7. PAPER DOCUMENTATION
primary documents
birth certi
fi
cate
gender recognition certi
fi
cate
common proxies
passport
national insurance number
NHS medical card
deed poll or statutory declaration
driving license
none of these can be proven to tie a physical
person to the identity asserted
8. DISPUTES
courts base judgements on the credibility of
evidence presented to them
the most compelling evidence is that
provided by eye witness testimony if the
witness is proven credible
two or three credible witnesses agreeing
will likely determine the court verdict
physical evidence can also be compelling
but the provenance of physical evidence
always needs to be attested by witnesses
as does the integrity of it's acquisition and
subsequent chain of custody
9. BIOMETRICS
measurable and relatively unique
faces
fi
ngerprints
iris patterns
retina patterns
genetic
fi
ngerprints
electrocardiogram
electroencephalogram
anchors a subject to a recording device
provides a forensic quality of evidence
10. Barely a day passes wit
high-profile data brea
ambitious regulations
such as the European U
the Payment Card
14. BIOMETRICS
measurable and relatively unique
faces
fi
ngerprints
iris patterns
retina patterns
genetic
fi
ngerprints
electrocardiogram
electroencephalogram
anchors a subject to a recording device
data can be duplicated or counterfeited
17. IMMUTABILITY
singly-linked lists are popular
in computer science
they allow several lists to
share common head segments
a hash chain extends this
concept with proofs of
integrity for each node and a
signature to validate them
alter one item in the chain
and all subsequent proofs
must be recalculated
a provable chain of custody
18. BIOMETRIC LIVENESS
the pupillary response to
successive bright
fl
ashes of
light has calculable properties
eye movement guided by a
shared cryptographic secret
will be unique to a particular
user or device
the server sets the parameters
randomly and the device must
produce expected responses
passive monitoring can be
used instead of active stimuli
FIG. 5D
time
Pupillary area
Constriction
t
first pulse
applied
second pulse
applied
t1 t2
120c
y
x
Liveness
Eye
tracking
Enrolment
b
S1104b
S1112
S1110b
Cv
ET params
PD results
+ sig+URI
ET results
+ sig+URI
Access
control
214
19.
20. WEB CONNECT+
most transactions are
performed over untrusted
networks
making them susceptible to
Man-in-the-Middle attacks
by having a remote server use
our device as a validator we
can perform a transaction and
give them access to a secure
back channel
now we can monitor &
control the connection to our
untrusted intermediary