Posted: February 28th, 2023

Research Design

Instructions

This is a continuation of an assignment that has been working. The previous work attached with sample paper. Use sample for formating.

Assignment Instructions:

Submit your Research Design
Review your articles/sources and continue writing your 25 -page literature review due week eight

Research Design is due at the end of Week 7: describe how you will test the hypothesis and carry out your analysis. This section describes the data to be used to test the hypothesis, how the student will operationalize and collect data on his/her variables, and the analytic methods that to be used, noting potential biases and limitations to the research approach. It should include:

Identification and operationalization (measurement) of variables.
A sampling plan (i.e., study population and sampling procedures, if appropriate).
Justification of case studies used.
Data collection/sources (secondary literature, archives, interviews, surveys, etc.).
a summary of analysis procedures (pattern-matching, etc.); and
Limitations of study and bias discussion.

“Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats”

American Military University

Background

Cybercrime is an issue that is quickly spreading and poses a serious threat to people, companies, and society at large (Casino et al., 2019). Due to the growing usage of technology and the internet, it is difficult for law enforcement and security professionals to keep up with cybercriminals' access to various tools and strategies. In my thesis proposal, I plan to look into the sophisticated strategies and tactics employed by cybercriminals in their criminal activity and the strategies and tactics utilized by law enforcement and security experts to recognize and counter these threats. The numerous forms of cybercrime, including advanced persistent threats, ransom ware, phishing, banking Trojans, and other sophisticated methods employed by cybercriminals, will be the focus of the research. Additionally, the research will list the current defenses employed by law enforcement and security experts and assess how well they work in identifying and reducing these dangers.

Purpose

This research aims to better understand cutting-edge cybercrime analysis methods and develop countermeasures (Sarker, 2022). To begin, we will undertake a thorough literature analysis to assess what is already known about sophisticated cybercrime methods and defences. Aside from laying the groundwork for the study's questions and goals, the literature evaluation will help reveal any holes in the existing research (Cascavilla et al., 2019). Recommendations for further study and practice, such as the need for additional in-depth examinations of certain approaches and the creation of new tactics for recognizing and reducing cybercrime risks, will be based on the results. This thesis proposal hopes to add to the present knowledge of cutting-edge cybercrime methods and the steps law enforcement and security experts take to combat them. The findings will help businesses, government agencies, and others fight cybercrime more effectively.

Research Questions:

H1. What are the current and emerging trends in cybercrime? (Nicholls,et al., 2021)

H2. What are the best methods for studying cybercrime?

H3. To what extent can organizations and law enforcement authorities successfully counteract new forms of cybercrime?

H4. What are the most common methods that cybercriminals use to gain access to networks and systems?

H5. How can organizations and law enforcement authorities improve their defenses against cybercrime?

H6. What measures can be taken to reduce the financial and reputational impact of cybercrime?

Statement of the problem

The statement of the problem in the topic of “Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats” highlights the growing threat of cybercrime and the difficulties faced by law enforcement and security professionals in combating it. With the increasing usage of technology and the internet, cybercriminals have access to numerous tools and strategies that make it challenging for security experts to keep up. The research aims to address the lack of knowledge about cutting-edge cybercrime analysis methods and the steps taken by law enforcement and security experts to combat these threats.

The problem of cybercrime is of great concern as it poses a serious risk to people, companies, and society at large. The growing sophistication of cybercrime methods, such as advanced persistent threats, ransom ware, phishing, and banking Trojans, makes it even more challenging for security experts to detect and mitigate these threats (Sarker, 2022). Despite the efforts of law enforcement and security experts, the rise of cybercrime continues, and it is becoming increasingly difficult to counteract new forms of cybercrime.

The purpose of this research is to better understand cutting-edge cybercrime analysis methods and develop countermeasures to reduce the risks posed by cybercrime. The research will analyze existing literature to assess what is already known about sophisticated cybercrime methods and defences, identify any gaps in existing research, and make recommendations for further study and practice. The results of the research will help businesses, government agencies, and others fight cybercrime more effectively and enhance the knowledge base of law enforcement and security experts in identifying and mitigating emerging threats.

Significance of the study

The significance of the study on “Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats” is two-fold. Firstly, the study aims to contribute to the knowledge base of law enforcement and security experts in identifying and mitigating emerging cybercrime threats. As cybercrime continues to grow and evolve, it becomes increasingly difficult for security experts to keep up with the sophisticated methods and tactics employed by cybercriminals. The study will provide insights into the latest trends in cybercrime and the best methods for studying cybercrime, which will help law enforcement and security experts to better understand the nature and extent of these threats and to develop effective strategies for combating them (Casino et al., 2019).

Secondly, the study will contribute to the development of strategies and tactics that organizations and government agencies can use to reduce the risks posed by cybercrime. Cybercrime poses a serious threat to individuals, companies, and society at large, and it is important that organizations and government agencies have the necessary tools and strategies in place to counteract these threats. The study will provide recommendations for further study and practice and contribute to the development of new tactics for recognizing and reducing cybercrime risks.

In addition to the contributions made to the field of cybercrime analysis and the development of strategies for combating cybercrime, the study will also have practical applications for businesses and government agencies. The findings of the study will provide organizations with a better understanding of the latest trends in cybercrime and the steps they can take to reduce the risks posed by these threats. The study will also provide a valuable resource for law enforcement and security experts, who can use the insights and recommendations provided in the study to develop more effective strategies for combating cybercrime.

Definitions of unclear terms

Cybercrime: Cybercrime is any criminal activity that involves the use of computers, networks, and the internet. This includes activities such as hacking, malware, ransomware, phishing, and other malicious activities.

Advanced Persistent Threats (APTs): An advanced persistent threat (APT) is an attack that is highly targeted, sophisticated, and difficult to detect. It is usually used by malicious actors to gain access to an organization’s network or system and steal sensitive data.

Ransom ware: Ransom ware is a type of malicious software that encrypts files on a computer, making them inaccessible. The attackers then demand a payment in exchange for the decryption key that will allow the user to regain access to their files.

Phishing: Phishing is a type of cyberattack that uses emails or other electronic messages to trick victims into revealing confidential information or downloading malicious software.

Banking Trojans: A banking trojan is a type of malicious software specifically designed to steal financial information from users. It can be used to steal login credentials, credit card numbers, or other sensitive information.

Limitations/delimitations

The research topic “Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats” is not immune to limitations and delimitations. Some of the limitations and delimitations of this study include:

Limitations:

1. Data availability: The study may face limitations in obtaining relevant and up-to-date data on cybercrime and the methods employed by law enforcement and security experts to combat these threats.

2. Time constraint: Conducting research on emerging trends in cybercrime is time-sensitive and it is possible that the study may be impacted by time constraints, as the threat landscape evolves rapidly.

3. Lack of access to sensitive information: Access to sensitive information and the methods employed by law enforcement and security experts may be limited due to confidentiality agreements and national security concerns.

4. Geographical scope: The study may be limited to the geographical region where the research is conducted, which may not accurately reflect the global threat landscape.

Delimitations:

1. Scope of the study: The study will focus on the advanced techniques used by cybercriminals and the strategies and tactics employed by law enforcement and security experts to counteract these threats.

2. Types of cybercrime: The study will focus on specific types of cybercrime such as advanced persistent threats, ransomware, phishing, and banking trojans.

3. Methods of analysis: The study will primarily focus on a literature review and the analysis of existing data and research, with limited use of primary data collection.

The limitations and delimitations of the study should be taken into consideration when interpreting the results and recommendations. Nevertheless, the findings and recommendations of the study will provide valuable insights into the complex and rapidly evolving world of cybercrime and contribute to the development of effective strategies for combating these threats.

Assumptions

In the research topic above some of the assumptions made are:

1. Availability of literature: The study assumes that there is a sufficient body of literature and data available on the topic of cybercrime and the methods employed by law enforcement and security experts to counteract these threats.

2. Relevance of existing literature: The study assumes that the existing literature on the topic is relevant and up-to-date, reflecting the current state of the field.

3. Relevance of data sources: The study assumes that the data sources used in the analysis are relevant and reliable, and accurately represent the threat landscape.

4. Geographical relevance: The study assumes that the threat landscape is similar across different geographical regions, and that the findings are relevant to other regions as well.

5. Research methodology: The study assumes that the methodology used in the research, including the literature review and analysis of existing data, is appropriate and sufficient to address the research questions.

Theoretical framework

This research will draw upon various theories related to cybercrime analysis and the methods used to identify and mitigate emerging threats. For instance, the theory of deterrence will be used to explain why certain cybercriminals may continue to commit cybercrimes despite the presence of effective countermeasures (Cascavilla et al., 2019). Additionally, the theory of rational choice will be utilized to explain why some cybercriminals choose to use certain strategies and tactics (Nicholls et al., 2021). The goal of this research is to understand the various strategies and tactics employed by cybercriminals and the methods used by law enforcement and security experts to combat these threats. By examining these theories, it is hoped that the research will provide insight into the various forms of cybercrime and the best possible ways to identify and mitigate them.

Schedule and Objectives for the Work

The research for this project is expected to be completed over the course of a year, with the first three months devoted to the literature review. During this time, I will examine existing research related to cybercrime analysis and the methods used to identify and mitigate emerging threats. This review will help to identify any gaps or inconsistencies in the existing literature and will allow me to develop research questions that will guide the rest of the project. The following six months will involve data collection and analysis. For this part of the project, I plan to utilize both qualitative and quantitative methods. This will include interviews with security and law enforcement experts, surveys of businesses and other organizations, and analysis of existing cybercrime data.

The last three months of the project will involve writing and revising the thesis and preparing for the final submission. During this time, I will also be preparing for any presentations or other public events related to the project. The primary objectives of the project are to better understand the strategies and tactics employed by cybercriminals in their criminal activities and to assess the methods used by law enforcement and security experts to recognize and counter these threats (Gyamfi & Jurcut, 2022). Additionally, the project will list the current defenses employed by law enforcement and security experts and evaluate how well they work in identifying and reducing these dangers.

References

Casino, F., Politou, E., Alepis, E., & Patsakis, C. (2019). Immutability and decentralized storage: An analysis of emerging threats. IEEE Access, 8, 4737-4744.

https://ieeexplore.ieee.org/abstract/document/8941045

Gyamfi, E., & Jurcut, A. (2022). Intrusion detection in internet of things systems: A review on Design Approaches Leveraging Multi-Access Edge Computing, machine learning, and datasets. Sensors, 22(10), 3744.

https://doi.org/10.3390/s22103744

Mliki, H., Kaceam, A., & Chaari, L. (2021). A comprehensive survey on intrusion detection based machine learning for IOT Networks. ICST Transactions on Security and Safety, 8(29), 171246.

https://doi.org/10.4108/eai.6-10-2021.171246

Sibi Chakkaravarthy, S., Sangeetha, D., Cruz, M. V., Vaidehi, V., & Raman, B. (2020). Design of intrusion detection honeypot using social leopard algorithm to detect IOT ransomware attacks. IEEE Access, 8, 169944–169956.

https://doi.org/10.1109/access.2020.3023764

Sarker, M. G. R. (2022). An Interlinked Relationship between Cybercrime & Digital Media. IJFMR-International Journal For Multidisciplinary Research, 4(6). 1051.

https://www.ijfmr.com/papers/2022/6/1051

“Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats”

American Military University

ISSC699

I. INTRODUCTION

Background: Cybercrime is an issue that is quickly spreading and poses a serious threat to people, companies, and society at large (Casino et al., 2019). Due to the growing usage of technology and the internet, it is difficult for law enforcement and security professionals to keep up with cybercriminals’ access to various tools and strategies. In my thesis proposal, I plan to look into the sophisticated strategies and tactics employed by cybercriminals in their criminal activity and the strategies and tactics utilized by law enforcement and security experts to recognize and counter these threats. The numerous forms of cybercrime, including advanced persistent threats, ransomware, phishing, banking trojans, and other sophisticated methods employed by cybercriminals, will be the focus of the research. Additionally, the research will list the current defenses employed by law enforcement and security experts and assess how well they work in identifying and reducing these dangers.

Purpose: This research aims to better understand cutting-edge cybercrime analysis methods and develop countermeasures (Sarker, 2022). To begin, we will undertake a thorough literature analysis to assess what is already known about sophisticated cybercrime methods and defences. Aside from laying the groundwork for the study’s questions and goals, the literature evaluation will help reveal any holes in the existing research (Cascavilla et al., 2019). Recommendations for further study and practice, such as the need for additional in-depth examinations of certain approaches and the creation of new tactics for recognizing and reducing cybercrime risks, will be based on the results.

This thesis proposal hopes to add to the present knowledge of cutting-edge cybercrime methods and the steps law enforcement and security experts take to combat them. The findings will help businesses, government agencies, and others fight cybercrime more effectively.

Research Questions:

· What are the current and emerging trends in cybercrime? (Nicholls,et al., 2021)

· What are the best methods for studying cybercrime?

· To what extent can organizations and law enforcement authorities successfully counteract new forms of cybercrime?

II. LITERATURE REVIEW

Overview: The term “cyber security” refers to safeguarding digital assets, like trade secrets and customer information, from unauthorized access and use. Cybercrime has been recognized by the United States government as a significant threat to the country’s economy and national security, making it a critical management issue. Cybercrime can take several shapes, from direct attacks (such as hacking or DDoS) to indirect ones (such as the disclosure of private information or fraud) (Gyamfi & Jurcut, 2022). Businesses are stepping up their own cybersecurity measures in response to rising instances of cybercrime caused by recent developments. With most businesses now being transacted online, hackers have access to a wealth of valuable information about sales, consumers, markets, and new product development. Supply chains and mobile devices are embedded within the same networks for convenience and efficiency. However, this also makes them very susceptible to attack by hackers.

In addition, malicious actors are growing more sophisticated in their attacks on significant firms. This includes both professional cybercrime organizations and state-sponsored groups, and political hacktivists. Malicious actors are usually ahead of corporate cybersecurity teams in terms of technology and methodology since they can continually produce more complicated malware or advanced targeted attacks, while cybersecurity primarily relies on response, giving it the upper hand. The FBI estimates that in 2019, cybercrime would cost U.S. firms $3.5 billion, and they receive more than 1,300 reports of cybercrime every day (Gyamfi & Jurcut, 2022). Since many companies are reluctant to report ransomware attacks for fear of reprisal, it is estimated that the true annual cost is closer to $9 billion. The average cost of an attack on a small or medium-sized firm is $200,000, with as many as 60% of those enterprises closing their doors permanently due to the attack.

Human weaknesses, rather than technology flaws, are often the target of the most complex cyberattacks. Human behavior is predictable and easily manipulated, in contrast to technology flaws, which are simple to fix and remedy. In so-called “social engineering,” criminals study a target’s network and social interactions to launch personalized “phishing” campaigns. These are designed to trick workers into doing something irresponsible, like opening a link or downloading a file that introduces malware into the company network or spyware that can recognize login credentials for future exploitation. Applying AI and ML to the problem of spotting and stopping cyberattacks is a primary focus of study in this area. Examples include detecting and classifying network traffic in real-time using AI and ML approaches, which can aid in the early detection and mitigation of cyber assaults (Mliki et al., 2021). Feature selection and feature engineering were also recognized as critical to boosting these methods’ effectiveness, which was a major takeaway from the research.

