Biometrics use by the South African government

Last updated December 06, 2021

This article is about Biometrics used by the South African government to combat fraud and corruption and to increase the efficiency of service delivery to the public.^[1]

Department of Agriculture

The Department of Agriculture Head Office in Pretoria identified a need to implement more stringent system control mechanisms, including the financial system, logging onto secure applications and logging onto staff members' personal workstations.^[3] The Department applied a strict password management policy, but it had different systems for finance, Persal (the Government standard salary payment system), leave and performance management etc. The regulated constant changing of passwords resulted in forgotten passwords, lock-outs and employees sitting next to each other having access to one another's passwords.

This resulted in downtime, an administrative burden on IT staff who had more pressing concerns, and increased opportunity costs. It was also noticed that unauthorized individuals had after-hours access to the facilities.

The Agriculture Department then implemented a fingerprint biometric reader to computers, which eliminated passwords altogether.^[2] Furthermore, the readers were also installed at key access control points which meant that staff couldn't log on to machines if they didn't first gain access at these control points. This also meant that staff could be regulated as to which hours they were supposed to be working or were allowed to work. The system automatically logged you off of a computer when you 'clocked out' of the work area, which meant less wastage and stricter security.

Thus the implementation of the biometric system ensures superior security measures, ease of use, a centralized databank of access control information, and the fact that staff didn't need to carry any access control instruments to work except for their fingers.

Department of Correctional Services

As part of its attempts to increase security and reduce corruption within its facilities, the Department of Correctional Services launched its Biometric Security System in August 2006.^[4] The system included fingerprint access, closed circuit television systems and turnstile gates.

The Department recognized that the system on its own would not be effective and that staff members would have to be fully committed to and well-trained in operating the system. This included being proactive in monitoring any form of risk as well as acting promptly should a breach of security take place.

The system was grounded in the principle of fail-over and in case of power loss or other unforeseen circumstances would switch over to a fully functioning secondary site.

Future foreseen improvements to the system include closed circuit television monitoring of each individual cell, amongst others.

Department of Home Affairs

South Africa has approximately 48 million citizens, and each one of them requires a government-issued, official identification booklet, as proof of identity. This document is not only needed for public services, but also everyday actions such as renting a DVD or opening a bank or store account. This document is based on the most secure form of identification, being the individual's fingerprint. The need is undeniable; the process is time-consuming and paper-based and resulted in government archives that contain over 45 million paper files.

The Home Affairs National Identification System Project, known as HANIS, was implemented to move away from the paper system. Not only would HANIS replace the existing system with a world class digital database, but it will also ensure real time processing, verification and accessibility for every new and existing fingerprint.^[5]

NEC's Automatic Fingerprint Identification System or AFIS was selected for the contract Their fingerprint recognition technologies host an accuracy rate of more than 99.9%. The system handles 70,000 searches in one day.^[6] It allows HANIS to produce the largest citizen identification database in the world.

The Department of Home Affairs however faced quite a number of challenges to ensure successful and complete implementation of the project.

The data integrity is compromised by duplicated and/or missing data elements and data inconsistency; a lack of security around the data stores has led to fraud and corruption, which furthers contaminated data integrity; relational linkages are not formalised between different data-stores (NPR, HANIS, EDMS) and shows little relational integrity; Immigration data stores are based on expired light-weight PC based technologies; The immigration and visitor data shows no integrated and cohesive structure, and are in segmented data stores such as Refugees and Deportation, Asylum Seekers, Visitors and Visas and Movement Control. The department is working to address these issues.

The benefits in sight, however, will be a paperless environment with shorter queues, a reduction in bureaucratic delays and the accuracy of the system will dramatically reduce the possibility of identity theft and fraud.

South African Police Service

The South African Police Service (SAPS) implemented a biometric system in 2001 to secure the Integrated Justice System (IJS).^[7] Finger- and palm prints of convicted criminals have been captured in their Automated Fingerprint Identification System (AFIS)^[8] – this database is used for Identity Management (IDM) and is used to monitor criminals as well as to track down wanted criminals. Portable readers (powered by Sagem's MorphoTouch and RapID technology) are used at roadblocks around the country to identify wanted criminals and bring them to justice.

