Re: Desperate for business bank account

On Sunday, in article <6yv3JmI845AFFw7+@xxxxxxxxxxxxxxxxxxx>
steve@xxxxxxxxxxxxxxxxxxx "Stephen Riley" wrote:
In message <t4u3g2180gmouhvimqh1lcaj3bjgfpd91t@xxxxxxx>, Peter Saxton
<peter@xxxxxxxxxxxxxxxxx> writes
....
There wouldn't be two people with the same biometric data.

Probably not, but there isn't a 'same', it's statistics and
probabilities.

If there
was it would mean that an investigation should take place.

You've hit the 'Birthday paradox' : The chance of you having the same
birthday as someone else (in a room say) is pretty low, but the chance
of anyone in the room having the same birthday as anyone else is pretty
high (>50% with 23 people). Even quite low probabilities become
significant when compounded like this.

As you go deeper the intuition gets worse : Adding extra biometrics to
try to get around shortcomings can make things worse, because while
desirable aspects can compound, so too do less desirable aspects. For
example a biometric that's good for detecting impostors, might perform
badly at falsely claiming authorised people to be impostors (false
positives, versus false negatives). What works okay at checking
someone's identity against his own biometrics, might suck at matching
his identity against anyone in a database. This kind of screw-up hits
the news quite regularly. I've vague recollections with fingerprints and
medical data being recent cases, but forgotten the details. It's not
intuitive, but a decent book on security will cover it.

The most recent foul up I remember was the Police DNA database that took
a long time to get working right, most of which was how PEOPLE were to
read the results. Quite a large group of people at the opposite ends
of country who could (luckily) prove that it was imposible for them to
be where DNA was found. Despite what PEOPLE using the DNA database were
seeing.

DNA is supposed to be a unique biometric and if it can be used to give
wrong results, with that how can ID cards be the 'technology bullet'.

......
Better to
spend time on the exceptions rather than on everything as it is
presently.


Or spend time looking at ways it can screw-up rather than ways it might
work.

Lots of the ways things go wrong are not technology but people and procedures
using the system.

--
Paul Carpenter | paul@xxxxxxxxxxxxxxxxxxxxxxxxxxx
<http://www.pcserviceselectronics.co.uk/> PC Services
<http://www.gnuh8.org.uk/> GNU H8 & mailing list info
<http://www.badweb.org.uk/> For those web sites you hate

.