Hi,
Just saw this:
Biometrics for PAN The Income Tax department seeks inputs from organizations engaged in providing biometric solutions to ensure uniqueness of Permanent Account Number (PAN). http://incometaxindia.gov.in/archive/bio1907_19072006.doc
Are there any companies that provide such solutions using FOSS in India? It might be useful for them.
Hi,
Just saw this:
Biometrics for PAN The Income Tax department seeks inputs from organizations engaged in providing biometric solutions to ensure uniqueness of Permanent Account Number (PAN). http://incometaxindia.gov.in/archive/bio1907_19072006.doc
Are there any companies that provide such solutions using FOSS in India? It might be useful for them.
We have the necessary hardware, Finger print sensor which can generate the file under linux. If any one can do the software part (and further liaison with Income Tax dept) , we would be happy to provide hardware.
Best Regards,
Mukund Deshmukh. Beta Computronics Pvt Ltd 10/1, IT Park, Parsodi, Nagpur-440022 Cell - 9422113746
On Saturday 22 July 2006 07:46 pm, Mukund Deshmukh wrote:
Hi,
Just saw this:
Biometrics for PAN The Income Tax department seeks inputs from organizations engaged in providing biometric solutions to ensure uniqueness of Permanent Account Number (PAN). http://incometaxindia.gov.in/archive/bio1907_19072006.doc
Are there any companies that provide such solutions using FOSS in India? It might be useful for them.
We have the necessary hardware, Finger print sensor which can generate the file under linux.
Its not the file but the algorithm used for generating the encoded miutae that is important. We have everything except the abv running on linux. And creating a gpld version without NDAs is going to be a very non trivial task. There is a project at http://fvs.sourceforge.net/about.html that may be useful. And this one provides plenty of info. http://ffpis.sourceforge.net/
I have been using both afs2 and atmel fingerchip.
If any one can do the software part (and further liaison with Income Tax dept) , we would be happy to provide hardware.
Ideal for starting a libre software initiative. I am ready.
jtd wrote:
On Saturday 22 July 2006 07:46 pm, Mukund Deshmukh wrote:
Hi,
Just saw this:
Biometrics for PAN The Income Tax department seeks inputs from organizations engaged in providing biometric solutions to ensure uniqueness of Permanent Account Number (PAN). http://incometaxindia.gov.in/archive/bio1907_19072006.doc
Are there any companies that provide such solutions using FOSS in India? It might be useful for them.
We have the necessary hardware, Finger print sensor which can generate the file under linux.
Its not the file but the algorithm used for generating the encoded miutae that is important. We have everything except the abv running on linux. And creating a gpld version without NDAs is going to be a very non trivial task. There is a project at http://fvs.sourceforge.net/about.html that may be useful. And this one provides plenty of info. http://ffpis.sourceforge.net/
I have been using both afs2 and atmel fingerchip.
If any one can do the software part (and further liaison with Income Tax dept) , we would be happy to provide hardware.
Ideal for starting a libre software initiative. I am ready.
Hope you have visited the website. The last date is 6th Aug.
On 22/07/06 16:54 +0530, Sameer N Ingole wrote:
Hi,
Just saw this:
Biometrics for PAN The Income Tax department seeks inputs from organizations engaged in providing biometric solutions to ensure uniqueness of Permanent Account Number (PAN). http://incometaxindia.gov.in/archive/bio1907_19072006.doc
WTF! I have no desire to have my promisciously available biometrics stored as identity mappings anywhere. * Considers moving to the Himalayas and becoming a monk *
Devdas Bhagat
On Saturday 22 July 2006 17:35, Devdas Bhagat wrote:
WTF! I have no desire to have my promisciously available biometrics stored as identity mappings anywhere.
- Considers moving to the Himalayas and becoming a monk *
What?? Dont spread FUD? Are your serious?
*considers moving in with DB*
*wonders if they have broadband there*
On 23-Jul-06, at 5:05 AM, Dinesh Joshi wrote:
What?? Dont spread FUD? Are your serious?
