Skip to main content

The Cybersecurity Risks of Using Biometric Data to Issue Refugee Aid

July 25, 2017

Author:

Sneha Indrajit

Ensuring accountability and transparency in the distribution of refugee aid has always been a herculean task. Mismanagement of funds is rife and more often than not, aid is swallowed up by third parties rather than given directly to those in need. The use of biometric wallets and a digital currency called Ethereum might change that.

The use of Ethereum is a relatively novel idea that is being tested by the United Nations (UN) on Syrian refugee camps in Jordan.[1] In Jordanian refugee camps, Syrian refugees receive Ether (Ethereum’s digital currency) in the form of Jordanian dinars through biometric technology.[2] Essentially, they receive mobile money directly from the UN through the use of iris scans that act both as a proof of identification as well as an electronic wallet. The use of biometric wallets promises to be empowering for the financial inclusion of refugees but the pairing of biometric data with Ethereum in the provision of aid also has the potential to pose as a cybersecurity risk.

Using Ethereum

Ethereum is a decentralized blockchain based technology that supports a cryptocurrency (digital currency) called Ether. A blockchain works as a decentralized online database that permanently records digital transactions. Rather than rely on a central authority, transactions are shared and verified by a distributed network of nodes. Each transaction that is simultaneously updated across the distributed network is rendered effectively unalterable once it has been verified. Altering data requires a massive amount of computational power, decreasing the likelihood of fraudulent activity and making the technology more secure.

Ethereum’s use of a decentralized blockchain allows it to manage financial transactions independent of traditional financial institutions and negates the need for intermediaries,[3] as the transactions are verified and enforced by Ethereum’s smart contracts.[4] This, in essence allows for aid to be transferred directly from the UN to Syrian refugees.

While digital money is usually employed using smartphones, tablets or personal computers, the UN has chosen to utilize biometric technology as a means to funnel aid to refugees. This choice ties the refugees’ biometric data with Ethereum so that there is no need for refugees to own sophisticated digital devices to engage in financial transactions. Their eyes instead become their “wallet” — capable of being utilized in shops within the refugee camps[5] and withdrawn as cash at banks and ATMs in Jordan.[6]

The use of biometric technology to manage financial transactions not only negates the need for smartphones but also ensures proof of identity for refugees — making use of the technology both accessible and secure. The pairing of Ethereum with biometrics, thus, has the potential to provide Syrian refugees with financial inclusion into global markets and autonomy over their financial decisions. However, Ethereum as a platform is relatively untested and there are vulnerabilities in the way in which biometric information is collected and stored that could make this venture risky.

How Reliable is Ethereum?

Ethereum is heralded for its security. Its security rests on its blockchain platform.[7] However, Ethereum is not infallible and it has its security concerns.

For instance, ten of Ethereum’s smart contracts have been found to have vulnerabilities, seven of which were exploitable.[8] A vulnerable smart contract threatens the security of the data embedded within in it. If the smart contract is used for financial transactions, as it is in the case of the UN’s provision of aid to Syrian refugees, this could mean a potential loss of funds.

Ethereum is also vulnerable to being hacked and has been hacked before, with almost $50 million Ether having been stolen due to a security hole.[9] Resolving this issue required implementing a hard fork. A “hard fork” is the creation of a divergent, upgraded blockchain for users to use instead. Not all users switched over to the new Ethereum however, creating a division in the Ethereum community and compromising the security of the platform.[10]

Is Biometric Technology Truly Secure?

On the surface biometric identification seems like it would have impenetrable security. In reality, it is far from infallible. Iris scans, the biometric technology used for the identification of Syrian refugees, have an expected error rate of three percent.[11] This may be slight but in a refugee population of two million, translates to 60, 000 false matches.

Furthermore, biometric data is just as vulnerable to being stolen as credit card information — and due to its sensitivity, the result of theft can be more grave.[12] When an iris scan is performed, it is translated into a string of numbers that is stored in a database. The security of biometric technology is determined by how well this data is stored and managed. The current policy implemented to mitigate the risk of privacy and security breaches in the UNHCR’s biometric database for refugees is the use of a centralized database, Biometric Identity Management System (BIMS) to manage the biometric identities of refugees.[13] The use of a centralized database — no matter how secure — poses as a risk as it makes all biometric information vulnerable in the event of a single security breach.

