is utterly trivial to spoof fingerprints. In another report that this body has brought out (it is so unbelivably shoddy, a TY college project would be much better), to cover the actual finger print collection process, UIDA hopes to get good finger prints with proper training. And since one finger print will result in a high FAR, they will collect all ten finger prints. Never mind that it provides 10 times the opportunity (by mixing gummy fingers) for fraud. In this report they propose to deliver the doc by post without the need for the persons prescence. Obviously someone realised that it would be impossible otherwise, but completely forgot that this is one of the most important steps in the verification process. How do they propose to auth with address, 40% of our population who dont have a temp roof over their heads. > > "Given the heterogeneity of fraud detection, one cannot expect a > > single algorithm to address the situation. A layered Fraud > > Detection engine must be implemented as a part of the UID project > > which can detect/prevent various types of fraud. A systems-based > > approach combined with manual inspection, investigation and > > learning is essential for a complete fraud detection system. > > The fraud detection system should be designed to detect who > > committed the fraud at an individual or organizational level. > > Depending on the method used, it may also be able to detect the > > channel through which the fraud was committed. " > > > > Nice gymnastic leap of faith from the ground to algorithms. > > They might as well have not written this part at all. Would you > have respected them more then? > > > 57 pages that do not address the most basic issues associated > > with biometric ids let alone id ing 1 .2 billion. > > Well I did not read the entire 57 pages. I think its a document > specifically for developers. Once the development starts, people > will probably start looking at the document very frequently. stop conning yourselves. This is the worst possible waste of tax payers money. The UIDA has neatly side stepped the first fundamental questions of why and how of the id process. And are bringing out documents about pinning the id uniquely to an individual using tech with KNOWN gaping and unfixable holes, algos and fraud prevention and advantage of this and that tech. -- Rgds JTD _______________________________________________ network mailing list [email protected] http://lists.fosscom.in/listinfo.cgi/network-fosscom.in