*considers moving in with DB*
*wonders if they have broadband there*
even monks have to pay service tax
On Sun, 2006-07-23 at 21:22 +0530, Devdas Bhagat wrote:
On 23/07/06 19:45 +0530, Kenneth Gonsalves wrote:
<snip> > even monks have to pay service tax > No. That service comes under the heading of charity, for which you get a tax deduction.
You would still needd to file your returns and that's where they'll get you ;P
-gabin
--- Devdas Bhagat devdas@dvb.homelinux.org wrote:
WTF! I have no desire to have my promisciously available biometrics stored as identity mappings anywhere.
- Considers moving to the Himalayas and becoming a monk *
This concern has cropped up more than once with a diverse group of people about having their biometric information stored somewhere and open to abuse. While on the face of it this concern may seem reasonable, I do not see how different it is than having your signature, Pan card, Social security number (in case of US ofcourse) stored in a number of places as they all are open to abuse. True biometric is "more" fool proof.. but...
I am quite interested in knowing more about the implementation for such an authentication system. (does not have to be open source, though preferred)
The "client" is a physician who would like to have a better "sign in " mechanism than paper/pen. The idea is to have all the patient information pull up moment the person authenticates via such a biometric control mechanism.
For just testing purposes, if someone can suggest a lower end product then I would like to invest in it and see if I can get it working with the (L)AMP configuration.
I remember JTD being ahead of the game in this and implementing industrial grade projects, so I would like to propose he gives some gyaan on the forum.
thanks abhi
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On 22/07/06 22:26 -0700, Abhishek Daga wrote:
--- Devdas Bhagat devdas@dvb.homelinux.org wrote:
WTF! I have no desire to have my promisciously available biometrics stored as identity mappings anywhere.
- Considers moving to the Himalayas and becoming a monk *
This concern has cropped up more than once with a diverse group of people about having their biometric information stored somewhere and open to abuse. While on the face of it this concern may seem reasonable, I do not see how different it is than having your signature, Pan card, Social security number (in case of US ofcourse) stored in a number of places as they all are open to abuse. True biometric is "more" fool proof.. but...
Consider the failure modes for biometrics. Then consider the failure modes for any of the other things getting compromised. Consider why identity theft is so big in the US. Finally consider how trivial it is to compromise biometric information.
Devdas Bhagat
On Sunday 23 July 2006 10:56 am, Abhishek Daga wrote:
--- Devdas Bhagat devdas@dvb.homelinux.org wrote:
WTF! I have no desire to have my promisciously available biometrics stored as identity mappings anywhere.
- Considers moving to the Himalayas and becoming a monk *
This concern has cropped up more than once with a diverse group of people about having their biometric information stored somewhere and open to abuse. While on the face of it this concern may seem reasonable, I do not see how different it is than having your signature, Pan card, Social security number (in case of US ofcourse) stored in a number of places as they all are open to abuse. True biometric is "more" fool proof.. but...
Rubbish. It depends on black magic algos for converting visual info to an electronically usable form. Many use non visual info like blood vessels in the finger / eye claiming that since this info is not accessible from a person easily it is difficult to compomise.Then it is stored somewhere in the universe with u having to trust the agency responsible for the info. This info is now in an easily replicable and distributable form and therfore has completely different vulnerabilities Many use non visual info like blood vessels in the finger / eye claiming that since this info is not accessible from a person easily it is difficult to compomise, forgetting that this is true only if the info stays in the human body and that the compomiser is un co-operative. The latter is the biggest loop hole in all authentication systems. Black magic and security by obsvurty is the hall mark of closed source. It is most important to have llbre software for id/auth software. Never ever trust software that u cant see and experiment with for security.
I am quite interested in knowing more about the implementation for such an authentication system. (does not have to be open source, though preferred)
Black magic and security by obscurty is the hall mark of closed source. It is most important to have llbre software for id/auth software. Never ever trust software that u cant see and experiment with for security.
The "client" is a physician who would like to have a better "sign in " mechanism than paper/pen. The idea is to have all the patient information pull up moment the person authenticates via such a biometric control mechanism.
It depends on what level of security he is interested in and wether his system is "public" accessible.