The AFIS was implemented by the Ideco Group,^[9] who also completed the HANIS system discussed above.

Additional uses of biometrics in the police services are fingerprint readers (with fake fingerprint detection functionality) for access control in departments with secure and sensitive information (e.g. forensic laboratories, stolen vehicle departments etc.).

Fingerprints are also being used as the sole method for doing criminal record background checks for commercial purposes – as the use of a name, surname or identification number has too much potential for abuse, and this system failure has led to much fraud. A full set of fingerprints is required for a criminal record check to be done on an individual. Companies who want to make use of this service (called AFISwitch) have to be enrolled with AFIS. This service has a significantly faster turnaround time (48 hours as opposed to weeks) than the traditional system for checking criminal records.

SASSA

South Africa's Social Assistance Program is the government's largest poverty alleviation intervention. It has a budget allocation of approximately R100 billion, and provides social grants to 15,8 million beneficiaries to reduce their levels of deprivation and enable them to participate in the economy.

In her budget vote speech on 2 May 2012,^[10] the Minister of Social Development, Bathabile Dlamini, conceded that the South African Social Security Agency ("SASSA") has incomplete information on beneficiary details, and that the social grant system is prone to fraud and misappropriation of funds. In a country where social assistance touches such a high proportion of citizens and incorporates dealing with enormous monetary amounts, such fraud and misappropriation of funds is a slap in the face of those truly in need, and cannot be tolerated.

As part of its strategy to address this problem SASSA has announced that all social assistance beneficiaries will be re-registered through a biometric enrollment system. Following enrollment, a biometric system will analyse physical or behavioural traits, such as fingerprints, iris, face, voice and hand geometry, to verify the identity of a beneficiary. This system will allow for effective authentication of beneficiaries, and drastically reduce the opportunities for fraud. SASSA is in the process of implementing this system, with Phase 1 having already been completed.

Biometric identification systems are, however, not foolproof. Accurately functioning systems rely on two fundamental premises – the permanence and uniqueness of the relevant biometric trait, both of which are not certain. Furthermore, there may be problems with extracting the biometric traits – for example system or environmental problems. In recent years there has been significant growth in biometric research, and this has resulted in advancements in the field. More accurate, cost-effective, secure and robust biometric systems have been developed – it is hoped that this will allow for an effective implementation of a system by SASSA.

Conclusion

The main reasons for implementing a biometrics system by the South African government seem to be the eradication of crime and corruption, and enhancing service delivery to the citizens of the country. The problems faced are to be expected, being poor infrastructure and a lack of funds.

Related Research Articles

Authentication is the act of proving an assertion, such as the identity of a computer system user. In contrast with identification, the act of indicating a person or thing's identity, authentication is the process of verifying that identity. It might involve validating personal identity documents, verifying the authenticity of a website with a digital certificate, determining the age of an artifact by carbon dating, or ensuring that a product or document is not counterfeit.

Smart card Pocket-sized card with embedded integrated circuits for identification or payment functions

A smart card, chip card, or integrated circuit card is a physical electronic authorization device, used to control access to a resource. It is typically a plastic credit card-sized card with an embedded integrated circuit (IC) chip. Many smart cards include a pattern of metal contacts to electrically connect to the internal chip. Others are contactless, and some are both. Smart cards can provide personal identification, authentication, data storage, and application processing. Applications include identification, financial, mobile phones (SIM), public transit, computer security, schools, and healthcare. Smart cards may provide strong security authentication for single sign-on (SSO) within organizations. Numerous nations have deployed smart cards throughout their populations.

Identity theft occurs when someone uses another person's personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been statutorily defined throughout both the U.K. and the United States as the theft of personally identifiable information. Identity theft deliberately uses someone else's identity as a method to gain financial advantages or obtain credit and other benefits, and perhaps to cause other person's disadvantages or loss. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator's actions. Personally identifiable information generally includes a person's name, date of birth, social security number, driver's license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person's financial resources.