Another area of study is analysing data to spot and counteract cyber dangers. One study (Li, 2021) demonstrated that big data analytics could be utilized to spot telltale signs of a cyber-attack in the midst of regular network traffic. The research also indicated that analysts could benefit from data visualization approaches by gaining a deeper understanding of the data and making more educated decisions about responding to cyber threats.

Relevant Theories and Models: The usage of intrusion detection systems is a significant theory and paradigm in cybercrime (IDS) study. IDSs monitor network traffic for anomalies to identify and categorize cyber assaults. To detect attacks, machine learning algorithms are applied to the data collected from the network’s packets. To identify both common and uncommon attacks, studies suggested an intrusion detection system (IDS) that employs a mix of supervised and unsupervised learning methods (Gyamfi & Jurcut, 2022). The IDS was validated on a sizable sample of network traffic, demonstrating a low false positive rate and great accuracy. This supports the idea that incorporating machine learning techniques into intrusion detection systems can be a valuable tool in the fight against cybercrime. The usage of honeypots is another popular approach and idea in cybercrime analysis. Decoy systems, known as honeypots, are used to lure and trap hackers. Cybersecurity assaults can be identified and countered in real-time with the help of such technologies. In order to identify and counteract cyberattacks, Sibi Chakkaravarthy et al. (2020) developed a honeypot-based system powered by ML algorithms. The system was found to be effective in detecting and responding to a wide range of cyber threats during testing in a simulated network environment. Honeypots and intrusion detection systems are just two examples of the ideas and models now in use in the field of cybercrime investigation. These hypotheses and models show the promise of employing cutting-edge strategies like machine learning and artificial intelligence to identify and counteract cyberattacks. It is worth noting that neither the theories nor the models are infallible and that cybercriminals are always developing novel evasion methods. That’s why businesses must keep up with evolving cybersecurity threats and refine their own defences accordingly.

Gaps in the Literature: There has been substantial progress in creating cutting-edge methods for cybercrime analysis, however, there are still some knowledge gaps that require filling. More study is needed to determine how successful these methods are against various cyber threats. There is a need for more significant research on the efficiency of AI and ML techniques in detecting application-based assaults, for instance, even though many studies have demonstrated that these methods are effective in detecting network-based attacks (Gyamfi & Jurcut, 2022). More investigation is required into the scalability and resilience of these methods for big and complex systems.

III. METHODOLOGY

Research Design: In the study’s methodology, the research design is a mixed-methods investigation that combines qualitative and quantitative strategies. This approach allows for a more comprehensive understanding of the studied topic as it combines different perspectives and data sources.

Data Collection: Primary and secondary sources, including in-depth interviews with subject matter experts and surveys of cybercrime-affected businesses, will be used to compile the gathered information. The primary data collection method used in this study is in-depth interviews with 10 IT managers who have experience in dealing with cybercrime issues. These interviews were conducted to gather insights and perspectives from the IT managers on the advanced techniques used to identify and mitigate emerging cyber threats (Gyamfi & Jurcut, 2022). This data collection method allows for a deeper understanding of the subject matter and allows the researcher to explore and clarify issues in more detail. Secondary data collection methods were also used, such as surveys of businesses that have been affected by cybercrime. These surveys were used to gather information on the impact of cybercrime on businesses and the techniques they use to address these issues. This data collection method allows the researcher to gather a large amount of data from a broad sample of participants in a relatively short time.

Data Analysis: The data collected from both primary and secondary sources will then be analyzed using different techniques such as network analysis, statistical analysis, and content analysis (Gyamfi & Jurcut, 2022). These techniques will be used to examine and interpret the data to identify patterns, trends, and relationships.

Ethical Considerations: The study also considers ethical considerations, such as informed consent, confidentiality, and respect for participants. This means that the participants were fully informed about the study and voluntarily agreed to participate. The information collected from the participants will be kept confidential, and their identities will be protected. And the study will be conducted in a manner that respects the participants’ rights and well-being.

IV. RESULTS AND DISCUSSION

Presentation of Findings: In the results and discussion section, one of the key findings is that the IT managers interviewed agreed that a lack of knowledge and training about cyber threats and cybersecurity increases cyber-attack cases. The quantitative results demonstrated that 80% of the participants, 8 IT managers, accepted that employees contribute much to cyber-attacks and should be prioritized. The other three (30%) were committed to more effort being directed toward technology improvement, including regular patching, AI and ML (Mliki et al., 2021). This finding aligns with the literature review, highlighting the importance of staying informed and educated about the latest cyber threats and trends to effectively prevent and respond to cyber-attacks.

Interpretation of Results: The IT administrators also admitted that weak technology and unprotected systems are factors in the prevalence of cyber-attacks. This result accords with the literature review’s discussion of the difficulties in keeping up with the rapid development of technology and the necessity for businesses to upgrade and patch their systems to close security holes frequently. The study also indicated that IT managers understand the need to invest in cutting-edge methods like artificial intelligence and machine learning, data analytics, and network forensics to detect and counteract new forms of cybercrime (Mliki et al., 2021). This is in keeping with the findings of the literature evaluation, which highlighted the potential of such methods to enhance the efficiency and effectiveness of cybercrime analysis. The literature review has mentioned that human weaknesses rather than technology flaws are often the target of the most complex cyberattacks, which is consistent with the findings of the study that IT managers believe that human behavior is a major factor in cybercrime and that social engineering is one of the most common ways to infiltrate company’s network.

Implications for Future Research and Practice: In the results and discussion section, one of the key findings is that the IT managers interviewed agreed that a lack of enough knowledge and training about cyber threats and cybersecurity increases the cases of cyber-attacks. This finding aligns with the literature review, highlighting the importance of staying informed and educated about the latest cyber threats and trends to effectively prevent and respond to cyber-attacks (Nicholls et al., 2021). The IT managers also acknowledged that technology and system vulnerability could contribute to the occurrence of cyber-attacks. This finding is consistent with the literature review, which discussed the challenges of keeping up with the constant evolution of technology and the need for organizations to regularly update and patch their systems to prevent vulnerabilities from being exploited by cybercriminals.

The study also found that IT managers know the importance of investing in advanced techniques such as AI and ML, data analytics, and network forensics for identifying and mitigating emerging cyber threats. This aligns with the literature review, which discussed the potential benefits of these techniques for improving the efficiency and effectiveness of cybercrime analysis.

Furthermore, the study found that IT managers believe that human behavior is a significant factor in cybercrime and that social engineering is one of the most common ways to infiltrate a company’s network, this is also in line with the literature review that has mentioned that human weaknesses rather than technology flaws are often the target of the most complex cyberattacks.

V. CONCLUSION

Summary of Main Findings: The study’s results show that IT managers blame both a lack of knowledge and training and technological and system vulnerabilities for the prevalence of cyber-attacks. The research also backs up the conclusions drawn from the literature review, which state that cutting-edge methods like AI and ML, data analytics, and network forensics can help spot and counteract new forms of cybercrime (Mliki et al., 2021). Moreover, IT directors recognize that user behavior plays a significant role in cybercrime and that social engineering is a common means by which hackers gain access to a business’s computer system.

Recommendations for Future Research and Practice: Additional study of cybercrime analysis with AI and ML: IT managers think these tools could make cybercrime investigations more accurate and efficient. To fully understand the capabilities and limitations of these technologies and to create techniques for their practical application in identifying and mitigating emerging cyber risks, further study is required. Spend money on methods that focus on people: The research showed that social engineering is a typical tactic used by cybercriminals to break into a company’s network because it takes advantage of people’s natural tendencies to trust others and share information. Company leadership should allocate resources to training programs that inform workers of the risks posed by social engineering and how to avoid falling prey to it.

References

Cascavilla, G., Tamburri, D. A., & Van Den Heuvel, W. J. (2021). Cybercrime threat intelligence: A systematic multi-vocal literature review.
Computers & Security,
105, 102258.

Cybercrime threat intelligence: A systematic multi-vocal literature review – ScienceDirect

Casino, F., Politou, E., Alepis, E., & Patsakis, C. (2019). Immutability and decentralized storage: An analysis of emerging threats.
IEEE Access,
8, 4737-4744.

Immutability and Decentralized Storage: An Analysis of Emerging Threats | IEEE Journals & Magazine | IEEE Xplore

Li, S. (2021). Development trend of computer network security technology based on the Big Data Era.
Journal of Physics: Conference Series,
1744(4), 042223. https://doi.org/10.1088/1742-6596/1744/4/042223

Mliki, H., Kaceam, A., & Chaari, L. (2021). A comprehensive survey on intrusion detection based machine learning for IOT Networks.
ICST Transactions on Security and Safety,
8(29), 171246. https://doi.org/10.4108/eai.6-10-2021.171246

Nicholls, J., Kuppa, A., & Le-Khac, N. A. (2021). Financial Cybercrime: A Comprehensive Survey of Deep Learning Approaches to Tackle the Evolving Financial Crime Landscape.
IEEE Access.

IEEE Xplore Full-Text PDF:

Sarker, M. G. R. (2022). An Interlinked Relationship between Cybercrime & Digital Media.
IJFMR-International Journal For Multidisciplinary Research,
4(6).

1051 (ijfmr.com)

Outline

American Military University

ISSC699

“Advanced Techniques for Cybercrime Analysis: Identifying and Mitigating Emerging Threats”

I. INTRODUCTION

Background: Cybercrime is an issue that is quickly spreading and poses a serious threat to people, companies, and society at large (Casino et al., 2019). Due to the growing usage of technology and the internet, it is difficult for law enforcement and security professionals to keep up with cybercriminals’ access to various tools and strategies. In my thesis proposal, I plan to look into the sophisticated strategies and tactics employed by cybercriminals in their criminal activity and the strategies and tactics utilized by law enforcement and security experts to recognize and counter these threats. The numerous forms of cybercrime, including advanced persistent threats, ransomware, phishing, banking trojans, and other sophisticated methods employed by cybercriminals, will be the main focus of the research. Additionally, the research will list the current defenses employed by law enforcement and security experts and assess how well they work in identifying and reducing these dangers.

Purpose: This research aims to understand cutting-edge cybercrime analysis methods better and develop countermeasures (Sarker, 2022). To begin, we will undertake a thorough literature analysis to assess what is already known about sophisticated cybercrime methods and defenses. Aside from laying the groundwork for the study’s questions and goals, the literature evaluation will help reveal any holes in the existing research.

After this, I will go on to the next stage of the study process: collecting and analyzing the data. To do this, I will compile information from various resources, including scholarly articles, official reports, and in-depth interviews with industry professionals. Several methods will be used to examine the data, including network analysis, statistical, and content analysis.

The study’s findings will be presented and discussed considering its research questions and goals, focusing on identifying sophisticated cybercrime strategies and the methods employed by law enforcement and security experts to detect and counteract them (Cascavilla et al., 2019). Recommendations for further study and practice, such as the need for additional in-depth examinations of certain approaches and the creation of new tactics for recognizing and reducing cybercrime risks, will be based on the results.

This thesis proposal hopes to add to the present knowledge of cutting-edge cybercrime methods, and the steps law enforcement and security experts take to combat them. The findings will help businesses, government agencies, and others fight cybercrime more effectively.

Research Questions:

· What are the current and emerging trends in cybercrime? (Nicholls,et al., 2021)

· What are the best methods for studying cybercrime?

· To what extent can organizations and law enforcement authorities successfully counteract new forms of cybercrime?

II. LITERATURE REVIEW

Overview: This literature review will present an overview of recent studies on sophisticated cybercrime analysis. Evolving patterns in cybercrime, methods for evaluating cybercrime, and plans for reducing cyber threats will all be discussed.

Relevant Theories and Models: Network analysis, behavioral analysis, and data mining are just a few topics covered in the literature review about cybercrime analysis.

Gaps in the Literature: The literature evaluation will also reveal where the field of cybercrime analysis needs to grow, such as in the areas of attention dedicated to new threats and in-depth examinations of certain methodologies.

III. METHODOLOGY

Research Design: Both qualitative and quantitative strategies will be used in this research, making it a mixed-methods investigation.

Data Analysis: Network analysis, statistical analysis, and content analysis are just a few methods used to examine the data.

Ethical Considerations: The study will be conducted by ethical guidelines for research, including informed consent, confidentiality, and respect for participants.

IV. RESULTS AND DISCUSSION

Presentation of Findings: Both quantitative and qualitative findings will be laid down in an easy-to-understand format as part of the study’s final report.

Interpretation of Results: Findings will be analyzed considering the study’s aims and issues to prevent and respond to new forms of cybercrime.

Implications for Future Research and Practice: Recommendations for future research and practice will be derived from the study’s results, such as the necessity for more research into certain methodologies and the creation of new tactics for minimizing cybercrime risks (Nicholls et al., 2021).

V. CONCLUSION

Summary of Main Findings: The conclusion will provide a brief overview of the study’s key results, including the most prominent ongoing and prospective cybercrime trends, the most fruitful methods for studying cybercrime, and ways for combating new forms of cyberthreat.

Recommendations for Future Research and Practice: The last section of the paper will provide recommendations for further study and practice, such as the need for in-depth examinations of certain tactics and the creation of new strategies for minimizing cybercrime risks.

References

Cascavilla, G., Tamburri, D. A., & Van Den Heuvel, W. J. (2021). Cybercrime threat intelligence: A systematic multi-vocal literature review.
Computers & Security,
105, 102258.

Cybercrime threat intelligence: A systematic multi-vocal literature review – ScienceDirect

Casino, F., Politou, E., Alepis, E., & Patsakis, C. (2019). Immutability and decentralized storage: An analysis of emerging threats.
IEEE Access,
8, 4737-4744.

Immutability and Decentralized Storage: An Analysis of Emerging Threats | IEEE Journals & Magazine | IEEE Xplore

Nicholls, J., Kuppa, A., & Le-Khac, N. A. (2021). Financial Cybercrime: A Comprehensive Survey of Deep Learning Approaches to Tackle the Evolving Financial Crime Landscape.
IEEE Access.

IEEE Xplore Full-Text PDF:

Sarker, M. G. R. (2022). An Interlinked Relationship between Cybercrime & Digital Media.
IJFMR-International Journal For Multidisciplinary Research,
4(6).

1051 (ijfmr.com)

BIOMETRICS IN THE UNITED STATES: BALANCING PRIVACY, SECURITY,

AND

ACCESSIBILITY

A Master Thesis

Submitted to the Faculty

American Military University

YOUR

NAME

In Partial Fulfillment of the

Requirements for the Degree

Master of Science

May 2014

American Military University

Charles Town, WV

BIOMETRICS IN THE UNITED STATES ii

The author hereby grants the American Public University System the right to display these

contents for educational purposes

The author assumes total responsibility for meeting the requirements set by United States

domain.

