What will it take for biometric systems to take off in Africa?
By Barry Cooper and Matthew Ferreira | August 16, 2018
The high cost of installing biometric systems for identification is a key barrier to widespread adoption in African countries. The systems more than make up for their initial cost over time if they have sufficient use cases and are employed across different industries. They recoup their costs by charging a marginal amount for verification services or through internalized productivity gains by the various contributing institutions.
Most biometric identity databases in Africa are applied for a singular purpose, often resulting in multiple competing initiatives. For example, in Ghana and Nigeria there are separate biometric identity systems for voter registration, financial services, health insurance, driving licenses, and national security. The scalability of each of these systems is limited by the fact that they only process verification requests for specific transaction types and within specific population groupings. This makes it challenging to recoup the capital invested into the system, and it makes the business case for an extended biometric system almost impossible .
One solution to this challenge is to merge or link all the databases; however, it’s not that simple. Biometric identities from different initiatives cannot simply be merged into one database, because they are not interoperable. Interoperability refers to the ability of computer systems and files to communicate with each other. Much like a square cannot be pushed through a circular hole, biometric templates from one initiative are generally not interoperable with systems other than their own – often by design.
The full effect of this problem can only be understood when evaluating how biometric information is actually stored, and what biometric templates are. Biometric templates are mathematical representations of biometric measurements and data. Biometric data is obtained during the enrolment process, such as fingerprints, voice recordings, iris scans, facial pictures, and even behavioral data such as GPS movements and exhaust data. This data is converted into mathematical files known as biometric templates. Such templates serve as digital representations of the biometrics of a person, and they are used in the verification process to confirm that the biometric information provided is congruent with the stored template.
Biometric companies, often by design, install bespoke templates that prohibit interoperability. Unlike other industry standards, there are no country or regional standards mandating the use of International Organization for Standardization (ISO) biometric templates. The lack of regulatory mandate reduces the incentives for existing biometric initiatives to standardize, and result in new initiatives re-enrolling every person and creating their own templates from scratch. This effectively locks each department or initiative into a proprietary siloed system.
Why are there so many different initiatives in Africa?
Cenfri’s research revealed that limited co-ordination between government departments reinforces the challenge of interoperability. Governmental departments are often inflexible in their mandates and don’t allow for collaboration with other departments. Departments therefore work within their boundaries. Even where mandates do allow for co-operation, there is often friction and unwillingness to collaborate. For example, the National Registration Institution in Nigeria is mandated to consolidate the separate biometric databases across the country but encounters significant resistance from other government departments. The National Identification Authority (NIA) in Ghana, as another example, is mandated to be the identity management body of the country, yet separate governmental departments have developed their own biometric identity systems and do not co-ordinate with the NIA.
All is not lost
Despite interoperability issues with different templates, it’s possible to consolidate various databases at the country or regional level. This can be done through the source code, or the back-end code vendors use to generate templates. Using this code, a new biometric initiative can unlock the templates of other initiatives and access the underlying biometric files. These files can then be used to create new templates according to the desired specifications and standards. If the unlocked biometric files are of inadequate quality, they can still be processed using the ISO code and can still be used with a reasonable degree of certainty to verify people. In addition, they can be easily resampled once the person has been verified. Using this method, new initiatives don’t need to re-enroll everyone.
Source codes are normally controlled and owned by the biometric vendor – the company employed to install the system. Biometric vendors are understandably hesitant to share this code, because having sole access means they are the only entity that can perform maintenance and other profitable operations on the system. But the importance of accessing this code cannot be understated, as it can lead to immense efficiency gains for a country. Using interoperable biometrics also allows for secure and private biometric data for verification purposes in linked biometrics systems where the verification does not compromise privacy or secrecy.
In our recent paper about biometrics and financial inclusion, we presented several recommendations that should be applied depending on how far a country has progressed on its biometrics path. For initiatives with no pre-existing biometric identity systems, governments need to create an open-source identity system so vendors do not have sole control of the source code and original biometric files. For initiatives with pre-existing biometric identity systems, they should use the source code to access original images and create new templates. If vendors are unwilling to share the source code, countries should consider implementing legislation that compels them to do so.