Biometrics are body measurements and calculations related to human characteristics. Biometric authentication is used in computer science as a form of identification and access control. It is also used to identify individuals in groups that are under surveillance.

Living in the intersection of cryptography and psychology, password psychology is the study of what makes passwords or cryptographic keys easy to remember or guess.

Electronic authentication is the process of establishing confidence in user identities electronically presented to an information system. Digital authentication, or e-authentication, may be used synonymously when referring to the authentication process that confirms or certifies a person's identity and works. When used in conjunction with an electronic signature, it can provide evidence of whether data received has been tampered with after being signed by its original sender. Electronic authentication can reduce the risk of fraud and identity theft by verifying that a person is who they say they are when performing transactions online.

Password fatigue is the feeling experienced by many people who are required to remember an excessive number of passwords as part of their daily routine, such as to logon to a computer at work, undo a bicycle lock or conduct banking from an automated teller machine (ATM). The concept is also known as password chaos or more broadly as identity chaos.

A government database collects information for various reasons, including climate monitoring, securities law compliance, geological surveys, patent applications and grants, surveillance, national security, border control, law enforcement, public health, voter registration, vehicle registration, social security, and statistics.

Multi-factor authentication is an electronic authentication method in which a user is granted access to a website or application only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence. MFA protects user data—which may include personal identification or financial assets—from being accessed by an unauthorised third party that may have been able to discover, for example, a single password.

Cyber crime, or computer crime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Netcrime refers, more precisely, to criminal exploitation of the Internet. Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, identity theft, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.

A whole new range of techniques has been developed to identify people since the 1960s from the measurement and analysis of parts of their bodies to DNA profiles. Forms of identification are used to ensure that citizens are eligible for rights to benefits and to vote without fear of impersonation while private individuals have used seals and signatures for centuries to lay claim to real and personal estate. Generally, the amount of proof of identity that is required to gain access to something is proportionate to the value of what is being sought. It is estimated that only 4% of online transactions use methods other than simple passwords. Security of systems resources generally follows a three-step process of identification, authentication and authorization. Today, a high level of trust is as critical to eCommerce transactions as it is to traditional face-to-face transactions.

The Ghana Card is a national Identity card that is issued by the Ghanaian authorities to Ghanaian citizens – both resident and non-resident, and legally and permanently resident foreign nationals. It is proof of identity, citizenship and residence of the holder. The current version is in ID1 format and biometric.

The Lebanese identity card is a compulsory Identity document issued to citizens of the Republic of Lebanon by the police on behalf of the Lebanese Ministry of Interior or in Lebanese embassies/consulates (abroad) free of charge. It is proof of identity, citizenship and residence of the Lebanese citizens.

Biometrics refers to the automated recognition of individuals based on their biological and behavioral characteristics, not to be confused with statistical biometrics; which is used to analyse data in the biological sciences. Biometrics for the purposes of identification may involve DNA matching, facial recognition, fingerprints, retina and iris scanning, voice analysis, handwriting, gait, and even body odor.

IDEMIA is a multinational technology company headquartered Courbevoie, France. It provides identity-related security services, and sells facial recognition and other biometric identification products and software to private companies and governments.

Identity-based security is a type of security that focuses on access to digital information or services based on the authenticated identity of an individual. It ensures that the users of these digital services are entitled to what they receive. The most common form of identity-based security involves the login of an account with a username and password. However, recent technology has evolved into fingerprinting or facial recognition.

A biometric device is a security identification and authentication device. Such devices use automated methods of verifying or recognising the identity of a living person based on a physiological or behavioral characteristic. These characteristics include fingerprints, facial images, iris and voice recognition.

Identix Incorporated, established in August 1982, designed, developed, manufactured, and marketed user authentication solutions by capturing and/or comparing fingerprints for security applications and personal identification. Markets included corporate enterprise security, intranet, extranet, internet, wireless Web access and security, E-commerce, government, and law enforcement agencies.

The Department of Social Development (DSD) of South Africa is a government department responsible for providing social development, protection, and welfare services to the public. Previously called the Department of Welfare, it was renamed in July 2000. The current Minister of Social Development is Lindiwe Zulu.

