"We can't secure the road from the airport to Baghdad in Iraq,"
said US Senator and Vietnam War POW John McCain, R-Ariz.
"How the hell are we going to control
Good question Senator McCain. And one that the DHS ought to consider as they struggle to
get their organization, as well as US port and border security under control.
We'll take a look at the status of the DHS, their accomplishments and mishaps,
in this edition of the eUpdate as well as the implications
of some recent developments in the US market. Then we'll finish up with a look at
forecasts for world market demand for key public sector and commercial applications of biometrics.
But first, a note from the last edition of the eUpdate -
I do actually know the difference between antidotal and anecdotal;
Unfortunately my spell-checker does not. Thanks to John Payne for the catch.
I certainly wouldn't want anyone to think I advocated the poisoning our hardworking
Please do keep the feedback coming.
And, if you know a colleague that you think ought to be
reading the eUpdate, please
forward this copy and encourage them to subscribe.
C. Maxine Most
C. Maxine Most
Acuity Market Intelligence
Acuity Market Intelligence | 640 W Linden St | Louisville, C0 80027| USA
+1 303 449 1897     www.acuity-mi.com.com
Struggles at the DHS
The US Department of Homeland Security is an organization still in search of itself.
Turnover at the top (at least 12 senior officials have or will soon depart) can be
construed as an indication of just how tough it is to get this unwieldy organization
to work … or perhaps private sector opportunities for post DHS insiders are just too
good to pass up . Either way, the agency is plagued by a host of issues: continued
unfilled positions; on-going privacy and civil liberties concerns, particularly with
US-VISIT; questionable detentions and deportations of legal and illegal immigrants;
limited progress on port and air cargo security; reductions in funding for existing
programs such as TWIC; and the recent audit by DHS's inspector general concluding that
anti-terrorism port grants are being poorly managed.
The port audit has received little media attention but indicates a genuine
bureaucratic failure of DHS. In addition to allocating money when grant applications
"lacked merit", it appears that the agency had been "distributing money as widely as
possible across the country, instead of focusing it on the biggest ports... or most
likely … future targets." Boondoggle or incompetence, it is not a good sign.
To it's credit, the DHS has made progress. The registered traveler pilot has met with
genuine success. Regardless of the adequacy of the current implementation of US-VISIT,
the program has continue to meet roll-out deadlines at air and sea ports and border
crossing. And governments the world over have been motivated to improve border
controls and meet strong US passport and visa requirements with little political
In spite of these accomplishments, critics claim little has actually been done to improve the security of the US's most vulnerable targets - both physical and logical. They focus on the following: the inherent inability of any organization this large to efficiently manage resources, i.e. the port audit findings; privacy issues associated with DHS policies; lack of post 9/11 measures to secure nuclear facilities, chemical and power plants, the transport of hazardous wastes or the critical IT infrastructure - public and private; and the failed history of US government to successfully deploy large scale IT based projects i.e. IRS, NASA, as a big red flag for full implementation of US-VISIT (currently contracted to Accenture) not the ad hoc system that is currently being rolled out.
Michael Chertoff, the new head of DHS, confirmed by the Senate last Monday, clearly has his hands full. Chertoff has promised that one of his first priorities will be to take a hard look at the US government's largest agency and propose restructuring as required to make it a more efficient organization. However, general criticism of the DHS, along with Senator McCain's quote above, there is significant doubt if Chertoff or anyone is really up to the enormity of the task. Whether is it a question of political expediency, necessary budget constraints (the US is currently running close to a $500 billion deficit), or simply bureaucratic stumbling blocks, the gap between the ideals of the DHS and the reality of what can and will be implemented is significant.
What does all this mean for the ID solutions market? There is an inherent risk in being at the effect of the twists, turns and changing priorities of any established government agency. In this case, while the newest agency of the US government is still in process of defining itself and has been tasked with enormous responsibilities for projects, programs and technologies that have never been successfully deployed, this risk is magnified. There are genuine DHS opportunities and significant money has and will continue to be allocated, but to hang all hopes on these opportunities to the exclusion of all else, particularly for small core technology vendors, could likely be a fatal strategic move. There are no guaranties that the political will and financial resources required to translate vision into reality will continue to be made readily available.
Two words that ought to be on the lips of anyone interested in commercial applications of biometrics; two words that ought to inspire grandiose visions of a real commercial future for biometric technology.
In a recent edition of the Digital ID World Newsletter (electronic), editor and identity management guru Phil Becker reported that at the RSA security conference held in February in San Francisco, automating compliance emerged as the universal application (much like the spreadsheet was for the PC) that will likely make managing identity an imperative in the enterprise.
Phil states "Identity finally has its universal application - something every
business will have to implement. And this will dramatically change
identity technology and rapidly grow the identity marketplace over
the next 24 months."
If automating compliance truly provides the key to cracking the identity marketplace, the biometrics industry should be celebrating. As the quagmire of compliance becomes apparent, auditable accountability becomes critical. This in turn requires non-repudiated identification technology. Biometrics are the only class of technologies capable of providing "true compliance" within the context of establishing this type of non-repudiated identity. Passwords and tokens cannot provide adequate assurance of who did what, when and where; the bottom line for compliance, particularly Sarbanes-Oxley. So, it would seem as goes compliance, so goes identity, and ultimately biometrics.