BIOMETRICS IN THE UNITED STATES iii

DEDICATION

I dedicate this thesis to my parents, wife, and dogs. I could not have completed this work

without their patience, understanding, support, and encouragement. I owe all of them some time

and attention that has been deferred while I have worked on this

study.

BIOMETRICS IN THE UNITED STATES iv

ACKNOWLEDGMENTS

XXXX

BIOMETRICS IN THE UNITED STATES v

ABSTRACT OF THE THESIS

BIOMETRICS IN THE UNITED STATES: BALANCING PRIVACY, SECURITY, AND

ACCESSIBILITY

NAME

American Military University, May 2014

Charles Town, West Virginia

Dr. Novadean Watson-Stone, Thesis Professor

Biometrics technology has the potential to improve security, protect privacy, and increase

accessibility. However, the technology has not been utilized to its full potential. This paper will

review existing literature and past studies to highlight existing biometrics, biometrics usage,

privacy concerns, and actions that can be taken to mitigate those concerns. The purpose of this

literature review is to identify potential uses for biometrics in the United States and steps that can

be taken to implement that technology. Additionally, this paper will discuss a study conducted

to determine the current attitudes of American citizens towards biometrics. The study was

conducted electronically using both quantitative and qualitative methodology and determined

that there are several factors that influence acceptance of biometrics by Americans including the

security of the information, the age of the participant, and the education level of the individual.

The study also determined that Americans are generally accepting of biometrics use, but there

are some concerns about the technology, how it is used, and its accuracy.

Keywords: biometrics, privacy, security, accessibility, technology acceptance

BIOMETRICS IN THE UNITED STATES vi

TABLE OF CONTENTS

DECLARATION ………………………………………………………………………………… iii

ACKNOWLEDGMENTS ………………………………………………………………………. iv

ABSTRACT ……………………………………………………………………………………… v

TABLE OF CONTENTS …………………………………………………………………………vi

LIST OF TABLES ………………………………………………………………………………. ix

LIST OF FIGURES ……………………………………………………………………………… x

CHAPTER

I. I

INTRODUCTION……………..…………………………………………………………. 1

Problem Statement ………………………………………………………………………. 2

Purpose …………………………………………………………………………………… 2

Hypotheses ……………………………………………………………………………….. 2

Significance of the Study

………………………………………………………………… 3

II. L

LITERATURE REVIEW…………..…………………………………………………….. 5

Biometrics Overview, Modalities, & Accuracy ………………………………………….. 5

Current Biometrics Uses in United States and Abroad ….………………………………. 10

BIOMETRICS IN THE UNITED STATES vii

Previous Surveys ………………………………………………………………………… 15

Concerns About Biometrics ……………………………………………………………. 21

Mitigating Measures to Address Concerns ……………………………………………… 25

Actions to Improve Acceptance ………………………………………………………… 27

Remaining Questions …………………………………………………………………… 2

III. M

METHODOLOGY……………………………………………………………………… 31

Data Collection Technique ……………………………………………………………… 31

Subjects and Setting …………………………………………………………………….. 33

Statistical Analysis ……………………………………………………………………… 34

Limitations of the Study …………………………………………………………………34

IV. R

RESULTS……………………………………………………………………………….. 37

Demographics and Response Distribution ……………………………………………… 37

Impact of Education ……………………………………………………………………… 44

Impact of Different Modalities …………………………………………………………. 45

Impact of Gender and Age ……………………………………………………………… 46

Impact of Experience with Biometrics .………………………………………………… 47

Impact of Employment Status ………………………………………………………….. 49

BIOMETRICS IN THE UNITED STATES viii

V. D

DISCUSSION AND CONCLUSION .…………………………………………………. 51

VI. S

SUMMARY …………………………………………………………………………….. 58

VII. R

RECOMMENDATIONS ……………………………………………………………….. 60

LIST OF REFERENCES………………………………………………………………………… 61

APPENDICES…………………………………………………………………………………… 67

Appendix A: Survey Questions…………………………………………………………. 67

Appendix B:

Survey Summary

…………………………………………………………. 74

BIOMETRICS IN THE UNITED STATES ix

LIST OF TABLES

TABLE PAGE

1. Number of Participants by Demographic …………………………………………………….. 38

2. Quantitative Questions ………………….…………………………………………………… 41

BIOMETRICS IN THE UNITED STATES x

LIST OF FIGURES

FIGURE PAGE

1. Gender Distribution of the Sample

Population

……………………………………………… 39

2. Age Distribution of the Sample Population …………………………………………………. 39

3. Education Distribution of the Sample Population …………………………………………… 39

4. Employment Distribution of the Sample Population ………………………………………… 39

5. Experience Distribution of the Sample Population ………………………………………….. 40

6. Response Distribution by Question ………………………………………………………….. 40

7. Qualitative Question #1 Responses …………………………………………………………. 42

8. Qualitative Question #2 Responses …………………………………………………………. 42

9. Qualitative Question #3 Responses ………………………………………………………….. 43

10. Qualitative Question #4 Responses ………………………………………………………… 44

11. Impact of Education on Biometrics Acceptance …………………………………………… 45

12. Impact of Gender on Biometrics Acceptance ……………………………………………… 47

13. Impact of Age on Biometrics Acceptance …………………………………………………. 47

14. Impact of Experience on Biometrics Acceptance ………………………………………….. 49

15. Impact of Employment Status on Biometrics Acceptance …………………………………. 50

BIOMETRICS IN THE UNITED STATES 1

Biometrics in the United States: Balancing Privacy, Security, and Accessibility

Introduction

Biometrics can be defined as either a characteristic or a process. When used as a

characteristic, biometrics is a measurable physical or behavioral characteristic that can be used

for automated recognition and when used as a process, it is the automated method of identifying

an individual based on those characteristics (National Science and Technology Council, 2006a).

At the very basic understanding, biometric technology can be used to either authenticate an

individual or identify an individual. This can be achieved through a one-to-one authentication

where the individual’s biometric identifiers are compared to the biometrics stored on an

identification document or database for that individual or through a one-to-many authentication

where the biometric identifiers from the individual are compared to many biometrics in order to

identify the individual from a biometric match (LeHong & Fenn, 2013). Biometrics, including

fingerprints, iris, facial recognition, gait analysis, voice analysis and many other measurable

physical and behavioral characteristics, can be used for many purposes to include authenticating

an identity, enhancing security, identifying terrorists and criminals, and enabling convenience

features such as reducing requirements for passwords (“Biometrics researchers aim,” 2013).

While biometrics technology is used in some companies and fields, its use is not

widespread throughout the United States and it is not being used to its full potential. The

technology has the ability to positively impact security and protect the privacy interests of the

citizens of the United States as well as to improve the quality of life through reducing fraud,

expediting screening processes, and eliminating the need to carry identification documents. This

paper intends to prove that the benefit of biometrics technology has no impact on its acceptance

BIOMETRICS IN THE UNITED STATES 2

by United States citizens. It also seeks to prove that greater socialization during development of

biometrics technology will lead to greater acceptance of the technology.

Problem Statement

While the potential for biometrics information to be misused by the government or

commercial organizations exist, the benefits outweigh the risks. Biometrics can be used to

balance privacy, security, and accessibility by accurately verifying the identity of an individual,

minimizing the potential of fraud, and possibly eliminating the need for identification documents

and passwords. This study is designed to identify the types of biometric technologies that can be

used to achieve that balance and in what conditions American citizens find their use acceptable.

Purpose

The goal of this study is to analyze data gathered on different modalities of biometric

technology, its use, and the opinions of American citizens regarding the technology to identify

areas and situations where biometric technology can be used, conditions that must be met, and

steps that can be taken to mitigate the concerns and gain the trust of American citizens. This

paper will evaluate current uses of biometric technology in the United States and elsewhere to

determine potential uses of biometric technology in the future. This paper will discuss the

characteristics of different biometric modalities, their accuracy rates, and the level of

invasiveness associated with them. Combined with the data and opinions gathered from survey

participants, this study seeks to understand the limitations of the technology and acceptable use

by the American public to identify viable uses of biometric technology in the United States to

achieve a balance of privacy concerns, security, accessibility, and convenience.

Hypotheses or Research Questions

BIOMETRICS IN THE UNITED STATES 3

The study intends to prove or disprove nine hypotheses. These hypotheses will be

evaluated through the results of the literature review and the survey.

H1. There is no statistically significant evidence that the trust that personal information

will be protected impacts

the

acceptance of biometric technology.

H2. There is no statistically significant evidence that the act of socialization and public

consultation prior to implementation impacts the acceptance of biometric technology.

H3. There is no statistically significant evidence that the age of an individual has an

impact on the acceptance of biometric technology.

H4. There is no statistically significant evidence that desirable convenience features, such

as the elimination of the need for passwords or expedited security screening, have an impact on

the acceptance of biometric technology.

H5. There is no statistically significant evidence that the use of biometrics impacts

American citizens’ perception of security.

H6. There is no statistically significant evidence that the increase in the level of security

impacts acceptance of biometric technology.

H7. There is no statistically significant evidence that the level of education obtained by

an individual impacts acceptance of biometric technology.

H8. There is no statistically significant evidence that an individual’s gender impacts

acceptance of biometric technology.

H9. There is no statistically significant evidence that the use of different biometric

modalities impacts acceptance of biometric technology.

Significance of the Study

BIOMETRICS IN THE UNITED STATES 4

This study intends to advance the understanding of the American citizen’s opinions of

biometric technology and its use in the United States. It will identify variables and will use the

information to identify areas and situations where biometric technology can be used successfully.

This study intends to also identify measures that can be taken to ensure that biometric technology

is successfully deployed with suitable acceptance by American citizens. The results of this study

may be adapted by manufacturers of biometric technology and may be incorporated into policy

governing the use of biometric technology by state, federal, and private organizations.

Additionally, the results of this study may be used to adapt biometric technology to appeal to

more people and may also be used to develop an educational campaign to promote understanding

and acceptance of the technology and its use.

This study will include literature reviews of the existing material available on biometrics

to include different modalities and their accuracy rates, current uses for biometrics, privacy

concerns, and measures that can be taken to reduce any concerns about biometrics use.

Additionally, this study will discuss the research methodology used including a summary of the

subjects used and the data collection techniques used. Then, the paper will include analysis of a

survey administered to identify any factors impacting acceptance of biometrics, potential new

uses of biometrics, and steps that manufacturers can take to improve their biometrics technology.

Finally, the paper will summarize the information gathered from the literature review and

research to develop conclusions and recommendations on the use of biometrics.

BIOMETRICS IN THE UNITED STATES 5

Literature Review

Biometrics Overview, Modalities, and Accuracy

Biometrics is a term that comes from the Greek words “bios” and “metricos” which

means “life measure” (Biruntha, Dhanalakshmi, & Karthik, 2012). It can be used

interchangeably to describe a number of things. Biometrics can refer to a physical or behavioral

characteristic, to a process, or to a technology (Jefferson, 2010). When used to refer to a

characteristic, the National Science and Technology Council (NSTC) Subcommittee on

Biometrics defines biometrics as, “A measurable biological (anatomical and physiological) and

behavioral characteristic that can be used for automated recognition” (National Science and

Technology Council, 2006a, p.4). The NSTC Biometrics Glossary defines biometrics as a

process as, “Automated methods of recognizing an individual based on measurable biological

(anatomical and physiological) and behavioral characteristics” (p.4). As a technology,

biometrics can be the sensor used to capture the unique physical or behavioral characteristic and

digitize it, or it can be the system that compares that captured characteristic against other stored

biometrics.

At the very basic level, biometrics are used for two different functions, biometric

verification and biometric identification. Through verification or identification, multiple other

functions are capable. Biometric verification is the process of verifying a claimed identity

through comparing a captured biometric from the individual against a stored biometric associated

with that individual. Biometric identification is the process of determining an individual’s

identity through a “one-to-many search” against the stored biometrics of multiple people. This

search will either return zero matches, one match, or multiple close matches which would be

candidates for the identity. Identification takes the best result of the search and matches the

BIOMETRICS IN THE UNITED STATES 6

identity with the individual (Allan, 2013). Jefferson summarizes biometrics well when she says,

“Biometrics is an enabling technology that makes possible: tracking criminal histories and

solving crimes, protecting wide-ranging border areas, screening individuals in high-volume

transportation conduits and protecting automated consumer transactions” (2010, p. 101).

However, she only skimmed the surface of why biometrics can be a technological solution for a

current problem.

A biometric modality is the type of biometric characteristic that is being captured and can

also refer to the type of biometric system used to capture and analyze that characteristic

(National Science and Technology Council, 2006a). The two main categories of biometric

modalities are physical and behavioral modalities. Physical modalities are those that measure the

physical traits of an individual such as fingerprints, iris, or facial recognition. Behavior

modalities are those that measure an individual’s behavioral characteristics such as keystroke

dynamics or gait analysis (IEEE, 2012). There is a relationship between physical and behavioral

biometrics. Many behavioral biometrics are affected by the physical characteristics of the

individual. For example, dynamic signature is a behavioral biometric, but the signature stems

from the strength and dexterity of the individual’s hands and fingers. Similarly, voice

recognition depends on the shape of a person’s vocal cords (Allan, 2013).

There are many different biometric modalities that can be used to identify individuals. If

there is a steady characteristic that can be measured, it is likely that it can be used to identify or

authenticate an individual. Some of the most common physical biometrics are fingerprint, face,

iris, vascular pattern, palm print and hand geometry recognition (Modi, 2011). There are other

physical biometrics that are available including earlobe biometrics. Some common behavioral

biometrics are keystroke dynamics, gait recognition, and dynamic signature verification (Modi,

BIOMETRICS IN THE UNITED STATES 7

2011). Physical biometrics are usually unchanging, with the exception of physical injury, and

“unalterable without significant duress”, but the capture of such is often perceived as more

invasive than behavioral biometrics. However, behavioral biometrics are generally less stable

than physical biometrics, usually changing over time and susceptible to change from stress or

other factors (Allan, 2013, p. 12).

Fingerprint biometrics devices capture an image of the fingerprint through a variety of

methods including optical, capacitive, ultrasound, and thermal sensor to identify the minutiae,

friction ridges, and other identifiable parts of the fingerprint. Then, the device or the system

converts the captured biometric image into a digital format which can be transmitted and

automatically compared against other stored biometrics (The FBI Biometric Center of

Excellence, n.d.). Fingerprint biometrics systems have an accuracy rate of over 99% with two

fingerprints and 99.9% when using four fingerprints. The number of fingerprints captured and

the quality of the fingerprint increase the accuracy of the biometric system (Bulman, 2004).

Iris biometrics systems capture an image of an individual’s iris which is the colored

portion of the eye. The system uses near infrared light to illuminate the patterns of the iris

because it does not reflect like visible light and is also not harmful to the individual. The

biometric technology is able to isolate the iris from the pupil, eyelids and other pieces of the eye.

