Very large scale systems

Very large scale systems - Challenges, needs and methods Ravindra Gadde Research Engineer Iris ID Systems, Inc. 1

Large scale biometric systems and philosophy 1 Million? 10 Million? 100 Million? Large scale biometric systems Vs. Big data system 2

Large scale biometric systems and philosophy First thing that comes to our mind, large databases (tens or hundreds of millions) Reliable identification Scalability (Volume) Identification requests (Velocity) handle False Acceptance Rate (FAR) with database size increase (Veracity) Robust and tolerant to hardware failures Velocity Volume 3

Large scale biometric systems and philosophy Large Scale Biometric system Large database Reliable Identification 4

Rome wasn t built in a day, but they were laying bricks every hour Why are they taking data? Will my data be secured? Design Enrollment Will Iris devices burn my eyes? Is this going to happen? Storage Volume Velocity 5

Large scale biometric system challenges o Biometric system Design challenges Purpose and use - proper guidelines and limits of usage Biometric modalities Which subset of people involved? Vendor lock in Proof of Concept study helps in evaluating technical, operational and behavioral hypotheses Mexico national ID(MNID) 6

Large scale biometric system challenges o Biometric enrollment challenges (Client side) Inclusion of all Biometric Failure to Enroll (FTE) Ease of use Even 4 year kid should be able to understand instructions Quality Standardized process, strong quality measures (IREX II) and operator training (IREX V) Iris capture failure cases* FTE Enrollment during UID project *Images from G. W. Quinn, J.Matey, Elham Tabassi, and P. Grother IREX V Guidance for iris Image Collection, 2014 7

Large scale biometric system challenges o Biometric data storage and matching challenges Compression Following certain standards(kind-7) for best use Biometric accuracy degrades with increase of database Providing highest accuracy with confidence Very high data and throughput Use of multi-modal, multi-identification systems(abis). Volume Velocity Iris Accuracy Statistics KIND 2 (Size ~300KB) KIND 7 (Size ~ 2.5KB) KIND 7 (Size ~ 3.5KB) True Accept Rate 99.30% 97.93% 99.13% 8 * UIDAI Reference documents KIND-7 IRIS Authentication Accuracy PoC Report May 2013 http://uidai.gov.in/images/detailed_poc_10_report_ver12a_23052013.pdf

Large scale biometric system challenges o Data security/privacy Complete secure cycle (enrollment, communication, storage, matching and entire back-end system) Spoofing during authentication and interception during communication Quality check and anti-spoofing techniques during enrollment encrypted templates and beyond (cancelable biometrics) Visual cryptography to safeguard stored databases 9

Large scale biometric system challenges o Open dissemination Keeping data secret could suggest systems are not secure, may hide out poor error rates, be behind schedule and speculations Open dissemination helps information flow between research, industry and government 10 Image taken from https://www.ulg.ac.be/cms/c_2492436/en/the-excellence-of-ulg-research-just-a-click-away

Large scale biometric system challenges System design Enrolment process Storage and matching procedures Data security Open dissemination 11

Successful large scale biometric system Large Scale Biometric System Large database Reliable Identification Policy making Large scale biometric system is not only characterized by big numbers But with reliable identification And proper policy making which address challenges 12

Large scale biometric system example Case of State Government of Andhra Pradesh, India An estimate of 83M people in the state in 2005 Subsidies for low income Low income people are identified through Ration cards before 2005* Sample Ration card * 13 * Zelazny, Frances. The Evolution of India's UID Program. Lessons Learned and Implications for Other Developing Countries. s.l. : Center For Global Development, August 2012.

Large scale biometric system example Case of Andhra Pradesh, India (Survey on Ration card system) Only 42% of the subsidies reached target audience 86M ration cards for 83M population in 2005 State Government of Andhra Pradesh decided to issue cards based on iris recognition The system was designed to check for duplicates(de-duplication) in the database using iris recognition during enrollment In the first few years, 56 Million records were enrolled 14 * Zelazny, Frances. The Evolution of India's UID Program. Lessons Learned and Implications for Other Developing Countries. s.l. : Center For Global Development, August 2012.

Andhra Pradesh s failure Failure of the system After a few thousand enrollments system failed as millions of duplicate enrollments made in to the database Initial back end technology solution was not designed to scale properly Fraudulent practices during enrollment by operators No Iris readers to subsidy providers to make sure target audience enjoys Andhra Pradesh s Large Scale system Large database Reliable Identification Policy making 15

Large scale biometric system example Case of Andhra Pradesh, India In 2008, a new contract was established for the de-duplication of iris database and for new enrollments Of 56 Million iris database, after de-duplication around 7.6 Million fake beneficiaries have been discovered. Experience helped Indian Government built one of the most efficient very large scale biometric system through Unique Identity program(aadhar). 16 * Zelazny, Frances. The Evolution of India's UID Program. Lessons Learned and Implications for Other Developing Countries. s.l. : Center For Global Development, August 2012.