For more on this check out the archive of Phil's
Digital ID World Newsletter as well an article I authored entitled
Identity Linkage: Biometrics and "True Compliance" that will be published in the
upcoming print edition of Digital ID World Magazine
(Qualified readers receive complementary subscriptions). The diagram below is an illustration form the article
Evolution Towards "True Compliance"
The diagram illustrates the evolution for compliance applications from a state of minimal compliance i.e. meeting stated requirements, to a state of "true compliance", i.e. meeting actual objectives.
ChoicePoint and ID Theft
The ChoicePoint scandal has certainly brought the issue of identity theft front and center for US consumers, politicians and commercial enterprises. Though it is highly unlikely that anything approaching the strict data protection laws in effect within he EU will be proposed, the time seems ripe for some kind of federal data protection and/or identity theft legislation in the US that requires strict controls on personal data.
The type of personal data that ChoicePoint aggregates - credit reports, financial records, driving record, criminal history, civil court records, etc. - has essentially become a personal asset in the same way that financial resources are a personal asset. It would make sense that organizations holding this data or providing access to it be held liable for managing and protecting it the same way any financial institution has liability for protecting an individuals financial assets. In fact, if this is indeed a personal asset, shouldn't consumers really "own" it? Shouldn't individuals be able to control who holds or has access to this very personal information?
The problem in the US, of course, is that a powerful and successful industry - subject to limited, if any, regulation - has evolved based on the acquisition and sale of personal consumer data. This industry's products and services have become an engine that drives consumer and financial product and services marketing and ultimately spending. Given the current political climate in the US where business rights seem to be trumping consumer rights - Tort reform, proposed bankruptcy legislation, etc - it is hard to imagine legislation limiting the business operations of data aggregators such as ChoicePoint will be enacted.
It is, however, likely that US consumers will become much more interested in (if not demand) better tools and technologies designed to secure their personal information. This makes biometric authentication ever more attractive as a authentication mechanism for the full range of consumer transactions both on and off-line.
IBM Brings Biometrics Advertising to TV
IBM must think mainstream consumers in the US are ready for biometrics on their
laptops - at least the sci-fi community. In one evening on two different networks -
one cable, one broadcast - while I was enjoying doses of my weekly science fiction
fix - Star Trek Enterprise and
Battlestar Galactica (OK, you found me out, I admit it, I am sci-fi freak!) - IBM ran a new commercial highlighting the biometric features of the ThinkPad. The commercial demonstrated the use of a finger based swipe sensor and promoted it as a more secure form of password. It will be interesting to see if these commercials spread to broader audiences and what impact they have, if any, on ThinkPad sales.
Hopefully, the fate of Star Trek Enterprise,
recently cancelled, is not an early indication.
US Fed Tech Spending Soaring ... on Bullets & Bombs
Sad but true, as reported in USA today on February 27th, much of the increase in the US federal budget for tech spending for defense and homeland security seems to be going towards traditional military equipment i.e. bullets and bombs, not the kind of technology advancements and IT infrastructure upgrades that drive market demand for identification solutions. This should not come as a surprise to those who have been following current administration policy and reading the fine print of budget allocations.
This strengthens the case for aggressive market development efforts in commercial sectors for players in the biometrically enabled identification solutions game where regulatory concerns ( i.e. automating compliance), bottom line impact (get out your ROI models) and end user convenience (and demand to protect against identity theft, thank you ChoicePoint) will ultimately drive the adoption of this class of technology. While the apparently undeniable windfall of government contracts is extremely seductive, only a few entrenched companies - the traditional "Big Boys" of IT - are likely to be winners in this high risk proposition.
For the rest of the industry (as in denial as they are about it), it is all about doing the disciplined, rigorous work of targeting markets, understanding high point of pain problems, speaking in a language customers can understand and delivering quality products and services that address these customers' most pressing problems. Not nearly as sexy, but considerably more viable strategy for success.
Market Forecasts - Demand Curves
Demand Curves indicate the relative intensity of market demand for a given
class of solutions within a specific market sector
over a given period of time. They are not specifically correlated to actual revenue
for a given market nor do they indicate relative scale of one market sector to another.
The most significant worldwide public sector opportunities can be categorized into
three broadly defined market areas: 1) Integrated eBorders - which includes the
full scope of electronic and automated border control management as well as travel
documents, transportation, border control and immigration worker IDs and expedited
passenger systems, 2) eID – which includes national and other identity cards,
benefits distribution, voter registration, drivers licenses, and 3) eGovernment –
fully transactional interactive service delivery for citizens and commercial enterprises.
Each of these areas represent significant opportunities for the design, development,
implementation, maintenance and support of large-scale, integrated identification
Commercial market demand will revolve around opportunities for enterprise security and
secure information and financial transactions. Enterprises security includes physical
and logical access for employees and third party suppliers. Information transactions
include IP management for scientific and professional research firms i.e. Bloomberg's
use of finger based user authentication for access to financial analysis, as well as
personal access to travel, financial and healthcare information. Financial transactions
include consumer, business-to-business, ATM as well as inter-bank transactions.
For custom research, analysis or strategic market
development consulting, visit Acuity Market
Intelligence or call +1 303 449 1897
Comments, criticisms, corrections & kudos!
We welcome all feedback:
You're welcome to reprint BMI eUpdate articles. Just email with a link to your publication.
or email include
name, company, country phone & email
New email: send to
include your previous and new email addresses
Copyright 2005 Acuity
Market Intelligence, LLC. All Rights Reserved.
makes no guarantees on the opinions expressed herein. This
publication may be forwarded electronically in it's entirety.
However, no part of this publication may be published in any form
without explicit consent of the publisher.