Similar to fingerprint biometrics, once the iris image is captured, it is digitized and compared to

other stored iris biometrics (National Science and Technology Council, 2006b). A person’s iris

patterns are created prior to birth through the folding and forming of iris tissue and no two iris

patterns are the same. Additionally, a person’s iris patterns are stable after age 3. Iris biometrics

have one of the lowest false acceptance rates with the odds of a false acceptance rate for two iris

images is one in over one trillion (Clifton, 2013).

BIOMETRICS IN THE UNITED STATES 8

Vascular pattern recognition biometrics is a modality that uses images of an individual’s

veins, usually in the palm. The technology uses an infrared beam of light to illuminate an

individual’s hand or other body part and a camera on the other side captures an image of the vein

patterns. This modality is very difficult to forge because the veins are on the inside of the body.

Additionally, it is hygienic because it does not require the individual to touch the machine in

order to capture the image of the veins. Vascular pattern recognition is an accurate modality

with a false acceptance rate of less than 0.0001%, a false rejection rate of 0.01%, and a very low

failure to enroll rate (Sarkar, Alisherov, Kim, & Bhattacharyya, 2010).

Keystroke analysis is a behavioral biometric modality that evaluates how someone types

or uses electronic devices like smartphones or computers. According to research by Charles

Tappert, our typing patterns are “consistent, predictable, and nearly impossible to imitate”

(Stromberg, 2013, para. 3). Keystroke analysis can use measures like the dwell time, how long

an individual presses an individual key, and the average time it takes to transition between keys

to identify who someone is by how they are typing with an accuracy of up to 99 percent

(Stromberg, 2013).

Multimodal biometrics systems use a combination of two or more biometric modalities.

These systems use biometric identifiers with varying levels of quality and accuracy and combine

them to make a very accurate system. Multimodal biometrics systems improve accuracy because

there are more pieces of biometric information that are matched. Additionally, multimodal

biometrics systems can be used if somebody is missing a body part that is usually used for

biometric matching (Pellerin, 2004).

In the United States, there are three main national biometrics databases managed by three

separate governmental departments. The three national biometric databases consist of the

BIOMETRICS IN THE UNITED STATES 9

Federal Bureau of Investigation’s (FBI) Integrated Automated Fingerprint Identification System

(IAFIS), the Department of Defense’s (DOD) Automated Biometric Identification System

(ABIS), and the Department of Homeland Security’s (DHS) Automated Biometric Identification

System (IDENT). FBI’s IAFIS database is managed by the Criminal Justice Information Service

(CJIS) and is the largest criminal fingerprint database in the world. Stored in the database are

biometrics for criminal offenses, known or suspected terrorists, unsolved latent fingerprints, and

civil fingerprints of government employees and others (The Federal Bureau of Investigation,

n.d.). DOD’s ABIS database stores biometrics from DOD operations in foreign countries and

base access biometrics. Included in the ABIS database are fingerprints from individuals

encountered in warzones, latent fingerprints from improvised explosive devices (IED), foreign

employee access fingerprints, and foreign contractor fingerprints (Biometric Identity

Management Agency, n.d.). DHS’s IDENT database is the largest biometric database in the

United States and it stores biometrics from visitors to the United States, criminal information

from individuals encountered by DHS law enforcement agencies, and civil programs managed

by DHS agencies as well as biometrics shared with DHS from other national and international

biometrics databases (Biometrics.gov, n.d.).

In addition to the three large national biometrics databases, other local, state, and federal

agencies have biometrics databases that they keep for multiple reasons. Some of the data in

these databases are fed into the larger national biometrics databases. Outside of the United

States, several other countries have biometrics systems in place for criminal offenses,

immigration, banking, and travel among other things. Many of these countries have sharing

agreements in place with other countries, including the United States, to share biometric

BIOMETRICS IN THE UNITED STATES 10

information of certain individuals, normally criminals, terrorists, and citizens of other countries

(Homeland Security, n.d.).

Current Biometrics Uses in the United States and Abroad

Biometrics are currently being used for several different purposes around the world. The

employment of biometrics is used to provide identity certitude in a number of applications

including building access and financial applications. A 2008 survey conducted by Unisys found

that sixty-two percent of Americans were very concerned about the safety of their personal

information and sixty percent were very concerned about credit and debit card fraud (“Are we

learning,” 2008). In some applications, biometrics can be used to protect personal information

and reduce the threat of credit and debit card fraud.

Biometrics are used throughout the world to track and screen travelers as they seek to

enter different countries. Additionally, some countries have taken steps to embed biometric

identifiers on chips in their passports and other travel documents. All European Union member

states issue electronic passports and most of them have extended access control (EAC) protected

fingerprints embedded. Additionally, many European countries use automated border control

(ABC) measures. There are eight countries that currently have ABC gates that primarily use

facial recognition. The ABC gates are located in Germany, Spain, France, Finland, Netherlands,

Norway, Portugal and the United Kingdom. Additionally, Austria, Belgium, Bulgaria, Czech

Republic, Denmark, Estonia, Hungary, Latvia, and Romania are planning to implement the

biometrically enabled border gates (Wolf, 2013). The United States takes biometrics from

travelers entering the country and, following the attacks of September 11, 2001, required all

foreign visitors to hold valid passports and submit to biometrics as a condition of entry.

(Alhussain & Drew, 2009). The United States has also deployed kiosks at select locations that

BIOMETRICS IN THE UNITED STATES 11

allow for low-risk citizens and nationals of the United States and six other countries if they are

enrolled in the Global Entry program. The participants will present their passport to the kiosk

and will the kiosk will compare their fingerprint biometrics to the ones on file and will then take

a photograph of the individual as a record of the encounter (U.S. Customs and Border Protection,

2014). Australian Customs has also deployed automated passenger processing systems at two of

its airports in Sydney and Melbourne. These “e-passport SmartGates” allow for self-processing

by utilizing facial recognition biometrics to verify the identities of the travelers and expedite

their process (Alhussain & Drew, 2009, p. 30). Biometrically enabled turnstiles that use iris

matching technology can process 20-50 people per minute and their accuracy is not impacted by

non-polarized glasses or sunglasses (Zalud, 2012). This technology can expedite screening or

access at busy areas like train stations or airports.

In addition to identifying and tracking travelers, biometrics are used by countries to

verify and identify their own citizens through a combination of country issued identification

cards or other credentials and biometrics. Prior to incorporating biometrics, the identification

cards were easily forged (Alhussain & Drew, 2009). The United Kingdom issues asylum seekers

an identification card with two fingerprint biometrics embedded. Japan uses biometric enabled

passports to reduce illegal immigration and terrorism (Alhussain & Drew, 2009).

Biometrics are also used throughout the world for access control and to restrict access to

only those authorized individuals whose biometrics match the ones stored in the database.

Biometrics enabled access systems are often easy to manage because individuals can be granted

access to certain locations and they may or may not need a credential as well. Because the

system is managed electronically, it is easy to add, edit, or remove access to sensitive areas.

Additionally, using biometrics can reduce the cost associated with guards. At Yeager Airport in

BIOMETRICS IN THE UNITED STATES

Charleston, WV, biometric hand readers were incorporated with a PIN or credential and video

surveillance system to control access to certain areas of the airport. By installing this system,

individuals are able to quickly gain access to authorized areas and the airport has saved

thousands of dollars. Prior to installing the system, the airport was required to keep a guard 24-

hours a day at a cost of $25 per hour, but after installing the $17,200 system, they no longer

needed the guard (Dubin, 2011). Scott Air Force base also installed hand recognition systems

and saved over $4,000 in guard costs (Alhussain & Drew, 2009).

Biometrics are also used to keep track of personal interactions to ensure that only

authorized individuals are receiving benefits or that no one is abusing the system. For example,

biometrics are used for e-voting to ensure that no one is voting more than once (Alhussain &

Drew, 2009). Biometrics are also used for candidate verification purposes to identify or verify

an individual in order to receive benefits. Biometrics are used in the healthcare field to verify the

individual’s identity in order to avoid health insurance fraud and ensure the correct medical

records are being used (Allan, 2013). Additionally, biometrics are used in some places to ensure

the correct student is taking a test instead of having an imposter stand-in (Alhussain & Drew,

2009).

Additionally, in some countries that do not have strong identity architecture, biometrics

are used to verify eligibility for benefits. For example, most people in India do not have birth

certificates or other ways to identify themselves, but India has established a nationwide biometric

database that is used to verify an individual’s identity and, subsequently, their eligibility to

collect benefits and aid (Schneider, 2013). In some Latin American countries, low income

families use biometrically enabled automated teller machines (ATM) to withdraw a government

stipend used to send their children in school. The use of biometrics ensures that only the

BIOMETRICS IN THE UNITED STATES 13

authorized individual is retrieving the money for their children and also saves time and money

for the bank. The families do not access the ATM any other time except to withdraw the stipend

and, prior to biometrics, would often forget their personal identification number (PIN) or

password. The bank would then have to reset the information so the family could access their

funds (Zalud, 2012).

In addition to using biometrics to access ATMs for government aid, biometrics have been

used to withdraw money from ATMs and other financial applications in several countries. Some

banks in Turkey, Brazil, and Poland use vein scan biometrics at their ATMs. Additionally,

almost 80,000 ATMs in Japan use vein scanning biometrics (Furlonger, 2013). Some banks in

Latin America use fingerprint scan biometrics at their ATMs which reduce identify theft and

other problems associated with PIN enabled ATMs. Additionally, using biometrics reduced the

number of people with multiple accounts under different identities (Zalud, 2012). An additional

benefit to using biometrically enabled ATMs is that during disasters or other exigent

circumstances, an individual may not have their identification or bank cards, but they will always

have their biometrics. So, they would be able to access their account and withdraw funds

without their identification because they are their own identification (Furlonger, 2013).

Biometrics have also been used commercially in lieu of credit cards or cash. The biometrics at

point of sale locations verify the person’s identity and authorize the payment to the company

(Allan, 2013). Fatima lists several instances where banking frauds have occurred in electronic

banking for amounts over $10 million and recommends that using existing biometrics systems

could protect against those types of attacks (2011). By using a two or three factor authentication,

with biometrics being one of the factors, banks and individuals would protect their assets

BIOMETRICS IN THE UNITED STATES 14

because criminals would no longer be able to gain access by stealing information such as user

names, passwords, or PINs (Fatima, 2011).

Biometrics systems are used by employers for a number of reasons. As previously

discussed, they are used for access systems, but they are also used for time and attendance

systems to ensure the correct individual is working and to prevent another employee from

fraudulently clocking the individual in (Allan, 2013). In Saudi Arabia, government employees

use fingerprint biometrics to ensure that the correct times are recorded for when they start

working and when they end (Alhussain & Drew, 2009). Even fast food restaurants are using

biometrics for employee accountability and security. At a Kentucky Fried Chicken in West

Lafayette, Ohio, employees must use their fingerprints to access the register which ensures that

only the appropriate employees have access to the registers and ensures that employees will not

clock-in for each other (“Biometrics researchers,” 2013).

Biometrics can also be used in lieu of passwords. The use of biometrics instead of

passwords can improve security and also save money and man hours. Many passwords are

currently complex combinations of letters, numbers, and special characters that are continuously

getting longer and more complex. Combined with the complexity requirements of the

passwords

and the requirement for most passwords to be changed periodically, forgotten passwords can

reduce productivity and increase costs associated with maintaining a help desk to reset

passwords (Jefferson, 2010). Additionally, due to the complexity of passwords and the sheer

number of passwords to remember, many people write down their passwords which counteracts

any security benefit of having a password. Biometrics can solve the issue of passwords because

it is something that the individual always has with them and it is also very difficult to steal

(Jefferson, 2010).

BIOMETRICS IN THE UNITED STATES 15

There are many other purposes that biometrics are used for. According to Nelson in her

book American identified: Biometric technology and society, “Biometric identification is also

part of a body of forensic systems used to identify missing children, determine parentage, and

more generally investigate crimes” (2010, p. 2). Another function that biometrics can enable is

scanning crowds to identify persons of interest on watchlists containing terrorists, criminals, and

other people. This function is usually used in conjunction with facial matching, gait analysis or

other stand-off biometrics (Allan, 2013). Casinos have been using facial recognition software

for years to identify excluded gamblers or other unwanted individuals. The system is more

accurate than having guards identify individuals or checking identification and it is automatic

(Robson, 2011). Facial recognition biometrics were also used during Super Bowl XXXV to scan

the faces of individuals as they entered the stadium in order to identify terrorists or criminals

(Tavani, 2013). Other biometrics like face topography and keystroke analysis are being used to

continuously authenticate an individual while using a system. For example, biometrics can be

used while a person uses a computer system and can identify when the individual walks away or

when someone else sits in front of the computer. This technology eliminates the need for the

system to “timeout” and offers several forms of security (LeHong & Fenn, 2013).

Previous Surveys

Several studies and surveys have been conducted concerning biometrics and acceptance

of the new technology. Some of the studies evaluated different biometric modalities while others

evaluated biometrics use for certain situations. This paper will briefly discuss the previous

studies, their methodology, and the results.

In 1995, Deane, Barrell, Henderson, & Mahar conducted a survey of 76 people for their

paper, Perceived acceptability of biometric security systems, to determine the participants’

BIOMETRICS IN THE UNITED STATES 16

attitudes toward biometrics as well as their perceptions of different biometric modalities. Deane

et al. discovered that biometrics were rated less acceptable than passwords (Riley, Buckner,

Johnson, & Benyon, 2009). In 2001 and 2002, Opinion Research Corporation (ORC)

International (as cited in El-Abed, Giot, Hemery, & Rosenberger, 2010), conducted two different

phone surveys of 1017 and 1046 adults living in the United States to determine their acceptance

of biometrics systems. More than 75% of the participants felt that biometrics were acceptable

for United States law enforcement authorities to verify identity for passports, for airport check-

ins and to obtain a driver license. Also, 77% of the participants felt that fingerprint biometrics

could protect individuals against fraud. However, greater than 85% of the participants worried

about their personal information being misused (El-Abed et al., 2010).

In 2004, another survey was conducted to determine the attitude toward biometrics in the

context of air travel. The BioSec 2004, survey had 204 participants from Finland, Germany, and

Spain. Most of the survey participants had positive attitudes towards biometrics for air travel but

over half were afraid of losing their privacy. Additionally, 25% were concerned about health

risks from using the biometric technology and 20% worried about the hygiene of the systems

(Riley et al., 2009). In 2005, the UK Passport Service conducted a biometrics enrollment trial

(as cited by Riley et al., 2009) with over 10,000 participants from multiple locations in the

United Kingdom. This study determined that most participants had a positive attitude toward

using biometrics in conjunction with national passports, but almost 25% of the participants were

concerned about the effect of the technology on their civil liberties (Riley et al., 2009).

