Replacing Guards and Gates With Biometrics and Big Data

06_17_SecurityTech_01
Passengers wait in line next to a biometrics identification system tested in Ben Gurion airport near Tel Aviv, Israel, on January 5, 2010. Biometrics identification systems could reduce intrusive security checks. The system wouldn't replace human checkers but would make their job faster and more efficient, according to chief airport security checker Zohar Geffen. Ariel Schalit/AP

On the morning of August 10, 1999, Buford Oneal Furrow Jr. walked into the North Valley Jewish Community Center in Granada Hills, a suburb of Los Angeles, and opened fire with a semi-automatic weapon. The 37-year-old white supremacist wounded a receptionist, a camp counselor and three boys before fatally gunning down a mailman he encountered nearby.

Nearly two decades later, and following numerous mass shootings across America, part of the legacy of that day can be found in the Bais Yaakov School for Girls 20 miles away. Located in affluent West Hollywood, opposite BuzzFeed's glass-fronted offices and a popular Mexican restaurant, Bais Yaakov provides an Orthodox Jewish education to approximately 300 students in grades nine to 12. But the three-floor gray building looks more like a modern fortress than a place of learning.

Bais Yaakov has multiple surveillance cameras visible around its perimeter. A 10-foot-tall green metal fence protects the rear. Inside, an automatic lockdown system disables all doors with the press of a button as an audio-visual alert system relays instant warnings to staff and students in the form of flashing lights and announcements. The most sophisticated technology controls entry to the school: an in-motion biometric recognition system—featured in the latest Mission: Impossible movie—that verifies identities. As staff and students walk up demarcated lanes in front of its external doors, a camera reads both their facial features and body language. If the man, woman or child standing at the entrance is authenticated from a database of about 400 registered people, green lights flick on, buzzers sound and the doors open.

"[Granada Hills] freaked a lot of people out," says Adam Cohen, the volunteer facility manager, whose four daughters have all attended the school (one is still a student there) and whose two nieces were working at the Jewish community center when it was attacked in 1999. "You've got all kinds of crazy people out there. They're going to go to the easier site first. So if you make yourself look vulnerable, you're going to attract attention." In 2009, Cohen helped enlist Bais Yaakov, which already used fingerprint entry software, as the test site for FST Biometrics, an Israeli company developing the new entry system. A $100,000 Department of Homeland Security "site hardening" grant—given to a few hundred U.S. nonprofit grantees every year for the past decade or so—helped pay for it and other measures. Bais Yaakov is now among the most secure schools in the nation, according to safety experts. But it's not alone in ramping up protection at considerable expense. The U.S. security industry, from gadgets and manpower to software and consultancy, has evolved and expanded in recent decades amid rising fears of particular threats, like mass shooters, and the promises of new technology spawned by the digital and internet revolution.

Fast-growing market

In 2013, the industry totaled $388 billion—with 82 percent of that spent by the private sector—according to a 2014 report. That's bigger than educational services ($308 billion) and arts, entertainment and recreation, including gaming ($280 billion). Electronic security products—ranging from alarms to metal detectors to card readers—are at the forefront of this growth. The Freedonia Group, a market research firm, estimates the market for these products will grow to $16.2 billion by 2019.

FST Biometrics, founded by Aharon Zeevi Farkash, a former head of Israeli military intelligence, has rolled out its entry system in a range of places, including New York City condo towers and health clubs, the Israel Diamond Exchange in Tel Aviv and a Dutch museum using it to provide personalized tours—visitors enroll and then pass through interactive checkpoints that tailor the experience to each person. The company claims its technology makes life easier, by eliminating the need for keys, fobs and access cards, and faster, by processing the information while people are in motion, and is less intrusive and more hygienic than fingerprint technology.

Yaron Zussman, FST Biometrics America's CEO, says it can meet the expected growth in security products and systems, twinned with people's desire for ease and comfort, by using "more passive and convenient" tools like in-motion recognition. The system suits an array of scenarios: from hospitals, where hands-free hygiene is crucial, to immigration control, where speed and efficiency could get airport lines moving again. One third party has even outfitted a Ferrari with the technology, and Zussman believes it will eventually become commonplace in cars to prevent theft or perhaps drunken driving. "It's not that far-fetched. I think in the future you'll be starting your car based on biometrics."