Identity replacement technology is any technology that is used to cover up all or parts of a person's identity, either in real life or virtually. This can include face masks, face authentication technology, and deepfakes on the Internet that spread fake editing of videos and images. Face replacement and identity masking are used by either criminals or law-abiding citizens. Identity replacement tech, when operated on by criminals, leads to heists or robbery activities. Law-abiding citizens utilize identity replacement technology to prevent government or various entities from tracking private information such as locations, social connections, and daily behaviors.

References

↑ "Biometrics for good governance". Journal for Security, Operations and Risk Management. October 2009. Retrieved 24 August 2012.
1 2 "ITWeb". ITWeb. 5 March 2009. Retrieved 24 August 2012.
1 2 IDECO Biometrics. "Case Studies: Department of Agriculture goes biometric" (PDF). Ideco. Retrieved 12 August 2012.^{[ permanent dead link ]}
↑ Department of Correctional Services. "Speech on the Official Hand-over of the biometric security system". Department of Correctional Services. Archived from the original on 29 April 2014. Retrieved 12 August 2012.
↑ Department of Home Affairs. "Strategic Plan 2009/10 – 2011/12". Department of Home Affairs. Retrieved 12 August 2012.^{[ permanent dead link ]}
↑ NEC. "NEC biometric systems". Archived from the original on 2 July 2012. Retrieved 13 August 2012.
↑ Moyo, A (19 August 2011). "SAPS embraces fingerprint biometrics". IT Web. Retrieved 13 August 2012.
↑ Ideco. "South Africa – at the forefront of the global biometric identity movement" . Retrieved 13 August 2012.
↑ Ideco (July 2007). "Selecting a biometric technology". Journal for Security, Operations and Risk Management.
↑ Department of Social Development. "Budget Vote 2012". Department of Social Development. Archived from the original on 22 January 2014. Retrieved 13 August 2012.

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "Biometrics for good governance". Journal for Security, Operations and Risk Management. October 2009. Retrieved 24 August 2012.

[:0-2] 1 2 "ITWeb". ITWeb. 5 March 2009. Retrieved 24 August 2012.

[Ideco_Case_Study-3] 1 2 IDECO Biometrics. "Case Studies: Department of Agriculture goes biometric" (PDF). Ideco. Retrieved 12 August 2012.^{[ permanent dead link ]}

[Correctional_Services_Speech-4] Department of Correctional Services. "Speech on the Official Hand-over of the biometric security system". Department of Correctional Services. Archived from the original on 29 April 2014. Retrieved 12 August 2012.

[Home_Affairs_Strategic_Plan-5] Department of Home Affairs. "Strategic Plan 2009/10 – 2011/12". Department of Home Affairs. Retrieved 12 August 2012.^{[ permanent dead link ]}

[6] NEC. "NEC biometric systems". Archived from the original on 2 July 2012. Retrieved 13 August 2012.

[IT_Web-7] Moyo, A (19 August 2011). "SAPS embraces fingerprint biometrics". IT Web. Retrieved 13 August 2012.

[8] Ideco. "South Africa – at the forefront of the global biometric identity movement" . Retrieved 13 August 2012.

[9] Ideco (July 2007). "Selecting a biometric technology". Journal for Security, Operations and Risk Management.

[Department_of_Social_Development-10] Department of Social Development. "Budget Vote 2012". Department of Social Development. Archived from the original on 22 January 2014. Retrieved 13 August 2012.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

v t e Law enforcement in South Africa
Department of Police	South African Police Service Crime Intelligence Hawks National Intervention Unit NFDD Special Task Force Municipal Police Independent Police Investigative Directorate	Flag of South Africa
Department of Correctional Services	Prisons Life imprisonment
Crime	Sexual violence (Corrective rape) Xenophobic violence Farm attacks Taxi wars Terrorism Corruption Human trafficking Kidnapping
Commissions of Inquiry	Farlam Commission Khayelitsha Commission Zondo Commission
See also	Law Private security industry Gun politics Biometrics use Scorpions (The Directorate of Special Operations) Public Protector