In 2007, Nelson conducted a national telephone survey of 1,000 individuals in the United

States of America to gather public opinion of privacy and biometric technology. The

participants ranged in age from 18 to 93 years old with 57.6% female and 42.3 male

BIOMETRICS IN THE UNITED STATES 17

participation. The average age of the participant was 51 years old. Ninety-two percent of the

participants were high school graduates and 39% held at least a 4-year college degree. The

topics of the telephone survey included the importance of protecting personal information,

threats to information privacy, comfort level with privacy protection measures, and attitudes

toward biometric technology (Nelson, 2010).

In addition to the telephone survey, Nelson conducted a study using focus groups to

“understand the views of biometric users and nonusers on a variety of issues related to how

private information is protected and used by different institutions and to understand how

biometric technology can potentially safeguard that private information and provide security”

(Nelson, 2010, p. 19). Nine focus groups from 55 participants were created with biometric users

being grouped with other users and non-users grouped with non-users. The focus group study

was conducted as a mixture of a survey and a moderated in-depth discussion following the

survey to further explore participants’ attitudes and opinions (Nelson, 2010).

As cited by El-Abed et al., the results of a NIST survey on biometrics usability of

fingerprints was published in 2007 (2010). The NIST survey was conducted by 300 adults

consisting of 151 women and 149 men ranging in age from 18 years old to over 65 years old.

This survey was conducted to identify users’ acceptance of fingerprint biometric systems. The

majority of the participants were in favor of using fingerprint biometrics to verify identity for

passport purposes with 77% saying they agreed with the use in that situation. Additionally, 2%

of the participants were concerned about the cleanliness of the devices that they would have to

touch to use (El-Abed et

al., 2010).

A 2008 survey conducted by Unisys (as cited by “Are we learning,” 2008), determined

that the majority of United States citizens were comfortable with biometrics for authentication.

BIOMETRICS IN THE UNITED STATES 18

Over 70% of the participants would trust government agencies and banks to use their biometric

data to verify their identity and fingerprints tied passwords as the primary preferred method of

authentication. The Unisys Security Index survey also determined that 62% of Americans were

very concerned about the safety of their personal information and 60% were very concerned

about credit card fraud. Additionally, the survey determined that American citizens were less

supportive of blood vessel scans with only a 43% acceptance rate as compared to the 73%

acceptance rate of fingerprint biometrics. Men and women were also determined to have similar

acceptance rates for using biometrics to verify their identity, but women were less willing to use

advanced biometric methods like eye scans and hand scans (“Are we learning,” 2008).

In 2009, Riley et al. conducted a survey of quantitative and qualitative questions to

determine people’s attitudes towards biometrics in three different countries, India, South Africa,

and the United Kingdom. The survey was written in English and administered electronically.

The study had 581 participants with 202 from India, 202 from South Africa, and 177 from

United Kingdom and almost an even divide between male and female participants. The

questions on the survey asked about “perceived privacy, safety, usability and acceptability of

biometrics” (Riley et al., 2009, p. 299). Additionally, an open-ended question was included in

the survey to allow the participants to expand on their opinion of biometrics. About half of the

participants answered that question. The survey had limitations associated with how it was

administered. It was administered in English and, while many people in the countries speak

English, it is not their first language. Additionally, the participants from India and South Africa

were compensated for their participation and that could impact the responses. Riley et al. also

note that the requirement to be proficient in English introduced sampling bias into the survey

BIOMETRICS IN THE UNITED STATES 19

which means that the results of the survey would apply to a subset of the population and not

necessarily the general public (2009).

In 2009, Alhussain & Drew described their study in their paper Towards user acceptance

of biometric technology in E-government: A survey study in the Kingdom of Saudi Arabia.

Alhussain & Drew conducted interviews of 11 managers in different management levels and

conducted a questionnaire of 101 employees in the Saudi Arabian government to determine

perceptions of biometric authentication in the workplace. The managers were asked five open-

ended questions to get a qualitative result. The questions asked about if there was a perceived

cultural gap for their employees and if the managers felt a level of responsibility for narrowing

that gap. Additionally, they asked about any difficulties and barriers to implementing

biometrics. The survey that was given to the 101 employees was answered quantitatively on a

five point scale. The employees were asked how important they thought biometrics were to the

organization, if they thought that biometrics meant that their employer mistrusted employees,

and if they thought there should be an awareness of biometrics before implementation (Alhussain

& Drew, 2009).

In their paper A study of users’ acceptance and satisfaction of biometric systems, El-Abed

et al. discuss their study they conducted to study perception of biometrics to improve the

usability of biometric systems (2010). The study used 70 participants consisting of 71.4%

students and 28.6 employees from different countries to answer survey questions after using two

different biometric systems. The participants used a keystroke verification system and a face

verification system. Then, they answered 23 survey questions about their demographic

information, general perception of biometrics and their perception of the tested biometric system.

Their study found that 33.3% of the participants did not trust the face verification system and

BIOMETRICS IN THE UNITED STATES 20

23.2% did not trust the keystroke verification system. Additionally, the participants were much

more concerned about their privacy when using the face verification system as opposed to the

keystroke system. Additionally, the participants felt that the keystroke verification system

performed better than the face verification system with 89.9% of participants satisfied with the

keystroke biometric and 81.1% satisfied with the facial biometric. Even though the keystroke

biometric outperformed the facial biometric, participants preferred the facial biometric for

certain applications. For logical access, 56.5% of the participants prefer keystroke verification

systems while 26.1% prefer face verification systems. For physical access, 36.2% prefer to use

face verification systems and 14.5% prefer to use keystroke verification systems. If they had to

choose one system for both applications, 31.9% of the participants would prefer to use face

verification systems while 26% would prefer to use keystroke verification systems (El-Abed et

al., 2010).

In 2013, Miltgen, Popovic, & Oliveira wrote about the study they conducted to determine

what the key determinates of end-user acceptance of disruptive information technology like

biometric systems are. The survey was scenario based and was administered electronically to

326 European participants between the ages of 15-25 years old. The majority of the participants

were students in a range of education levels. The scenario was written as a friend has an

opportunity to use iris scan biometrics to identify himself or herself before a driving test. The

iris scan will allow the friend to bypass a line and will automatically assign a machine for him or

her to use. Based on the scenario, participants were asked to answer questions on the perceived

usefulness, compatibility, perceived risks and other aspects of the biometric technology (Miltgen,

Popovic, & Oliveira, 2013). The survey has several limitations including that it only focused on

BIOMETRICS IN THE UNITED STATES 21

one biometric modality, only had participants between 18-25 years old, and only had European

participants.

Concerns About Biometrics

Concerns and objections to using biometrics can be based on many different things.

Someone may object to using biometrics based on the situation in which the technology is being

used. In this example, the person objects to the purpose for the biometrics, but not the

technology itself. Other concerns about biometrics stem from opinions or beliefs of the

individual revolving around loss of privacy, health risks, hygiene, and lack of trust in the

technology. In other cases, the individual may not object to the technology or the purpose of the

use, but they may not trust the government or organization that is using the biometrics. The

individuals may be afraid that their information is not being used appropriately.

The distrust of the government or the organization using the biometrics combined with

current events has the potential to sway the views of individuals. For example, during the survey

conducted by Riley et al., there was a proposal for a national identity card in the United

Kingdom that would be a mandatory requirement and would require the collection of biometric

data. This proposed identity card received a lot of negative media attention around the time of

the survey and the researchers believed that negative attention could have accounted for the

lower than expected level of acceptance in the United Kingdom (Riley et al., 2009). The recent

media attention on the National Security Agency (NSA) and their domestic spying program has

caused more attention and negative feelings to be directed to a DHS facial recognition program

in development called the Biometric Optical Surveillance System (BOSS) (Gonsalves, 2013).

This recent attention to misuse of private information by the government and the violation of

BIOMETRICS IN THE UNITED STATES 22

trust by U.S. citizens has the potential to impact the results from the survey conducted in this

study.

Lack of trust in the government is not a new phenomenon. The National Biometric

Security Project reported that the three government agencies that use biometrics to protect

against terrorism are also the three government agencies that are the least trusted by American

citizens. The Department of Justice, the Department of Homeland Security, and the Central

Intelligence Agency were the three government agencies that participants of a poll ranked as

least trusted to protect their personal information (2006). The National Biometric Security

Project also highlights another reason that American citizens may not trust biometrics and central

databases containing their information. Their report states,

The very existence of a central database concerns people who recall times when the

government used databases of information on people for purposes far beyond their

original intent. Examples of reported misuses include the use of confidential information

from the Census Bureau during World War II to locate and intern Japanese-Americans

and the use of confidential information from the National Crime Information Center to

monitor people opposed to the Vietnam War. Both of these reported misuses of

information contained in confidential databanks took place when the country was at war.

Accordingly, during today’s time of instability when fears of future terrorist attacks

abound, it is not unreasonable to anticipate that some people will be concerned that in the

future, biometric data gathered to screen for terrorist could be used for other purposes or

associated with other data about the individual.

(National Biometric Security Project, 2006, p. 81)

BIOMETRICS IN THE UNITED STATES 23

In addition to citizens having low acceptance to centralized biometric databases due to mistrust

in the government, individuals do not trust the centralized databases due to the potential for their

personal information to be compromised (Riley et al., 2009). Respondents worry that if

biometric template data in the database is compromised, the information will be compromised

forever without a solution (El-Abed et al., 2010).

A major concern that many participants in previous studies had with biometrics is the

potential loss of privacy associated with biometrics use. Miltgen et al. state that privacy

concerns are source of public aversion to biometrics. They go on to say that the privacy

concerns can be linked to the personal nature of biometrics because there is a link between an

identity and the individual’s body (2013). The privacy concern varies by the location in which

biometrics are used and the purpose for their use. Views on privacy differ drastically between

the United States and European countries. Rosen illustrates the difference between American

views on privacy and European views when he states, “Americans tend to be much more

concerned about government surveillance while Europeans tend to be more concerned about

privacy invasions by the private sector” (2007, p. 295). Rosen goes on to suggest that, although

Americans have privacy concerns, they may give up their rights to privacy for individual

purposes when he states, “A society where citizens refuse to respect their own privacy is not one

where privacy will be long respected; and the American experience suggests that citizens in an

individualistic market democracy may perceive too many market rewards for exposure to respect

their own privacy for long” (Rosen, 2007, p. 299).

Other concerns with biometrics that are commonly stated by participants in studies

involve the misuse of their personal data, health risks associated with the use of biometrics, and

hygiene issues associated with use of the technology. Riley et al. reported that individuals were

BIOMETRICS IN THE UNITED STATES 24

concerned that their biometric information could be used for marketing or other commercial

purposes (2009). Another concern noted by Riley et al. is that function creep could cause

biometric information to be used in situations and functions other than it was originally agreed to

be used for (2009). Many people have concerns that use of biometrics devices can pose health

hazards. These concerns are especially relevant with advanced biometrics like iris or retina

scanners. When biometric devices were used in Saudi Arabian government buildings, some

employees were concerned that the devices could cause skin cancer (“Careful with,” n.d.). El-

Abed et al. also noted that previous studies found that some users complained that hand

geometry biometric devices could dry out their hands and some military aviators were concerned

that retinal scanners could damage their vision (2010). The 2004 BioSec survey (as cited by

Riley et al., 2009) noted that 20% of the participants had concerns about the hygiene of

biometrics systems that required contact. The ability for some biometric technologies, like

retinal scans, to disclose disease or health issues is another reason that some users to do not

approve of the technology (Nelson, 2010).

Cultural issues and attitudes play a major role in concerns and

acceptance of biometrics.

During a discussion with a developer of biometrics technology, the developer stated that cultural

attitudes were a driving factor in changing the color of the illuminated fingerprint platen on their

biometrics device. The original fingerprint reader was illuminated in red, but many users

reported that, due to language differences and lack of interaction with technology, some

individuals were afraid of the red platen due to misconceptions that it would be hot or other

reasons. The developer changed the color from red to green and there were fewer concerns.

Other cultures may have an aversion to touch with public sensors and having to place a body part

on a biometric device may be unacceptable (El-Abed et al., 2010). There are many factors that

BIOMETRICS IN THE UNITED STATES 25

determine a culture’s acceptance of biometrics. Experience and acceptance of other technology

in a culture generally increases biometrics acceptance. South Africa has a high rate of violent

crime and, subsequently, many individuals from that country have a fear that their biometric

identifiers will be removed for criminal purposes and they will be harmed (Riley et al., 2009).

Lack of trust in the biometrics system and the accuracy of the technology is another

major impediment to acceptance. Many participants in the study conducted by Riley et al.

expressed concern about the reliability of the biometrics equipment and the potential

consequences to the individual if the technology failed (2009). Additionally, some individuals

have problems using some biometric modalities due to their physiological characteristics.

Gartner finds that a few individuals out of a thousand experience problems using fingerprint

biometrics for authentication (LeHong & Fenn, 2013). This fact does not build trust in the

system reliability. Biometric systems can also be spoofed using several different methods. Modi

describes several methods to spoof biometrics systems including using false fingers out of

silicon, transferring a latent print to a piece of tape and using that in place of a finger, using high

resolution photos to trick face recognition software, using contact lenses to fool iris recognition

devices, using plaster molds of a hand to spoof hand geometry systems, and using vein patterns

printed on paper to fool vascular pattern recognition devices (2011).

Mitigating Measures to Address Concerns

Much of the literature written has identified some solutions to mitigate the concerns

individuals have about biometrics. To prevent spoofing, many biometrics systems have

countermeasures built in. For example, many biometrics that contact the individual use heat

sensors and other liveness detection methods to ensure there is an actual live person touching the

machine. Other biometric modalities use features like eye detection and examination of the skin

BIOMETRICS IN THE UNITED STATES 26

properties to detect masks of other methods of deception in facial recognition (Modi, 2011).

Liveness detection measures also address concerns by some individuals that their biometric

identifier could be forcefully removed and used. The liveness detection would detect that the

biometric was no longer “alive” and would reject it.

Many of the concerns that biometrics can cause health problems can be discounted. Iris

and retinal scans do not cause damage to the eyes because they use low output light emitting

diodes (LED) to illuminate the eye with near infrared light in order to take a photograph of the

biometric features of the iris or the retina. The output of the LED is low to minimize any risk for

damage to the eye (National Science and Technology Council, 2006b). Biometrics systems are

designed and tested to minimize any health risks to individuals. Additionally, health concerns

from the hygiene of the biometrics device can be addressed by using contactless biometric

systems like iris recognition or vascular pattern recognition. Contactless systems can also

minimize objections due to cultural aversion to touching public sensors (El-Abed et al., 2010).

Although there may be privacy concerns with biometrics use, the technology can provide

more security of personal information than other security alternatives. Allan states, “Because

biometric traits are more difficult to copy or share than passwords and tokens, biometric

authentication can provide a higher level of accountability than any alternatives, and may be

used alone or in conjunction with other technologies when individual accountability is

paramount” (2013, p. 8). Additionally, to address concerns about compromised biometric

templates, there are several methods for protecting templates and identifying compromised

templates. Biruntha et al. state that steganography, watermarking, and cryptography can be used

to protect templates and detect compromises (2012). Biometrics templates can also protect

BIOMETRICS IN THE UNITED STATES 27

against fraud because if they are compromised, they can be revoked and replaced with a new

template (Jefferson, 2010).

