"It was the myth of fingerprints
I’ve seen them all and man
They’re all the same"
18 , 2003
Hamlet beings with the words "Who goes there?"
Taken out of the play’s psychological/mythic context, the phrase
is actually an elegant expression of the basic duty of any security
device, and it even carries connotations of that trademark security
guard "politeness". The guard isn’t telling the stranger
to get away, nor is he shooting first and asking questions later.
His first duty is simple identification. After that, he can decide
on a course of action.
All security devices have this basic function: identify who’s allowed
past a certain point and who’s not, and then act accordingly. Even
the key to your front door is an identification device (albeit one
that performs both basic security functions).
Technology has had, and continues to have a dramatic impact on
security, but until recently (i.e. the last century) all the technological
upgrades focused around the second part of that equation. Instead
of better ways to tell "who goes there", we simply got
bigger doors, bigger walls, bigger guns.
The reasons for that particular bias in the technological developments
are easy to understand: how do you determine someone’s identity,
particularly if you’ve never seen them before? Though several interesting
methods were tried, the main approach for centuries was simply to
make the consequences of lying about your identity severe enough
to provide a useful deterrent.
Nowhere were these issues more pronounced than in Europe, for reasons
of simple geography. With so many borders in such a relatively small
area, even medieval travelers were bound to pass through at least
one other country.
The effectiveness of any identifying technology, anything that
helps to answer the question "who goes there", is based
upon two things: how accurately can it tell one person from another,
and how easy is it to evade (or forge)?
Identification based on simple inspection was actually quite effective
for many years. European border guards learned to be excellent readers
of body language and accents. They would closely watch everyone
passing through, listening to the way they spoke, the way they held
themselves, comparing these traits to the impressive database of
nationalities and ethnicities in their minds. These guards were
walking computers of cultural diversity, and in those days they
were the best security technology in the world. Of course, a good
actor with a good working knowledge of other cultures could fool
even the best of these guards. They were surprisingly accurate,
but still human.
Passwords were another innovation, and they are still used today,
but of all methods to identify a person or user, they are the easiest
to steal. Since the judgement of the guard (or the computer system)
is based solely on what response is given to the password request,
if you have the password, you’re home free. ("Open sesame"
could be the first example of both a password and voice recognition.)
At a certain point in European history, "Papers!" became
something of a salutation, superceding and in some cases entirely
dethroning "Who goes there". "Papers," were,
of course, identity papers - official documents, issued by governments,
complete with photograph, designed to tell whoever may have been
interested that you were, indeed, who you said you were. They were
the answer to a presumed question, but they were also relatively
easy to forge. Some imaginative printing, photographic retouching
and copied handwriting and a fake passport could be made to order.
A new identity could be had for the asking (and for a considerable
amount of money), and although guards quickly became skilled at
detecting fakes, this method worked enough of the time that it continued
to be in use for decades.
Photographs were an important innovation, but as everyone who’s
had to update their passport photo knows, even the same person can
change appearance drastically due to hairstyle, age and eyeglasses.
(Clark Kent has used this particular method to successfully conceal
his identity for over fifty years.)
The revolution in identification technology came when it was realized
that there are certain fundamental biological traits that can’t
be forged or stolen, that don’t change with age, and that are absolutely
unique. The first of these to be identified were fingerprints, in
1864. The peculiar pattern of folds and swirls on the tips of our
fingers was recognized even then as being an absolutely unique,
individual trait, and within a relatively short time, it was being
used by law enforcement agencies to track criminals. Although it
could theoretically have been used as a unique identifier for security
purposes (and indeed, fingerprints were soon added to passports),
in the early years it was hardly practical. Without the help of
computers, someone would literally have to sit down with a magnifying
glass and painstakingly go over stacks of fingerprints in order
to find a match. That process could take days, or even weeks, hardly
useful for border crossings and building security.
The wonderful thing about fingerprints was that they were the first
example of a "biometric" identifier. They score high on
both criteria for effective security devices: they’re absolutely
individually unique, and they’re impossible to steal. (Although
the odd Bond villain has tried.) Biometrics revolutionized the way
we thought about answering that question "who goes there".