The use of Etheruem as a blockchain to secure the financial information of Syrian refugees does provide a reprieve from this threat as Ethereum is decentralized and, thus, less vulnerable to a potential breach. However, the UNHCR has been registering the biometric information of Syrian refugees since 2013 without the use of blockchain technology.[14] Therefore, whilst Ethereum itself may be decentralized, the biometric information that is contained within BIMS and tied to Ethereum poses as a vulnerability.

Given the risk that the BIMS could be hacked and the Syrian refugees’ data stolen, the potential consequences of identity fraud for refugees becomes more severe. This is particularly true since the use of biometrics is the only identifying factor refugees have to use their digital money, and unlike credit cards, biometric identifiers cannot be replaced or changed once compromised.[15] The distinct security issues related to biometric data mean that refugees could be left both incapable of proving their identity and unable to access their finances.

A potential leak of biometric data could be highly threatening to the lives of Syrian refugees as it could prevent them from receiving aid and would effectively render an already vulnerable population even more vulnerable. The problem would become even more serious if the Syrian government gains access to their biometric data.

Balancing Identification and Privacy

Given the risks involved with biometric technology, it is worth asking why it is being implemented on a population as vulnerable as refugees. Iris recognition is far from an inexpensive option and the potential risks of biometric identity fraud could compromise the legitimacy of biometric identification as well as threaten the livelihoods of Syrian refugees. The appeal of biometric identification, however, lies in its potential uses for border control and law enforcement. This is especially since biometric technology is key in enforcing immigration law and the technology could potentially be used to control refugee populations.[16] Thus, the use of biometric technology on such a large scale treads a fine line between identification and surveillance.[17]

The potential is high for the biometric information of Syrian refugees to be cross matched with other databases. Such action would constitute “function creep” — where the scope of the technology is expanded beyond its intended purposes. This type of function creep has occurred in other instances, such as in the wake of 9/11.[18] Since then, the appeal to use biometric data for other purposes has increased. For instance, the immigration crisis and the increased anxiety surrounding the flow of refugees into Europe provides the type of policy pressure that could lead to the expanded use of biometric data. The EU has expressed interest in gaining access to the biometric information of refugees.[19]

The large scale collection of Syrian refugees’ biometric data is concerning as its may not be used to serve refugee interests but may instead be used against refugees. The degree of consent given by Syrian refugees in the collection of their biometric data is also questionable given their vulnerable status as refugees. Giving up their biometric information is their ticket to receiving aid and their only option of survival. Given the risks associated with the collection of biometric identifiers, the need to give up biometric information in exchange for aid could be seen as coercive and unethical. The ethical concerns are compounded when considering that Ethereum is a relatively untested technology being live tested on refugees.

Recommendations

Despite the risks, the pairing of Ethereum with biometrics in the provision of aid to refugees can be more beneficial than harmful if implemented with the proper protections in place. These protections should include greater regulations on how the biometric data of refugees is collected and shared so that it favors the the safety and privacy of refugees.

With regards to the storage of biometric information, ideally, the centralized database of biometric information will be stored in a decentralised blockchain technology to enhance security and make biometric information less vulnerable to being stolen. It will also prevent entities such as the UN from having massive amounts of sensitive biometric data on individuals as that information will be decentralized and will not belong to any state or non-state actor. This will minimize the vulnerability that currently exists for biometric information that is connected to digital money. It will also ensure that the privacy and security of refugees’ biometric data is protected. However, replacing traditional biometric data storage systems with blockchain technology will not prevent state and non-state actors from exercising control over biometric data.

Blockchain technology such as Ethereum are also saddled with their own set of risks and the potential security threats of giving up sensitive biometric information to a blockchain may not be immediately foreseeable. Furthermore, the high economies of scale in converting all biometric information to a blockchain is likely to be a deterrent for the UN.