To address concerns of biometrics systems not working correctly or not accepting an

individual’s biometrics, multi-modal biometric systems can be used. Utilizing multiple

modalities when enrolling individuals in the databases maximized the searchable biometric data

and reduces the number of individuals that cannot be enrolled or searched due to missing or poor

quality biometric characteristics. Additionally, using multi-modal capable biometrics systems to

search or verify individuals allows for the system to take the best quality biometrics to verify

against the database (Dessimoz, Richiardi, Champod, & Drygajlo, 2007). Also, the accuracy of

the system increases with each added modality. Using multi-modal systems with reduce the

number of false matches and in turn would improve trust in the accuracy.

Actions to Improve Acceptance

In order to improve acceptance of the technology, the concerns of the population need to

be addressed. As previously mentioned, many of the concerns individuals had revolved around

the loss of their personal information, their information being used for purposes other than what

they agreed to, potential health concerns, and the potential that the biometric device is not

accurate or inoperable. Many of the concerns stemmed from lack of knowledge of biometrics

technology and the mistrust of the agencies conducting biometrics. The mitigating factors to

their concerns mentioned earlier can be used to relegate their concerns.

One action that can be taken to improve acceptance of biometrics is to improve

knowledge of biometrics and their use. The research has shown that, generally, the people that

know the most about the technology feel more comfortable with it and are more supportive of it.

In the BioSec 2004 survey (as cited by Riley et al., 2004), the German respondents were the most

BIOMETRICS IN THE UNITED STATES 28

knowledgeable about biometrics and, subsequently, had the most positive attitudes toward the

technology. Another thing that technology developers can do to improve acceptance of their

product is to identify sources of resistance early in the research and development process.

Mitchener-Nissen recommends that developers engage the public early in the design process to

identify concerns and translate those concerns into design requirements to minimize social

resistance “before it coalesces and becomes synonymous with the technology being developed”

(2013, p. 3). LeHong & Fenn claim that increased user experience and increased assurance of

the accuracy of the technology combined with lower cost and improved convenience features of

biometrics will improve acceptance of biometrics technology (2013).

To address the concerns that the biometrics and personal information will be used for

purposes other than their original purpose including tracking individuals can be addressed by

conducting privacy assessments and making those documents publically available (Jefferson,

2010). The privacy impact assessment for the U.S. Department of Homeland Security’s

biometric database, IDENT, is publically available on the DHS website and details the purpose

for the biometrics system, who can use the system, who biometrics can be collected from, why

biometrics may be collected, any privacy risks associated with the system and steps taken to

mitigate those risks, as well as other information that the public would want to know (U.S.

Department of Homeland Security, 2012). Similarly, the FBI makes the privacy impact

assessments for their biometrics systems publically available on their website for many of the

same reasons as DHS. The FBI IAFIS privacy impact assessment describes the background for

why the biometrics system is needed, how it will be used and what protections individuals have

in addition to other information an individual may want to know. The privacy impact assessment

also describes partnerships with other agencies and databases (The Federal Bureau of

BIOMETRICS IN THE UNITED STATES 29

Investigation, 2012). Individuals can read the privacy impact assessment and see that their

information is being used for specific purposes and that it is being protected within the bounds of

the privacy impact assessment.

However, if individuals do not trust the government, agency or corporation that is using

biometrics, any document published by that organization will not appease many of the concerns

of the individuals. Then, the only way to improve acceptance of the technology is to show the

public that the organization can be trusted and gain the trust of the individuals. The other way to

gain acceptance of biometrics is to use the technology for reasons that improve convenience for

the public. For example, by using biometrics in the place of passwords, individuals would not

have to remember multiple, complex passwords that have to be changed periodically (Jefferson,

2010). Additionally, programs like CBP’s Global Entry program can build acceptance for

biometrics because it uses the technology to provide a convenience feature that allows

individuals to more quickly check into customs and avoid long lines (U.S. Customs and Border

Protection, 2014).

Remaining Questions

The research and associated literature have identified many factors in individuals’

attitudes towards biometrics technology and their acceptance of their use. However, some of the

research is dated and needs to be revisited periodically to determine if the findings are still

relevant. One question that needs to be answered is, “How have the attitudes of the individuals

changed in the past few years?” With every year, technology becomes more and more embedded

in the everyday life of individuals. With the influx of technology, people become more

comfortable with technology and in-turn more comfortable with biometrics. However, recent

current events and media coverage have the potential to change the opinion of the American

BIOMETRICS IN THE UNITED STATES 30

public. Recent media coverage of the National Security Administration’s actions has caused

many citizens to be concerned about their privacy. Similar to the UK’s biometrics results in the

study conducted by Riley et al., if surveyed now, citizens of the United States may not trust that

their information would be protected and used appropriately which would negatively impact

acceptance of biometrics.

BIOMETRICS IN THE UNITED STATES 31

Methodology

Data Collection Technique

The study was conducted in two parts. The first part of the study was an intensive

literature review of the existing biometrics literature to learn what other researchers have

identified as impacts to biometrics acceptance. Additionally, the literature review identified

previous surveys that researchers had conducted and those surveys and their results were used to

develop the second part of the study.

The second part of the study was an anonymous online survey that was designed to

collect and analyze participants’ opinions of biometrics and their thoughts on acceptable uses of

the technology. The survey was created and administered using Google’s forms functionality on

Google Docs. The survey consisted of five demographic questions, 19 multiple choice

quantitative questions, and four fill-in-the-blank qualitative questions. The results of the survey

were compiled in Google Docs using their spreadsheet functionality. A copy of the survey

questions is included in this report as Appendix A.

The five demographic questions were multiple choice and designed to gather information

such as the age of the participant, level of education, gender, and experience with biometrics.

This data was used in the analysis to identify differences in opinions based on demographic

characteristics. Additionally, the demographic information was used to compare the sample

makeup to the overall population of the United States in order to validate the results of the

survey. The 19 quantitative questions were divided into five separate groups of questions

designed to gather data for different aspects of the study. Each question had five answers for the

participant to choose from. The first section consisted of four multiple choice questions

designed to measure the participants level of comfort with using biometrics technology in the

BIOMETRICS IN THE UNITED STATES 32

different situations in each question. The participants chose between the five answer options of

very comfortable, somewhat comfortable, unsure, somewhat uncomfortable, or very

uncomfortable. The second section consisted of five questions with the same options for the

participants to choose from as the first section. This section was designed to measure the

participants’ level of comfort with different biometric modalities. The third section consisted of

four questions designed to measure the participants’ acceptance with different uses of biometrics.

The participants chose between the five answer options of very acceptable, somewhat acceptable,

unsure, somewhat unacceptable, or very unacceptable. The fourth section consisted of four

questions with the same answer categories as the third section. This section was designed to

measure the participants’ level of acceptance with different implementations of biometrics

technologies. The fifth section consisted of two questions designed to capture the participants

overall opinion of biometrics and their roles in security and convenience. To answer these

questions, the participants chose between the answer options of very significantly, somewhat

significantly, unsure, very little, or none.

The four qualitative questions were designed to gather any suggestions that the

participants had without being constrained by the limit or format of the multiple choice options

of the quantitative design. Additionally, they were designed to capture the general attitude and

opinion of the participants in their own words. The first narrative question aimed to identify

locations where biometrics would be beneficial. The second question was designed to identify

instances and situations where biometrics were needed for a specific purpose. The third question

aimed to identify specific criteria that needed to be met in order to use biometrics technology in

an acceptable manner. The fourth question was designed to gather criteria for the unacceptable

BIOMETRICS IN THE UNITED STATES 33

use of biometrics and identify when biometrics collection would be objectionable to the survey

participants.

Subjects and Setting

The survey participants were solicited from a small population of people known by the

author and the faculty advisor. Participation was solicited through the use of notifications on the

social networking site, Facebook, and emails sent to faculty and students of American Military

University as well as co-workers, friends, and family of the author. The notifications and emails

explained the purpose of the survey, requested their participation, and provided the link to the

online survey. There were no identification numbers assigned to the survey links and no way of

identifying who participated in the survey as it was completely anonymous with the exception of

the demographic information which had little to no identifying information.

The solicitation on Facebook was conducted as a status message with a request for the

author’s “Facebook friends” to complete the survey with a link to the survey location. Of the

almost 300 acquaintances on Facebook, it is expected there was a five to ten percent participation

rate in the survey. The 300 individuals ranged from over 18 years old to over 80 years old, in a

variety of occupations, with varying levels of education, and geographically located all over the

United States. The author’s co-workers are all employed by the United States Coast Guard,

located in Washington, D.C., between the ages of 25 years old and 60 years old, and most have

at least a Bachelor’s degree. There were less than 30 co-workers that were asked to participate in

the survey. The students and faculty of American Military University were all well-educated

with all of them having at least a Bachelor’s degree. Additionally, they were all over 24 years

old, employed in many different occupations, and geographically located all over the United

States.

BIOMETRICS IN THE UNITED STATES 34

Statistical Analysis

For the quantitative portion of the study, each question had five choices of answers. Each

of those answers was converted to a value between one and five. Additionally, each of the

questions was assigned a question number for easier charting and analysis. Then, the results of

the survey were placed into an Excel spreadsheet where they were studied and analyzed. First,

the average of each question was calculated. Then, the standard deviation and variance were

calculated. Once those values were calculated for the entire population, the spreadsheet was

used to filter the results by demographic characteristics and the same calculations were

conducted for the different characteristics. Those results were compiled and placed in tables

where they were subsequently graphed. The researcher compared the results in each category

against the overall average and against the other categories to develop assumptions about the

demographic subsets. Additionally, the researcher considered the number of participants from

each category when considering the significance of each subset’s average. If the category had a

small number of participants, its results were not given the same regard as a category with many

participants because the average of the smaller category could be more greatly impacted by the

answers of one or two participants. This would not lead to a fair and accurate categorization for

those demographic subsets.

Limitations of the Study

The study was limited by the amount of time available to complete it and the number of

participants that completed the online survey. As the study was conducted in order to complete a

thesis to fulfill a requirement for a Master’s degree program, the author was constrained by the

amount of time available in the course and in order to complete the study in time, the author used

BIOMETRICS IN THE UNITED STATES 35

a small population of participants that would respond quickly. For this study, the survey was

open for two weeks and had 69 participants complete the questionnaire.

Another limitation in the survey was the potential lack of diversity in the participants and

the disparity with the larger population of the United States of America. The participants of the

study were predominately male with only 33% of the participants being female. According to a

2012 census study, almost 51% of the population of the United States was female (United States

Census Bureau, n.d.c). Additionally, an overwhelming number of the participants in the study

had obtained a higher level of education than the national average. Forty-one percent of the

participants had obtained a Master’s degree and 20% of the participants had obtained a Doctorate

degree while the national average in the United States was that 8.41% of the population had

obtained a Master’s degree and 1.68% had obtained a doctorate. Additionally, 35% of the survey

participants had obtained a Bachelor’s degree which was higher than the national average of

20.09% (United States Census Bureau, n.d.b.). Another disparity between the survey sample and

the population of the United States was the number of military members that participated.

Almost 28% of the participants in the survey were military which was much higher than the

national average of less than 1% of the population (National Public Radio, 2011). Also, the age

dispersion of the survey participants was not as varied as the population of the United States.

There were over three times the percentage of 25-34 year olds represented in the survey than in

the population of the United States. People between the ages of 25 and 34 comprise 13.4% of

the population of the United States. However, they made up 43% of the participants for the

survey. Similarly, 28% of the survey participants were between the ages of 35 and 44 years old,

but only 12.9% of the population of the United States are in that age range. The percentage of

survey participants between the ages of 45 and 64 years old was very close to the percentage of

BIOMETRICS IN THE UNITED STATES 36

the United States population with 23% of survey participants and 26.5% of the U.S. population

falling in that range. Survey participants 65 years old and older were underrepresented in the

survey with only 6% of the participants falling in that age range when the national average is

13.4% of the population is 65 or older (United States Census Bureau, n.d.a). These limitations

can be attributed to the sample populations chosen for the survey and the method used to gather

data. Because the survey participants were solicited using online social media to reach out to

acquaintances of the author and emails were used to reach out to co-workers of the author and

students and employees of the American Military University, there was not much diversity

present in the participants.

BIOMETRICS IN THE UNITED STATES 37

Results

Demographics and Response Distribution

The study had 69 participants complete the survey. Of those participants, 67% were

male, 43% were between the ages of 25 and 34 years old, 41% held a Master’s degree, 20% held

a Doctorate degree, 58% were employed for wages (other than military), 28% were active duty

military, and 55% had some experience with biometrics but would not consider themselves to be

very experienced. The number of participants from each demographic group are reported in

Table 1. Additionally, the distributions of each demographic group are illustrated in Figures 1-5.

Figure 6 shows the number of times each answer was chosen for each quantitative

question on the survey. As previously stated, the terms used for the answers on the quantitative

questions were converted to values between one and five for analysis. Depending on the section,

an answer with the value of one would correlate to the terms, Very Uncomfortable, Very

Unacceptable, or None. Likewise, an answer with the value of five would correlate to the terms,

Very Comfortable, Very Acceptable, and Very Significantly. Additionally, for the purpose of

analyzing and graphing the results, each quantitative question was assigned a question number.

Table 2 lists the quantitative questions and their assigned question numbers.

The answers for each qualitative question were reviewed and placed into categories with

similar answers. Those categories were then tallied and graphed. The number of results could

be further minimized by placing them in fewer, broader categories. The results of the qualitative

study can be seen in figures 7-10. There are more qualitative answers than there were

participants because some participants listed multiple answers for each question. For the

question that asked the participants to list locations where biometrics would be most beneficial,

14% listed locations that have restricted access control, the next two highest answers were

BIOMETRICS IN THE UNITED STATES 38

airports and banks with 11% and 9% respectively. The results from this question can be seen in

figure 7. The question that asked participants to list instances where biometrics are needed had a

closer distribution of answers. The answer chosen most often was for restricted access control

with 10%. Boarding a flight, identity verification/authentication, and medical were the next

three popular answers with 9%, 9%, and 8% of the answers. The next eight answers ranged from

4% to 6%. The results from this question can be seen in figure 8. When participants were asked

to list acceptable uses of biometrics, almost twice as many responses were for restricted access

control than any other answer. The next three highest responses for this question were national

security, same as above, and hospital access or medical identification with 8%, 8% and 7%. Due

to the aggregate nature of the responses, the researcher was not able to correlate the “same as

above” answers to any of the answers for the previous questions. The results for this question

are located in figure 9. When asked to list unacceptable uses of biometrics, the participants were

overwhelmingly against using biometrics for marketing, commercial purposes, or selling data to

third parties with over 40% of the responses. The next two most common responses for

unacceptable use were “routine use or common daily activities” and “large spectator events or

sporting events” with 8% and 7% respectively. The results from this question are in figure 10.

