Securing sensitive data

presidential electionsBy Marcel Hartgerink, WIBU-SYSTEMS BV and Tom Kevenaar, GenKey (06-2014)

The use of biometric identification solutions are becoming more and more commonplace, delivering many advantages in the healthcare, financial, travel and immigration, government and many other commercial areas. The use of biometrics as a means to support fair elections is also becoming increasingly common, particularly in emerging democracies where often no up-to-date administration of citizens is available. It is for this reason that countries such as Ghana, Nigeria, Kenya and the Democratic Republic
of Congo have adopted fingerprint-scanning technology to enable fair and transparent elections.

Ghana, for example, successfully deployed biometric voter registration and verification in their 2012 general elections involving more than 14 million voters. Biometric technology, however, brings its own particular social and technological challenges. Because biometrics affects an individual’s privacy and misuse in a political election could have significant ramifications to its citizens, it is critical that personal information remains secure, data is protected and software cannot be tampered with.

Selecting the right technology partners

To address the concerns of double registrations, the Electoral Commission (EC) of Ghana selected GenKey as its biometrics technology partner. GenKey, headquartered in the Netherlands, specializes in delivering biometric solutions for elections, digital healthcare, and other large-scale identity management applications.

GenKey’s challenge was to contribute to fair and transparent elections in Ghana using biometrics while at the same time protecting the sensitive data that is used in the process. Their approach was to:

  • Use biometric voter registration to capture biometrics and enroll prospective voters
  • Use large-scale biometric-based deduplication to obtain a clean voter list
  • Use biometric voter verification to ensure only eligible voters were able to cast their vote and to prevent multiple votes by the same person

GenKey’s unique privacy enhancing technology allows for storage of biometric information such that it is intrinsically privacy protected. GenKey ensured the security and integrity of its software and of the collected data by using the CodeMeter Integrity Protection and Licensing platform developed by Wibu-Systems AG, a German-based security technology leader in protecting digitals assets, intellectual property, and embedded software, such as GenKey’s biometric software solution.

Biometric voter registration

Biometric voter registration was conducted at more than 23,000 registration centers across Ghana between March 24 and May 5, 2012. Over 32,000 temporary staff were trained to operate the mobile biometric registration kits containing GenKey technology. The registration kits enabled the electronic collection of biographical information, a facial picture, and fingerprints of all ten fingers from each voter. Immediately after registration, each applicant received a voter ID card, which included the person’s photograph and a bar code with a unique ID card number. Over 14 million voter ID cards were issued.

At the end of each registration day, the collected registration data (including the biometrics of the applicants) were sent to a central system, where a biometric duplicate check was performed by GenKey’s Automated Biometric Identification System (ABIS). The ABIS system detected a total of approximately 60,000 candidate duplicates, which were forwarded to an adjudication system to determine whether it concerned fraudulent cases or not.

Biometric voter verification

To verify the identity of eligible voters on Election Day, GenKey delivered 33,500 handheld Biometric Verification Devices to the polling places, where they were operated by 26,002 trained officers. Biometric verification of a voter started with comparing the Voter ID details on the card to a master voter registry, scanning the barcode to display the photograph, and comparing the picture on the device display with the voter. If they matched, the fingerprint of the voter was then scanned for final verification. If the verification was successful, the voter was issued a paper ballot to vote.

Protecting the device software and integrity of biometric data

To secure its software code against tampering in the field, GenKey integrated Wibu-Systems CodeMeter protection platform. Each verification device was loaded with GenKey software before it was shipped to a polling station. CodeMeter encrypted the code using both symmetric and asymmetric encryption. The program code was encrypted using symmetric 128 bit AES encryption. Upon starting the application, asymmetric encryption of the digital signature was employed. CodeMeter bundles the encrypted code with a license file so that when the system boots up, the embedded software calls this file, using a digital signature to verify its authenticity. A list of conditions is then verified such as the validity of the license, or the matching of the hardware features that were initially bound to the license during the encryption process, and thus protects the integrity of the device. To ensure privacy of the data, GenKey stores biometric information in an intrinsically private format so that the information is impossible to trace.

The combined GenKey and Wibu-Systems protection solution ensured a high level of security and integrity of biometric data. It also protected GenKey’s software against potential counterfeiting and misuse during the polls.

In a statement published by the Ghana News Agency following the election, Republic of Ghana President John Dramani Mahama said “We have just come out of an historic election which witnessed progressive reforms including the use of a biometric voters register and biometric verification for voting, and which has been acclaimed by both domestic and international observers as free, fair and transparent.”

Advertisements

Tags: , ,

Categories: Identification

SUBSCRIBE & CONNECT

Subscribe to our RSS feed and social profiles to receive updates.

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: