How to solve the INS problem of letting the wrong people into the US

How it works (long version)

  • No new ID is needed. We can use existing documents like driver's license and/or passport. The system even works with phony IDs! Let's define:
    • ID=the identification document (e.g., passport)
    • ID number= the number on the driver's license or passport or document that can electronically read via OCR or mag stripe
  • Person with a ID goes to an iris enroll station to "enroll" his iris codes and that ID type/ID number into the US database. This is done at a PC that is connected to the Internet and uses SSL to communicate with a webserver. If his iris codes are already enrolled, we'll add this ID type/ID number to the database as being associated with the iris code. We don't allow duplicate entries...e.g., a california drivers license number 12234 could only be entered into the system once. But if you created a phony ID you could enter it. This is very important. We aren't authenticating the person's identity. That is extremely hard to do without error. Instead, we are authenticating that this person is not on a "list of convicted felons" or a "watch list" That is much easier and it is much less invasive of people's privacy.
  • Because we are using iris codes, if an already enrolled person comes up to the machine, it will find his record (this is impossible with any other biometric). Therefore, a person gets ONE identity for life....basically his iris codes. So if we want to stop this guy, we just flag his iris entry which we can do by entering ANY of the IDs he's enrolled, or by entering his iris data. So even if he gets a new passport (e.g., dual citizenship or real passport from a second country obtained by lying), his iris code will cause all his passport info to be merged as far as the database goes so that he can be located by knowledge of ANY of his aliases!
  • To pass immigration or airport security, he presents ANY document that has been enrolled or just rattles off his social security number or driver's license if he remembers it. Normally, the person just presents one of his enrolled ID cards and we use the magnetic or OCR info off of the enrolled document, the iris code is retrieved and we can then do the match to determine if this is the person he claims to be. If he is, we let him through (unless his iris code is flagged to be detained). The immigration agent can also pull up all the aliases he's used too!
  • So the really interesting thing here is that we don't need a single national ID and terrorists can create and use phoney documents, but we'll still catch any person we are trying to stop. We just enroll any/all aliases of the person and the iris code is used to link all the records. When we arrest or convict a person, we enter his iris codes and all known IDs for the person (if not already entered). Therefore, the individual can be found in a variety of ways: iris scan, or typing the name/dob or driver's license or passport # that was used to pass a security checkpoint (or entered by law enforcement).
  • A more secure option is to re-issue passports and require the iris code to be presented to get a passport. Then we can "big brother" everyone. The technique described above avoids that. We only do the entry for criminals and terrorists. So we can stop a criminal using any of the data we entered into this system when he was convicted. So for example, when we convict James Bond of murder, we enter his name, DOB, etc. and his iris data. Then if we later want to stop him from boarding a plane or find him for questioning, we can enter his name/dob from his past arrests and even if he's using a phoney driver's license, we'll stop him (because he can't change his iris).

How we can help

My company has developed some technology which when combined with other existing technology can solve these problems. The technology we have developed includes:

  • a high speed pattern match that speeds up iris code matching by 1,000 or more. 
  • a very high performance client server technology capable of handling millions of simulaneous users with very inexpensive hardware requirements.

The bottom line is that for a development + equipment costs of well under $10M, the INS could have a system that does all of this.

If I were to contact the INS, I'm sure I'd get nowhere. But in light of the national security implications of this, I thought I'd see if you have a way to get someone to evaluate my proposal to see if it is worth pursuing.

It's essentially very simple.... we just add $200 iris scanners to cach entry station used by the INS. Using the Internet, we can lookup the iris code in under 1 second (using this new technology we have) to authenticate the person. With about $1M worth of computer equipment (using our high speed client server software), we can do well over 1,000 lookups per second.

No smartcards are required. It works with existing passports. It cannot be fooled and will never let someone in who we want to keep out.

Let me know if this is worth pursuing.

My company would be happy to do the work at our costs (zero profit) or provide the technology for free to another company doing the work.

We have a working demo now that shows the 2nd and 3rd point above.

 

Steve Kirsch Political Home Page

Hit Counter