Table 1

Number of Participants by Demographic

Gender Age Education Employment Experience

Male 46

25-34 30

Some college, no

degree 2

Employed for

wages 40

No Experience 23

Female 23 35-44 19 Associate Degree 1 Self-employed 1 Some Experience 38

45-54 7 Bachelor’s Degree 24 Homemaker 1 Very Experienced 8

55-64 9 Master’s Degree 28 Student 1

65+ 4 Doctorate Degree 14 Military 19

Retired 7

BIOMETRICS IN THE UNITED STATES 39

Figure 1: Gender Distribution of the Sample

Population

Figure 2: Age Distribution of the Sample Population

Figure 3: Education Distribution of the Sample

Population

Figure 4: Employment Distribution of the Sample

Population

BIOMETRICS IN THE UNITED STATES 40

Figure 6: Response Distribution by

Question

Figure 5: Experience Distribution of the Sample

Population

BIOMETRICS IN THE UNITED STATES 41

Table 2

Quantitative Questions

Question

Number

Question

1
Please indicate your level of comfort with the following situations [How comfortable are you with

providing biometrics to log into your personal computer or phone?]

2
Please indicate your level of comfort with the following situations [How comfortable are you with

providing biometrics to board a flight?]

3
Please indicate your level of comfort with the following situations [How comfortable are you with

providing biometrics to “clock-in” for work?]

4
Please indicate your level of comfort with the following situations [How comfortable are you with

providing your biometrics to withdraw cash from an ATM?]

Please indicate your level of comfort with the following biometric types [Given that you agree with the

purpose or reason for biometrics use, how comfortable are you with providing a scan of your iris? ]

6
Please indicate your level of comfort with the following biometric types [Given that you agree with the

purpose or reason for biometrics use, how comfortable are you with providing a scan of your fingerprints?]

7
Please indicate your level of comfort with the following biometric types [Given that you agree with the

purpose or reason for biometrics use, how comfortable are you with providing a scan of your palm prints?]

8
Please indicate your level of comfort with the following biometric types [Given that you agree with the

purpose or reason for biometrics use, how comfortable are you with providing a scan of your face?]

Please indicate your level of comfort with the following biometric types [Given that you agree with the

purpose or reason for biometrics use, how comfortable are you with allowing a scan of your veins for vein

pattern recognition?]

10
For the following scenarios, choose your level of acceptance (Part I) [Your biometrics are captured and

transmitted in an unencrypted format.]

11
For the following scenarios, choose your level of acceptance (Part I) [Your biometrics are captured and

transmitted in an encrypted format.]

For the following scenarios, choose your level of acceptance (Part I) [Your biometrics are stored in a

secured government database and can only be accessed for approved reasons such as homeland security or

law enforcement.]

13
For the following scenarios, choose your level of acceptance (Part I) [Your biometrics are stored in a

database and can be accessed by commercial companies for targeted advertising.]

14
For the following scenarios, choose your level of acceptance (Part II) [Using biometrics to screen

individuals at a public event.]

15
For the following scenarios, choose your level of acceptance (Part II) [Using biometrics to replace

passwords.]

16
For the following scenarios, choose your level of acceptance (Part II) [You were informed of the

implementation of biometrics three months prior to it becoming required.]

17
For the following scenarios, choose your level of acceptance (Part II) [You were not informed that

biometrics would be required.]

18 Based on your understanding of biometrics…. [How much does the use of biometrics improve security?]

19
Based on your understanding of biometrics…. [How much does the use of biometrics improve

convenience?]

BIOMETRICS IN THE UNITED STATES 42

Figure 7: Qualitative Question #1 Responses Figure 8: Qualitative Question #2 Responses

BIOMETRICS IN THE UNITED STATES 43

gure 9: Qualitative Question #3 Responses

BIOMETRICS IN THE UNITED STATES 44

Figure 10: Qualitative Question #4 Responses

Impact of Education

Those participants with advanced Masters or Doctorate degrees answered lower than the

average answer on almost all of the questions of the study. Those participants that Bachelor

degrees averaged the same or higher than the average response on almost all of the questions.

Due to the low number of participants with an Associate Degree or some college, but no degree,

the results of their questions were not used to formulate the opinion of how education impacts

biometrics acceptance. Participants with Bachelor Degrees had an average answer of 1.1 while

participants with Doctorate Degrees and Masters Degrees had an average answer of 1.4 and 1.5

BIOMETRICS IN THE UNITED STATES 45

respectively which was higher than the overall average response of 1.3 for question number 13

relating to commercial use of biometrics. Although close with averages within 0.2, the responses

from the participants with Masters Degrees were higher on average than those with Doctorate

Degrees with the exceptions of questions number 4, 7, and 11. Participants with Bachelor

Degrees averaged at least 0.4 higher than the average participant on questions number 3, 6, 7,

and 12. Figure 11 shows the difference in the average answer by participants in each education

level.

Figure

11: Impact of Education on Biometrics Acceptance

Impact of Different Modalities

This survey had 5 questions that asked participants to choose their level of comfort with

the following biometric modalities, iris scan, fingerprint scan, palm print scan, face scan, and

BIOMETRICS IN THE UNITED STATES 46

vein pattern recognition. Those modalities correlate to questions 5-9 on the survey respectively.

As seen in Figure 11, the average response for iris scans and facial scan, question 5 and 8, was

3.6 while the average scores for fingerprint scans and palm print scans, question 6 and 7, were

4.2 and 4.1. Vein pattern recognition, question 9, had the lowest average score with 3.3.

Impact of Gender and Age

There were slight differences between the results from the male participants and the

female participants in this study. The questions with the largest difference were question 17 with

a difference of 0.6, question 8 with a difference of 0.5, and questions 2, 3, and 9 with a

difference of 0.3. Males had higher responses than the average for questions 1, 2, 3, 8, 9, 13, and

17. Females averaged higher than the average answer for questions 4, 5, 12, 14, and 18. The

responses separated by gender can be seen in Figure 12.

The participants in the 45-54 years old group had answers that were at least 0.4 higher

than the average for questions 2, 3, 4, 5, 8, 9, 14, and 15. The participants in this age group had

answers at least 0.4 less than the average for questions 12 and 16. The participants over the age

of 45 were far less accepting of having biometrics stored in a government database to be used for

homeland security or law enforcement with answers at least 0.9 less than the average for

question 12 which was 35-55% lower scores than the participants between 25-44 years old. The

participants over the age of 65 years old had answers that were less than the average answer with

the exception of questions number 10 and 19 which were 0.3 and 0.1 more than the average. The

overall average of all of the answers from participants over the age of 65 years old was 2.7. The

average for the other age groups were at least 0.6 higher with most being 0.9 higher. The three

age groups between 25-54 years old all had overall averages of 3.6. The responses separated by

age group can be seen in Figure 13.

BIOMETRICS IN THE UNITED STATES 47

Figure

12: Impact of Gender on Biometrics Acceptance

Figure

13: Impact of Age on Biometrics Acceptance

BIOMETRICS IN THE UNITED STATES 48

Impact of Experience with Biometrics

Those participants that were very experienced with biometrics had answers that were

higher than the average answer for questions 1, 2, and 4 relating to logging into a computer,

boarding flights and using ATMs. Additionally, the very experienced participants had scores

that were 0.4 higher than the average answer for question 5 and 19 relating to iris scans and

convenience features. Very experienced participants had scores that were 0.9 higher than the

average for question 17 relating to unannounced biometrics than the other participants. Likewise

very experienced participants had answers that were 0.4 lower than the average for question 15

related to using biometrics to replace passwords. The participants with no experience with

biometrics had scores that were 0.5 less than the average answer for questions 14 and 19 relating

to screening individuals at public events and convenience features. On average participants with

no experience had answers less than the average score, but their answers for questions 7, 8, and 9

were over 0.2 higher than the average. Participants with no experience had an overall average

answer of 3.4 which was less than the average answer of 3.6 for both participants with some

experience and very experienced participants. The results showing the responses based on

experience level are in Figure 14. Only 11% of the participants were very experienced with

biometrics. 55% of the participants had some experience with biometrics.

BIOMETRICS IN THE UNITED STATES 49

Figure

14: Impact of Experience on Biometrics Acceptance

Impact of Employment Status

Due to the low numbers of participants in the self-employed, homemaker, and student

demographic subsets, their responses will not be used to characterize opinions for the whole

subset. Military participants were about 10% less accepting of vein pattern recognition than the

other participants and were 10% less convinced that biometrics improve convenience. However,

they were about 20% more accepting of biometrics being stored in a government database for

use in law enforcement or homeland security and were about 10% more accepting of biometrics

after being notified. Retired participants answered lower than the average for all questions

except questions 9, 10, and 17. Retired participants were over 5% more accepting of vein pattern

recognition and 10% more accepting of transmitting unencrypted biometrics. Retired

participants were least accepting of biometrics use with an overall average answer of 3.2 and

military participants were most accepting with an overall answer of 3.6. . The results showing

responses separated by employment status are in Figure 15.

BIOMETRICS IN THE UNITED STATES 50

Figure 15: Impact of Employment Status on Biometrics Acceptance

BIOMETRICS IN THE UNITED STATES 51

Discussion

The survey reviewed and confirmed many of the assumptions developed during the

literature review. Additionally, the survey was used to test the nine hypotheses of the study. In

addition to the quantitative analysis of information, a qualitative study was conducted to gather

information about the participants’ opinions that were not constrained by the limitations of

quantitative questions. The qualitative results helped to support and further emphasize the

results of the quantitative study.

Due to low numbers of participants in several demographic categories, those categories

were not used for analysis within the demographics. However, the results were factored into the

overall aggregate to be used for the average of all participants. The categories that were not used

for the analysis of how education impacts biometrics acceptance were Associate Degree and

some college, no degree due to low representation. For the analysis of how different

employment categories impact acceptance of biometrics, the categories of self-employed,

homemaker, and student were not specifically considered. These categories were not used

because they had low representation and the researcher felt it would be an inaccurate

characterization for the category if there were only one or two participants due to the increased

impact of their responses. Also, while the qualitative results were helpful to support the

quantitative results, some of the answers were skewed due to the participants misunderstanding

of the purpose of the questions. There were some answers that did not belong with the question

such as locations when the question asked for situations. Additionally, some answers were not

considered because the participants wrote, “same as above” or “same as previous answer” which

would work if the researcher analyzed each participant’s responses separately. However, due to

BIOMETRICS IN THE UNITED STATES 52

the aggregate nature of the responses for analysis, those types of responses were not helpful

because the researcher had no way to reference the previous answers.

Through the study and subsequent analysis it was determined that education impacts the

acceptance of biometrics. Participants with Bachelor Degrees had an average answer that was

almost 10% less for question number 13 than the average answers from those with Masters

Degrees or Doctorate Degrees. Although all of the answers were less than 1.5, indicating

disproval, the results indicate that those participants with higher degrees are more accepting of

the possibility of biometrics being used for targeted advertising than the average participant. The

participants with Bachelor Degrees were at least 10% more receptive than the average to using

biometrics for workplace accountability through clocking in and for use by the government for

law enforcement or homeland security. Likewise, those with higher degrees were between 5%

and 22% less accepting of biometrics for those purposes. Additionally, those participants with

Bachelor Degrees were much more accepting of fingerprint and palm print biometrics than those

with higher degrees with more than 15% difference and an average score of 4.5 out of a possible

5 indicating high levels of comfort. Those participants that had higher degrees were less

accepting of biometrics than those that had lower degrees with those participants with Bachelor

Degrees having a 13% higher average answer than those participants with Doctorate degrees.

Conversely, experience with biometrics affects the acceptance of the technology in the

opposite way. Those participants that were very experienced with biometrics were more

accepting of the technology than those with less experience. The very experienced participants

were 22% more accepting of unannounced biometrics than those with less experience.

Additionally, the very experienced participants were more accepting of using biometrics for

logging into computers, boarding flights, using ATMs and were over 10% more comfortable of

BIOMETRICS IN THE UNITED STATES 53

iris scans than the other participants. However, the experienced participants were 10% less

accepting of using biometrics to replace passwords. Participants with no biometrics experience

were less accepting of biometrics than those with some experience or those that were very

experienced with an overall average answer that was 5% less than the other two groups. This

aligns with the research by Riley et al. that describes the relationship of familiarity with

biometrics and acceptance of the technology (2004). Surprisingly, the participants with no

biometrics experience were over 5% more accepting of palm print, facial scan, and vein pattern

recognition modalities than the overall average. However, they were over 10% less accepting of

using biometrics for screening individuals at public events and were less convinced that

biometrics improve convenience than those participants with some or a lot of experience with

biometrics.

The biometric modality being used also has an impact on acceptance. The more

traditional biometric modalities of fingerprint scan and palm print scan were determined to be

more acceptable by the participants with average answers of 4.2 and 4.1 respectively. These

modalities have an average answer between 12.5% and 22.5% higher than the other modalities of

iris scan, facial scan, and vein pattern recognition. It is believed that the reason there is a

difference in acceptance rate between modalities is because of comfort and recognition. Most

people have seen traditional fingerprint capture and many have probably had their fingerprints

taken before. Although, this modality requires contact with the device, it is more familiar to

many people than other modalities like vein pattern recognition. The researcher assumed iris

scan, facial scan, and vein pattern recognition averages are lower for two reasons. One reason is

that participants may be worried of health risks associated with using the technology and, as

previously mentioned, they are not as familiar with the modality as with fingerprints.

BIOMETRICS IN THE UNITED STATES 54

There were subtle differences between males and females with biometrics acceptance.

However, they were very similar in their answers. This aligns with the research from “Are we

learning to love biometrics” which stated that men and women have similar acceptance rates as a

whole, but women were less willing to use advanced biometrics like eye scans and hand scans

(2008). Contrary to that research, the female participants in this study were about 5% more

accepting of iris scans than the male participants. However, females were significantly less

accepting of the other advanced biometric modalities, face scans and vein pattern recognition,

with a 12% and 7% lower acceptance rate than males. Additionally, the female participants were

less accepting of unannounced biometrics usage, using biometrics for boarding flights, and

clocking in for work than the male participants. However, the female participants were 5% more

accepting of biometrics usage for law enforcement or homeland security and for screening

individuals at public events than the male participants

Age of the participants was determined to have an impact on their acceptance of

biometrics. The participants between the ages of 45-54 years old were more accepting of

biometrics use for security and convenience functions like boarding flights, using ATMs,

clocking in for work, replacing passwords and screening individuals at public events.

Additionally, this age group was more accepting of advanced biometrics such as iris scans and

vein pattern recognition than other age groups. Conversely, the participants younger than 44

years old were significantly more accepting of having their biometrics stored in a government

database with answers between 35-55% higher than the participants older than 44 years old. The

participants over the age of 65 years old were consistently much less accepting of biometrics

with an average response over 22% less than other age groups. Although there were only four

participants over the age of 65 years old, the researcher determined to accept their responses as a

BIOMETRICS IN THE UNITED STATES 55

valid characterization of this demographic subset. While it has been determined that age does

impact acceptance, it is not a linear relationship where younger participants are more accepting

and older participants are less accepting. Instead, it varies based on age group and purpose of the

biometrics use. Additionally, over 71% of the participants were under 45 years old which could

impact the average response as that age group was more accepting of biometrics. This could

skew the results when comparing individual groups against the average response.