For just testing purposes, if someone can suggest a lower end product then I would like to invest in it and see if I can get it working with the (L)AMP configuration.
The sensors are very cheap. The electronics are not that expensive either. But fool profing the system particularly in critical infrstructure requires considerable skill and expense.
On Monday 24 July 2006 10:42 am, jtd wrote:
Even dna fingerprinting is far from fool proof with a substantial portion of the population having chimeric genes - genes that do not belong to either parent. No mommy wasn't having a ball on the sidelines. And besides that does not explain how dady's and mr. X's genes both got into knottty baby.
--- jtd jtd@mtnl.net.in wrote:
On Monday 24 July 2006 10:42 am, jtd wrote:
Even dna fingerprinting is far from fool proof with a substantial portion of the population having chimeric genes - genes that do not belong to either parent. No mommy wasn't having a ball on the sidelines. And besides that does not explain how dady's and mr. X's genes both got into knottty baby.
Ok so what are are claiming? that we are back to square one? or all the steps we took forward werent really forward?
And what FOSS options are available that work with handheld or fingerprint scanners?
-abhishek
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On Monday 24 July 2006 11:16 am, Abhishek Daga wrote:
--- jtd jtd@mtnl.net.in wrote:
On Monday 24 July 2006 10:42 am, jtd wrote:
Even dna fingerprinting is far from fool proof with a substantial portion of the population having chimeric genes - genes that do not belong to either parent. No mommy wasn't having a ball on the sidelines. And besides that does not explain how dady's and mr. X's genes both got into knottty baby.
Ok so what are are claiming? that we are back to square one? or all the steps we took forward werent really forward?
Yes. Mostly. For simple cases where physical prescence is essential and can be counter verified by a person or where id verification need not be 100.000000 % it works well. If the It dept wants to weed out false identity they are being stupid to think that existing biometric systems will work. In fact it would be the perfect play ground for scamsters. If it is for the convienence of tax payers AES and plainold passwords work well.
And what FOSS options are available that work with handheld or fingerprint scanners?
None as far as algorithims go (see earlier links). So far foss are still investigating algorithms and ideas and abandoning them because of the above said flaws or costs or impracticality - the foss community does not paper over problems with fancy presenatations. However there is sufficient gpld software to get things done with all the serious flaws that exist with biometric tech.
--- jtd jtd@mtnl.net.in wrote: <snip> .. <snip>
Ok so what are are claiming? that we are back to square one? or all the steps we took forward werent really forward?
Yes. Mostly. For simple cases where physical prescence is essential and can be counter verified by a person or where id verification need
not be 100.000000 % it works well. If the It dept wants to weed out false identity they are being stupid to think that existing biometric
systems will work. In fact it would be the perfect play ground for scamsters. If it is for the convienence of tax payers AES and plainold passwords work well.
So unless someone else counters the above it is very discouraging for more sophisticated applications.
Ofcourse in my case, there will be a physical identification and the biometric is used more so to pull up information quickly rather than punching in numbers (such as member #ID).. so it may just work.
-regards abhi
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On Monday 24 July 2006 11:21 pm, Abhishek Daga wrote:
Ofcourse in my case, there will be a physical identification and the biometric is used more so to pull up information quickly rather than punching in numbers (such as member #ID).. so it may just work.
It will. The simple arrangment of poping up a photo on the id device is good enough. A spoofer can spoof the finger print on his finger, but cannot spoof the pic in your pc. It is assumed that there is no access to your pic database, no method to enrol masqurede's print and there are no hostile enrollers. From this simple scenario one can see the glaring loopholes in the IT dept scheme. Add something like Mr.Blunkett's (UK home dept minister) universal mandatory id which can be used as evidence in a criminal court and u can be sure of very interesting times.
And while we are at it here is a very interesting article.
www.acsac.org/2001/papers/110.pdf
Rgds JTD
-
Abhishek Daga -
Devdas Bhagat -
Dinesh Joshi -
Gabin Kattukaran -
jtd -
Kenneth Gonsalves -
Mukund Deshmukh -
Sameer N Ingole