Very large scale biometric system Unique Identification Authority of India(UIDAI) under program AADHAR It s the largest biometric ID program in the world so far Aimed towards 1.2billion population Multimodal which include iris, face, and fingerprints But uses iris and fingerprint for identification/de-duplication De-duplication(1:N matches) is done on every new enrollment 17

Iris in large scale biometric systems Suggestions to include Iris : - Ensure low biometric failure to enroll rate because of lack of good quality fingerprint - Increase the accuracy of the system Proof-of-Concept Study (PoC): The UIDAI conducted a Proof-of-Concept study Iris enrollment took less than a minute to capture and could be captured effectively from people, even from those who were blind. Children between 4-15 years could be biometrically enrolled correctly The accuracy levels achieved with a combination of fingerprint and iris is more than 10X. 18 * UIDAI Reference documents Ensuring Uniqueness: Collecting iris biometrics for the Unique ID Mission http://uidai.gov.in/uid_pdf/working_papers/uid_and_iris_paper_final.pdf

Current status of AADHAR As of June 11, 2014 more than 635 million people have been enrolled. Avg. of 1 Million enrollees per day Every enrollee has to be compared with all the enrolled templates on the database Total number of cross-comparisons done is around 635 trillion per day and increasing. Large database Reliable identification Policy making 19

Reliable identification in Large scale biometric systems Scalability Adding load to the system shouldn t decrease it s performance Redundancy Able to handle sudden increase in identification requests High Availability No single point of failure 20

Large scale iris matching engines Specifications 40 Million iris codes 240 Matches per second Database Containing Iris Codes Matcher Server Iris Loader Loads iris codes on to RAM Typical server contains 48GB of RAM ~ 40 Million iris codes Iris Matcher Using cores of the server tries to match iris codes Xeon Processor E5500 with 12 cores, 2.6MHz can match ~240 probe iris codes 21

Large scale iris matching engines Performance 40 Million iris codes 240 Matches per second Database Containing Iris Codes Matcher Increase in database reduces the performance Scalability Increase in number of match requests Failure of server Redundancy High Availability 22

Large scale iris matching engines Scalability Performance 80 Million iris codes 240 Matches per second Matcher 1 Matcher 2 Database Containing Iris Codes Controller 23

Large scale iris matching engines Redundancy Performance 80 Million iris codes 480 Matches per second Group 1 Load Balancer Matcher 1-1 Matcher 1-2 Group 2 Matcher 2-1 Matcher 2-2 Database Containing Iris Codes Controller 24

Large scale iris matching engines High Availability Group 1 LB-1 Matcher 1-1 Matcher 1-2 LB-2 Group 2 Matcher 2-1 Matcher 2-2 Database Containing Iris Codes Controller 25

Large scale iris matching engines Partial failure support LB-1 Matcher 1-1 Matcher 1-2 Matcher 1-3 LB-2 Matcher 2-1 Matcher 2-2 Matcher 2-3 Database Containing Iris Codes Controller 26

Demo Environment Iris Matcher1 + Controller Iris Matcher2 + Controller Iris Matcher1 + Controller Iris Matcher2 + Controller 27

28 Deployments

United Arab Emirates Expellee Program Since 2003 all borders and jails use Iris devices to enroll deported persons Each airport counter has iris devices which provide 1:N matches on backend system Till 2006, Iris records enrolled are more than 840,751* Number of iris comparisons performed- 6.3 billion/day in all-against-all search mode. 29 90 Catches/day * A.N. Al-Raisi and A.M. AL-Khouri, Iris recognition and the challenge of homeland and border control security in UAE, Telematics and Informatics 25 117-132, 2008

Mexico National ID program Issue a citizen identity cards containing biometric information Create a new database to identify up to 110 million citizens using iris, fingerprint & facial biometric data Started first to youth 4-17 ages, Achieved 30 million till date Average of 50,000 match requests per day 30

Qatar Qatar National Id and Travelers Project National and resident ID card projected to be 2million Frequent Traveler for the citizens and residents First Passport program in the world to store iris image on the epassport Enrollment is performed on each passenger upon arrival 20,000 per day 31

32 Thank you everyone

Big Data system Vs Large scale biometric system Big Data Volume Velocity Variety Correlation within data Large scale biometric Volume Velocity Veracity Identify a person 33

Iris ID Products Hardware Products Software Products icam7000 series icam4000 series (discontinued) idata EAC idata Iris SDK icam TD100 icam H100 idata Eclipse (ISO compliant SDK) icam Manager icam 7000 Series icam T10 icam D1000 IrisAccelerator INSiDE icap Iris Workstation idata SDK Device Controller)(s) 34

IrisAccelerator V6 for large scale systems High Speed Huge Capacity Backend Matching System IrisAccelerator System Software, IrisAccelerator SDK, Device Manager Remote Control and Manage through TCP/IP Network Unlimited Scale for National ID Local Database Management Load Balancing & Failover Hamming Distance Threshold Configurable Realtime System Monitoring High Security Level - PKI Based Dual Certification, SSL, Triple-DES Encryption (Communication), AES Encryption (Iris Information). High Speed Matching - Matching 10 million Record sin 1 second Redundancy Blade - Works In case of Emergency 35

36 IrisAccelerator V6 Two Variants