(3/3) Deep dive into beneficiary de-duplication in the Nigerian context: Use of biometrics
This article is the fourth in a series of articles I’m writing about our findings and learnings in the context of the piloting of a blockchain-based technology to address the beneficiary deduplication problem in Nigeria.
The purpose of the pilot is to test whether a blockchain-based technology can be used to detect duplicate beneficiaries in Nigeria. The technology was previously piloted and proven effective and efficient in detecting duplicate beneficiaries in Syria; so, the aim is to build on the success of Syrian pilot and deploy the same technology in Nigeria, while taking into consideration the differences between the Syrian and Nigerian contexts. The first sprint of the pilot was all about raising awareness of the problem, announcing the pilot, gathering momentum, and encouraging humanitarian actors to participate in the pilot.
In this sprint, we wanted to engage with humanitarian agencies and experiment with some of the most important assumptions that would encourage and motivate them to participate in the pilot, namely: their data collection and management workflows, the use of biometrics, as well as compliance with data protection laws and regulations. In this article, we’ll cover the results of the biometrics experiment.
In the Nigerian context, and unlike the Syrian context, the use of biometrics for identification and verification is permitted, so, in the biometrics experiment, we wanted to test whether the proposed technology can integrate with biometrics, like fingerprint recognition technology.
Key takeaways
- All biometric scanners are essentially the same, in terms of how they capture and utilize biometric signatures for recognition and identification.
- Simprints is widely used by humanitarian agencies for biometric recognition and identification; it adopts same standards for biometric scanning used by all other biometric tools.
- GeniusChain integrates with biometric scanners, but the way it does varies depending on the tool used for biometric scanning. Further examination is needed on each tool used by humanitarians to demonstrate best practices of integrating GeniusChain with biometrics.
Biometrics experiment
Biometrics Scanning and Recognition (Biometrics in short) is the use of specific biological signatures of human beings for the purpose of identifying or confirming their identity. These biological signatures are relied on for identification because they’re unique for each human being, and thus, no two individuals can have the same biological signature. The signatures that are used for identification purposes include: fingerprint scanning, iris scanning and face recognition. Biometrics is a widely used means of identity verification in humanitarian space for its effectiveness in identifying beneficiaries during assessment of aid needs and distribution of aid. Biometrics can also be used for efficient and effective duplication detection. Many agencies use biometrics for these purposes in many parts of the world, particularly in regions where there’s a lack of proper civil registration and identity documents that can be reliably used for beneficiary identification. The purpose of this experiment is to examine whether the GeniusChain UID platform integrates with biometrics, and thus, enabling agencies that use biometrics to make use of the UID platform for cross-organizational duplication detection and collaboration.
Brief overview of how biometrics work
This section provides a brief overview of how biometrics work from a technical perspective. Please note that this is an oversimplification of the process and its actual steps, but this should be enough to understand integration of GeniusChain with biometrics.
Regardless of what biological signature is being used for recognition, the following stages are performed in order to identify an individual or confirm their identity through their biometric signature. The stages are capturing, digital template, and matching. In the capturing stage, a biometric scanning device (such as a fingerprint scanner or an iris scanner) is used to capture a high-resolution picture of the fingerprint, iris or face of the person. In the digital template stage, a computer software analysis the picture and creates a template where a digital representation of the scanned image is created. Lastly, in the matching stage, another computer software uses the digital template and compares it against other digital templates stored in a database of biometric digital templates and then returns the ID of the template that matches the one we’re looking for.
In most scanning and recognitions services, the ID is just a random number/code that is associated with the digital template when it was first created and stored. The ID is only meaningful for the agency that originally scanned the fingerprint and created/stored its digital template. There are standards for formatting, structuring and storing biometric data, such as the ISO/IEC 19794 and ANSI 381 standards for fingerprints. The purpose of these standards is to enable the scanning and matching of biometric data in a unified approach.
It is important to mention that biometric data is considered “highly sensitive data”, and there are certain rules apply to how this data can be processed and handled to ensure its safety and security resilience against potential breaches. This stems from the fact that a person’s biometric data is immutable, which means that it does not change over time, so once their digital template is generated, it remains the same forever. Among the security and safety measures when dealing with biometric data include:
- The pictures of biological signatures taken during the capturing stage should never be stored; only the digital template should be stored of a biometric scan.
- The digital template IDs alone cannot be used to identify to whom the digital templates belong. Therefore, the biometric data, the digital template ID, and the information that can be used to identify the person owning the digital template ID should be stored in separate databases to minimize the damages of a potential security breach.
Among the widely used biometric scanning and recognition service providers include: Innovatrics, Neurotechnology, Thales and Miaxis.
The Simprints biometric scanner
In collaboration with the CWG (Cash Working Group) in Nigeria, we reached out to the cash assistance agencies and asked them what biometric scanning tools they use, and the tool reported to be used for biometrics was Simprints. Simprints is a complete platform for fingerprint biometric scanning and recognition for humanitarian agencies. It includes a mobile application for integration with data collection tools, and a fingerprint scanning device, Vero. Simprints integrates with many data collection tools used by humanitarians such as CommCare, ODK-based tools such as Kobo Toolbox, and SurveyCTO.
It works as follows: the First step is “enrolling” beneficiaries, which means scanning their fingerprints for the first time and generating an ID for each beneficiary and storing the digital template and its ID in the Simprints platform. Once a beneficiary is enrolled, the Simprints platform can then be used for identifying and confirming the identity of that beneficiary in the future. Whenever there’s a need for confirming the identity of a beneficiary, the beneficiary’s fingerprint is scanned, and their biometric is then used to find matches in Simprints database (which matches the scanned biometric against others stored in the system).
Integration of biometrics with GeniusChain
As mentioned above, all biometric scanners generate a digital template ID that is used for biometric recognition and matching purposes. So, in principle, that ID can be used as one of the data end points that feeds into generating a beneficiary UUID. If we were to take Simprints as an example, in theory, agencies can obtain the digital template ID after scanning the beneficiary’s fingerprint and storing it in the data collection tool. Then, the data collection tool can be configured to give the digital template ID to the GeniusChain app, to then generate the beneficiary’s UUID. Of course, further technical testing and experimenting is needed, where Simprints or other scanning and matching services are used in a real-world context, to further understand the configurations and limitations of that integration.