Further development of blockchains and enhancements in the security of blockchains such as Ethereum as a means of securing biometric data has the potential to be an invaluable asset. Despite high costs, and potential threats, blockchains such as Ethereum have the potential to enhance security and thus should be tested on and implemented. The use of blockchain technology alone to secure biometric data is not sufficient, however, as it does not solve the underlying problem of vulnerabilities that exist within biometrics. Despite the fact that false matches are rare, they still undermine the security and reliability of biometrics. This is further compounded by the fact that biometrics cannot be altered once compromised. A potential solution to this problem might thus be to add a physical token as an authentication factor. Physical tokens can have their own inherent risks such as the potential for them to be stolen, but coupled with biometrics they can act as an insulating authentication factor for refugees in the event that biometric data is compromised.

Conclusion

The addition of physical tokens as a form of layered authentication may not be as functional as relying on biometrics alone, but it does enhance security and protect refugees, financial institutions, and the UN from potential cases of identity fraud. The combination of biometrics, and blockchain technology in the storage of biometric data coupled with added layers of protection in the form of physical tokens can create a climate where the collection of biometric information is less of a risk. The extensive use of biometric information to identify individuals will be less intrusive in a decentralized system and the use of physical tokens will prevent biometric information from being the only identifying feature of refugees. This allows for the benefits of the collection of refugees’ biometric data to be felt, whilst minimizing the risks of fraud, surveillance and errors in technology.

To truly protect the rights of refugees however, it is crucial that there is increased regulations and transparency in the way in which the biometric data of refugees is shared, so as to prevent the further marginalization of refugees.

Endnotes

[1] Castillo, Michael. “A Branch of the UN Just Launched Its First Large-Scale Ethereum Test.” CoinDesk. May 16, 2017. 

[2] Reiff, Nathan. “U.N. Launches Major Ethereum Test to Fund Refugees.” Investopedia. May 16, 2017. 

[3] Hinchliffe Emma. “Ethereum: The not-Bitcoin crytptocurrency that could help replace Uber”. Mashable. Mar 24 2017. 

[4] Peyrott, Sebastian. “An introduction to Ethereum d Smart contracts: a programmable blockchain”. Auth0. March 28 2017.

[5] Menezes, Nuno. “The UN Uses Ethereums Blockchain to Distribute Funds to Jordanian Refugee Camps.” BTCMANAGER. May 04, 2017. 

[6] Morgan, Helen. “When aid goes digital: 4 factors to bear in mind” devex. 16 January, 2017. 

[7] “Ethereum is Now the Most Secure Public Blockchain, Overtaking Bitcoin”. TRUSTNODES. May 21, 2017. 

[8] Young, Joseph. “Ethereum Smart Contract Issues Frustrate Developers with Fatal Bugs.” Cryptocoinsnews. December 11 2016. 

[9] Wong, Joon Lan, and Ian Kar. “Everything you need to know about the Ethereum “hard fork””. Quartz. July 18 2016. 

[10] Breitman, Kathleen. “Op Ed: Why Ethereum’s Hard Fork Will Cause Problems in the Coming Year.”. Bitcoin Magazine. Feb 3 2017.

[11] Nillasithanukroh, Songkhun. “Rethinking the Use of Biometric Systems for Refugee Management.” Chicago Policy Review. February 24, 2016. 

[12] Stroup, Jake. “Biometric Identification and Identity Theft.”. the balance.  May 30 2016. 

[13] Currion, Paul. “Eyes Wide Shut: The challenge of humanitarian biometrics”. IRIN. 26 August 2015. 

[14] Soliman, Sarah. “Tracking Refugees With Biometrics: More Questions than Answers.” War on the Rocks. March 09, 2016.

[15] “Biometric Security Poses Huge Privacy Risks.” Scientific American. January 1, 2014. 

[16] Farraj, Achraf. “Refugees and the Biometric Future: The Impact of Biometrics on Refugees and Asylum Seekers”. Columbia Human Rights Law Review. 2011. 

[17] Balakrishnan, Anita. “U.N. Turns to Eye Scanning Technology to Aid Syrian Refugees.” NBC News. November 5 2015. 

[18] Jacobsen, Katja Lindskov. The Politics of Humanitarian Technology: Good Intentions, Unintended Consequences and Insecurity. London and New York: Routledge, 2015.

[19] Bohlin, Anna. “Protection at the cost of Privacy – a study of the biometric registration of refugees”. University of Lund, Faculty of Law. Spring, 2008. 

This publication was made possible in part by a grant from Carnegie Corporation of New York. The statements made and views expressed are solely the responsibility of the author.