Innovation in security is increasingly centered on smartphones and wearable devices. HID Global currently manufactures access control cards (and the current U.S. green card) that let people open doors to places like offices and hotel rooms. In a new strategic collaboration with chipmaker NXP Semiconductors, HID will expand this technology so it works with more smartphones, as well as wearables like Apple Watches and Android Wear. Meanwhile, the company also recently announced a new cloud-based platform to share data from government-issued IDs like driver's licenses, passports and Social Security cards securely on smartphones and other tablets.

As many as 4 billion people will have smart devices by 2020, connecting to 25 billion "intelligent things" and consuming 50 trillion gigabytes of data, HID estimates. "The migration of your ID onto your phone is the last frontier—it's pretty much the last thing that you can't leave the house without," said Rob Haslam, managing director of its government identity business.

06_17_SecurityTech_02
A man is scanned by an "easyPass" machine, a biometric full-ID-management border control system, at the CeBIT trade fair in Hanover, Germany, on March 8, 2014. The security industry traditionally revolved around the three G’s: guns, guards and gates. Now, biometric technologies are reshaping the landscape. Wolfgang Rattay/Reuters

Security, storage

Because of concerns about privacy, HID's platform will allow people to limit the amount of information shared, depending on the scenario. For example, a police officer doing a traffic stop would be able to see more data than a liquor store worker verifying your age—but in either case, all you'd need to do is send it from your smartphone. The company is looking to pilot the technology with a state motor vehicle department or similar U.S. agency, but has yet to finalize an arrangement. In the meantime, it's pushing ahead with several overseas projects, including putting Nigeria's entire vehicle ownership system—comprising at least 50 million cars—onto a smartphone-accessible database.

"We think we're on the verge of a new era," says Haslam.

A key challenge across the industry is how to store and utilize the vast amounts of information generated by security systems. Closed-circuit TV or alert networks gather troves of information, much of which is ultimately benign. But when something does happen, law enforcement and others need to be able to find a morsel of evidence within that data mountain. These are the issues at the core of current debates in police departments over rolling out body cameras: how much footage should be stored and for how long; whether it should be kept on cloud-based servers (as the New York Police Department has opted for) or on physical devices; which officers should have access to it, when and how; and so on.

Numerous companies have sprung up trying to meet these kinds of challenges. Last year, Qognify, which helps protect environments where any security lapses could be ruinously expensive and damaging—like airports and Olympic Games—released software called "suspect search" that indexes video to make it easily searchable. The system uses video analytics to assign every individual on screen a unique digital signature, which is stored in a database that can be searched. Using a tool like this, investigators can save hours or days of scouring footage for suspects. "[It] can be used in hindsight, a day later when someone is reporting something or very close to real time," says Illy Gruber, vice president of marketing at Qognify. It's already been rolled out in numerous airports, medical centers and city surveillance networks globally, though all such clients have asked for anonymity, Gruber says.

The security industry traditionally revolved around the three G's: guns, guards and gates. Technology is reshaping that landscape, building on these foundations and undoubtedly creating new issues along the way. Lee Tien, senior staff attorney at the Electronic Frontier Foundation, a nonprofit focused on civil liberties in the digital world, says he is concerned about the "collect-it-all, Big Data mentality" of the industry. "Frequently, users may not have consented to or even know their data is being collected, much less know what's actually being done with their data once it's collected," he adds. "Big Data often means data being used for something different than its original intended purpose."

Security companies appear aware of these worries. Gruber notes that Qognify's video search tool creates a database of avatars generated from footage, rather than storing actual images of people. Similarly, FST Biometrics doesn't save its users' images, instead translating them into an algorithm. FST Biometrics's Zussman also stresses their technology allows—rather than denies—access, and nothing more. "We're not a blacklist," he says. "We're never going to be all over the streets for facial recognition…. That's not our market."

The shift to digital security that uses tools like biometric verification and mobile credentialing also heightens fears around protecting the data sets integral to their use. Tien warns putting terabytes of sensitive data together in one place for any purpose creates a huge target for malicious attackers looking to score the next breach. Security industry professionals insist they are constantly updating their own protection protocols, and that their systems pass the highest data assurance tests, in which external parties evaluate their ability to withstand attempted hacks.

In enrolling in such systems, users do put a somewhat blind faith in the operator's ability to secure it. But this isn't all that new; the same thing happens—and has happened for years—when people give their information to retailers and government agencies and plug it into their cellphones. And numerous examples, from the 2013 hack of retailer Target—which exposed 40 million customers' financial data—to warnings by the California Department of Motor Vehicles in 2014 of a possible breach of its credit card processing services, show even the biggest, best-known entities can struggle with the task.

Replacing Guards and Gates With Biometrics and Big Data