The next big breakthrough came in 1935, when an article in the
New England Journal of Medicine suggested that the pattern
of blood vessels on the back of the eye (the retina) could be used
as a biometric identifier. It took several more years before imaging
technology advanced to the point where retinal scanning was practical,
many believed (and many still believe) that this is the identification
process of the future. Retinal scanning has all the advantages of
fingerprinting, but it’s somewhat more practical. Even before high-speed
computers, photographs of retinas could be compared and matches
could be made much faster than fingerprints could be identified.
The problem with retinal scanning is that it’s a very invasive
technique. Many are still uncomfortable with the thought of a laser
being shot into their eye each time they walk into work. This will
undoubtedly change as the technology improves (lower intensity beams
are one useful innovation), but there’s still something about having
a machine scan your eye that’s just…creepy.
By the late 20th century, computers gave us the chance
to experiment with just about every identification method under
the sun. Science fiction writers speculated about which would catch
on – for example, voice identification is used in 2001: A Space
Odyssey (an easily stolen identification method if there ever
was one), but over in the Star Trek universe, they used a
combination of retinal scanning and voice ID. The fact was that
at one point or another, each of these, plus a host of other technologies
(such as full facial recognition and iris scanning) were developed.
The security industry has yet to decide on a standard, but the oldest
example of biometrics, fingerprints, may be making a comeback.
The main issue with using fingerprinting as an identification device
was technological, but by now, computers have more or less eliminated
that obstacle. There are numerous innovations, based on simple image
scanning technology and pattern recognition software, that are giving
fingerprinting the edge in the race for a standard.
Recently, the US company Bioscrypt Inc. installed automatic fingerprint
readers at the Los Angeles City Hall. "The Los Angeles City Hall
deployment is a prime example of how biometrics can add not only
additional security, but also reduce costs and provide fast throughput,"
said Julia Webb, Bioscrypt’s vice president of global sales and
marketing. They had already installed similar devices at the New
York Police headquarters, again selling the system on its speed
In fact, digital fingerprint readers are ridiculously simple to
use, and require little in the way of computing power (by today’s
standards). (The Identix company even sells one that plugs into
a laptop through a USB port.) This speed and ease of use, combined
with the public’s relative comfort level with fingerprinting (as
opposed to other methods) could give it the edge it needs to become
the universally adopted standards.
Of course, there’s one important biometric identifier that we haven’t
touched on, and many believe that it’s the real wave of the future:
DNA. If there’s one thing that can never be duplicated, it’s our
genome. Every living organism (except identical twins) has a unique
DNA sequence, and law enforcement has made use of "DNA fingerprinting"
for several years with spectacular success.
In the early days, DNA fingerprinting used a method called "Random
Fragment Length Polymorphism" (RFLP), which essentially consisted
of taking a sample of DNA and chopping it up with a particular set
of enzymes. The sizes of the fragment were compared, and found to
be unique to each individual, hence a "DNA Fingerprint".
But an RFLP analysis was tedious, labor-intensive and not 100% accurate.
The somewhat "low-tech" approach only indirectly addressed
the essential difference between two samples (their sequence). Ideally,
we’d be able to compare the actual chemical sequence of two DNA
samples, set side by side, and this is in fact the approach of modern
Those getting visions of Gattaca, where a simple drop of
blood (or other fluid) can identify a person in two seconds can
relax. We’re still a long way from that sort of technology. As in
the early days of fingerprinting, it still takes a relatively long
time to sequence a sample of DNA, even with the help of automatic
sequencers and computers. On top of that, DNA is quite fragile (ask
anyone who’s ever worked in a molecular biology lab), and difficult
to acquire non-invasively.
For simple identification purposes, answering the question "who
goes there", it appears that old-fashioned fingerprinting will
be with us for some time. It’s fast, easy and it works. In the future,
maybe you won’t have to give a security or border guard your papers,
just a finger.
Dawe is a freelance writer and broadcaster living in London,
email for info