Employment status had some impact on the acceptance of biometrics. However, it is

believed that many of those impacts are related to other factors. Participants that were retired

were less accepting of biometrics than other participants. Over 75% of the individuals that were

65 years old or older were also retired. Therefore, many of the characteristics of that age group

could have been transposed on the retired subset. Military participants were more accepting of

having biometrics stored in a government databases and were more accepting of fingerprint

scans and palm print scans. These higher acceptance rates could be influenced by the military

participant’s experience with biometrics through operations and through access management.

The hypothesis which stated “there is no significant evidence that the trust that personal

information will be protected impacts acceptance of biometrics” (H1) was proven to be false.

The average acceptance rate of transmitting unencrypted biometrics was 75% lower than

transmitting encrypted biometrics. Additionally, the average acceptance rate of having

biometrics stored in a database that can be accessed by commercial companies was almost 58%

lower than the acceptance rate of having biometrics stored in a database which could only be

used for approved purposes such as law enforcement or homeland security. Also, when asked to

list unacceptable uses of biometrics, the participants overwhelmingly listed commercial uses and

other uses where the information would not be protected. These results indicate that American

BIOMETRICS IN THE UNITED STATES 56

citizens are concerned about their personal information and will have higher acceptance rates if

they trust their information will be protected.

The hypothesis that stated “there is no statistically significant evidence that the act of

socialization and public consultation prior to implementation impacts the acceptance of

biometric technology” (H2) was proven to be false. The average acceptance rate of the

participants that were notified three months in advance that biometrics would be implemented

was almost 48% higher than the average acceptance rate of not being notified in advance. The

hypothesis that stated “there is no statistically significant evidence that the age of an individual

has an impact on the acceptance of biometric technology” (H3) has been proven to be false.

While not a linear relationship, age does impact the acceptance of biometrics as referenced

above.

The hypothesis that stated “there is no statistically significant evidence that desirable

convenience features, such as the elimination of the need for passwords or expedited security

screening, have an impact on the acceptance of biometric technology” (H4) was proven to be

true. While there was some difference between convenience features and security features, it

was very small and determined to be insignificant. The average acceptance rate for using

biometrics to log into a computer or phone was 4.0, the use of biometrics to withdraw cash from

an ATM was 3.6, and the use of biometrics to replace passwords was 4.3. Similarly, the use of

biometrics to board a flight and to clock into work were both 3.7. There was only a 7%

difference between the convenience average acceptance rate of 4.0 and the other acceptance rate

of 3.7.

The hypothesis that stated “there is no statistically significant evidence that the use of

biometrics impact American citizens’ perception of security” (H5) was proven to be false. The

BIOMETRICS IN THE UNITED STATES 57

participants’ average answer was 4.1 when asked how much biometrics improve security. This

means that the participants believe that biometrics somewhat significantly improve security. The

hypothesis that stated “there is no statistically significant evidence that the increase in the level

of security impacts acceptance of biometric technology” (H6) was proven to be true.

The hypothesis that stated “there is no statistically significant evidence that the level of

education obtained by an individual impacts acceptance of biometric technology” (H7) was

proven to be false. As previously stated, those participants with higher levels of education had

lower acceptance rates of biometrics than those with lower levels of education. The hypothesis

that stated “there is no statistically significant evidence that an individual’s gender impacts

acceptance of biometric technology” (H8) was proven to be inconclusive. Generally, gender

does not impact acceptance of biometrics as a whole. However, the genders do differ on

acceptance of different modalities.

The hypothesis that stated “there is no statistically significant evidence that the use of

different biometric modalities impacts acceptance of biometric technology” (H9) was proven to

be false. As previously stated, the advanced biometric modalities of iris scan, face scan and vein

pattern recognition had a lower acceptance rate than the other modalities of fingerprint scan and

palm print scan. The advanced biometrics had between 15% and 22% lower acceptance rates

than the other modalities.

BIOMETRICS IN THE UNITED STATES 58

Summary

Through the literature review and survey, the study aimed to detail existing biometrics

modalities, biometrics uses, privacy concerns and mitigating actions to improve acceptance.

Additionally, the study was conducted to determine the overall acceptance of biometrics by

American citizens and factors that impact acceptance of the technology.

The study determined that there are several factors that impact acceptance of biometrics

including the type of modality used, the purpose of the biometric usage, and several demographic

characteristics. The literature review determined that factors such as physical contact with the

biometric device and experience with biometrics impact acceptance and comfort with the

technology. The survey captured significant data that was used to validate some of the

assumptions developed during the literature review and to test the hypotheses.

The study showed that American citizens were generally accepting of biometrics and

their use but that factors such as demographic characteristics and the purpose of the use could

impact the level of acceptance. Trust that personal information would be protected and that the

biometric data will be used for an acceptable purpose impacts acceptance of biometrics as does

prior notification that biometrics will be conducted. Age and education levels were also found to

have an impact on biometrics acceptance. However, convenience features of biometrics were

determined to have no effect on their acceptance rate. Convenience features were generally

ranked as generally acceptable, but there was little statistical data to show that the absence of

these features would decrease acceptance. The biometric modality used was also found to have

an impact on acceptance with the more standard modalities of fingerprint and palm print having

the highest acceptance rates.

BIOMETRICS IN THE UNITED STATES 59

The knowledge gained during this study can be used to further improve acceptance and

implementation of biometrics technology. Understanding how different demographic features

impact acceptance as well as knowing acceptable and unacceptable uses of biometrics will be

beneficial in developing a roadmap for future developments.

BIOMETRICS IN THE UNITED STATES 60

Recommendations

Leaders in the biometrics industry should focus on uses and modalities that are highly

acceptable to the public in order to increase their knowledge, understanding, and experience of

biometrics. Meanwhile, they should begin researching on how to legally capture, store, and

utilize biometrics for many purposes including homeland security, restricted space access, and

transportation screening while maintaining security during transmittal and storage. Based on the

literature review and the results of the survey, it is recommended that companies and

organizations research using highly acceptable modalities such as fingerprint or palm print scans

for computer/device access and restricted area access control then evaluate using advanced

modalities and expanding to other purposes. Additionally, companies and organizations would

benefit from an increased focus on security and an educational/public affairs campaign to

increase the understanding of biometrics and the security features that will protect the data.

Due to the expedited nature and small sample size used for this study, there should be

another, larger survey conducted to gather a better estimation of the attitudes and opinions of

American citizens. The survey would take the knowledge gained during this study to develop

better focused questions in order to determine how the current global climate and the influx of

technology in the daily lives of American citizens has impacted their views on biometrics. The

future survey should have considerable participation with industry and government organizations

involved in biometrics development and implementation in order to get the greatest benefit.

BIOMETRICS IN THE UNITED STATES 61

References

Alhussain, T., & Drew, S. (2009). Towards user acceptance of biometric technology in E-

Government: A survey study in the Kingdom of Saudi Arabia. In C. Godart, N. Gronau,

S. Sharma, & G. Canals (Eds.), Software services for e-Business and e-Society (pp. 26-

38). Berlin Heidelberg: Springer. doi:10.1007/978-3-642-04280-5_3

Allan, A. (2013). Good authentication choices: Evaluating biometric authentication methods

(Gartner Research Note No. G00249404). Retrieved from Gartner Inc.’s website:

https://www.gartner.com/doc/2503119

Are we learning to love biometrics. (2008). Security Magazine. Retrieved from

http://www.securitymagazine.com/articles/print/are-we-learning-to-love-biometrics-1

Biometric Identity Management Agency. (n.d.). Biometrics Identity Management Agency

overview. Retrieved from http://www.biometrics.dod.mil/

Biometrics.gov. (n.d.). Federal programs. Retrieved from

http://www.biometrics.gov/ReferenceRoom/FederalPrograms.aspx

Biometrics researchers aim to reduce passwords. (2013). Security Magazine. Retrieved from

http://www.securitymagazine.com/articles/84935-biometrics-researchers-aim-to-reduce-

passwords

Biruntha, S., Dhanalakshmi, S., & Karthik, S. (2012). Survey on security schemes for biometric

privacy. International Journal of Computer Applications 60(1), 4-7. doi: 10.5120/9654-

3986

Bulman, P. (2004). NIST study shows computerized fingerprint matching is highly accurate.

Retrieved from http://www.nist.gov/public_affairs/releases/computer_fingerprint.cfm

BIOMETRICS IN THE UNITED STATES 62

Careful with the hands. (n.d.). Saudi Gazette. Retrieved from

http://www.saudigazette.com.sa/index.cfm?method=home.regcon&contentid=200805085

836

Clifton, M. (2013). Looking ahead at government biometrics in 2014. Security Magazine.

Retrieved from http://www.securitymagazine.com/articles/print/85019-looking-ahead-at-

government-biometrics-in-2014

Dessimoz, D., Richiardi, J., Champod, C., & Drygajlo, A. (2007). Multimodal biometrics for

identity documents. Forensic Science International (Online), 167(2), 154-159. doi:

10.1016/j.forsciint.2006.06.037

Dubin, C.H. (2011). Biometrics: Hands down. Security Magazine, 48(2), 52-54. Retrieved

from http://search.proquest.com/docview/853887391?accountid=8289

El-Abed, M., Giot, R., Hemery, B., & Rosenberger, C. (2010). A study of users’ acceptance and

satisfaction of biometric systems. In 2010 IEEE International Carnahan Conference on

Security Technology (ICCST), (pp. 170-178). IEEE. doi: 10.1109/CCST.2010.5678678

Fatima, A. (2011). E-banking security issues – Is there a solution in biometrics? Journal of

Internet Banking and Commerce, 16(2), 1-9. Retrieved from

http://search.proquest.com/docview/915652371?accountid=8289

The FBI Biometric Center of Excellence. (n.d.). Modalities. Retrieved from

http://www.fbi.gov/about-us/cjis/fingerprints_biometrics/biometric-center-of-

excellence/modalities/modalities

The Federal Bureau of Investigation. (2012). Privacy impact assessment: Integrated Automated

Fingerprint Identification System (IAFIS)/Next Generation Identification (NGI) biometric

BIOMETRICS IN THE UNITED STATES 63

interoperability. Retrieved from http://www.fbi.gov/foia/privacy-impact-

assessments/iafis-ngi-interoperability-1

The Federal Bureau of Investigation. (n.d.). Integrated Automated Fingerprint Identification

System. Retrieved from http://www.fbi.gov/about-

us/cjis/fingerprints_biometrics/iafis/iafis

Furlonger, D. (2013). Hype cycle for the future of money, 2013 (Gartner Research Note No.

G00252277). Retrieved from Gartner, Inc.’s website:

http://www.gartner.com/doc/code/252277

IEEE. (2012). Module 2: Biometrics modalities. Retrieved from

http://www.ieeebiometricscertification.org/free-demo/IEEE_CBP_module2_sample

Gonsalves, A. (2013). NSA fear raises concerns over DHS facial recognition technology. CSO

Magazine Online. Retrieved from http://www.csoonline.com/article/738643/nsa-fear-

raises-concerns-over-dhs-facial-recognition-technology

Jefferson, R.B. (2010). Computer science, technology and applications: Biometrics, privacy,

progress and government. New York, NY: Nova Science Publishers, Inc. Retrieved from

http://site.ebrary.com/lib/apus/docDetail.action?docID=10671004

LeHong, H. & Fenn, J. (2013). Hype cycle for emerging technologies, 2013 (Gartner Research

Note No. G00252762). Retrieved from Gartner Inc.’s website:

http://www.gartner.com/doc/code/252762

Miltgen, C. L., Popovič, A., & Oliveira, T. (2013). Determinants of end-user acceptance of

biometrics: Integrating the “Big 3” of technology acceptance with privacy context.

Decision Support Systems, 56, 103-114. Retrieved from

http://search.proquest.com/docview/1477171851?accountid=8289

BIOMETRICS IN THE UNITED STATES 64

Mitchener-Nissen, T. (2013). Addressing social resistance in emerging security technologies.

Frontiers in Human Neuroscience, 7(483). doi: 10.3389/fnhum.2013.00483

Modi, S.K. (2011). Biometrics in identity management: Concepts to applications. Norwood,

MA: Artech House. Retrieved from

http://site.ebrary.com/lib/apus/docDetail.action?docID=10522164

National Biometric Security Project. (2006). Report on United States federal laws regarding

privacy and personal data and applications to biometrics. (NBSP Publication 0105).

National Public Radio. (2011). By the numbers: Today’s military. Retrieved from

http://www.npr.org/2011/07/03/137536111/by-the-numbers-todays-military

National Science and Technology Council. (2006a). Biometrics glossary. Retrieved from

http://www.biometrics.gov/Documents/Glossary

National Science and Technology Council. (2006b). Iris recognition. Retrieved from

http://www.biometrics.gov/Documents/IrisRec

Nelson, L.S. (2010). America identified: Biometric technology and society. Cambridge, MA:

MIT Press. [ebrary Reader version] Retrieved from

http://site.ebrary.com/lib/apus/docDetail.action?docID=10433732

Pellerin, K. (2004). Increasing accuracy in multimodal biometrics systems. Retrieved from

http://www.giac.org/paper/gsec/4110/increasing-accuracy-multimodal-biometric-

systems/106587

Riley, C., Buckner, K., Johnson, G., & Benyon, D. (2009). Culture & biometrics: Regional

differences in the perception of biometric authentication technologies. AI & Society,

24(3), 295-306. doi: 10.1007/s00146-009-0218-1

BIOMETRICS IN THE UNITED STATES 65

Robson, D. (2011, January 11). Facial recognition a system problem gamblers can’t beat?

Toronto Star. Retrieved from

http://www.thestar.com/news/gta/2011/01/12/facial_recognition_a_system_problem_gam

blers_cant_beat.html

Rosen, J. (2007). The silver bullet: Protecting privacy and security through law and Technology.

Proceedings of the American Philosophical Society, 151(3), 291-299. Retrieved from

http://search.proquest.com/docview/220853224?accountid=8289

Sarkar, I., Alisherov, F., Kim, T., Bhattacharyya, D. (2010). Palm vein authentication system: A

review. International Journal of Control and Automation 3(1), 27-34. Retrieved from

http://www.sersc.org/journals/IJCA/vol3_no1/3

Schneider, H. (2013). India launches biometric data project to make every citizen count in

official eyes. Retrieved from http://www.theguardian.com/world/2013/may/14/india-

biometric-data-identity-mapping

Stromberg, J. (2013). How you type could become your new password. Smithsonian magazine,

July-August 2013. Retrieved from http://www.smithsonianmag.com/ideas-

innovations/How-You-Type-Could-Become-Your-New-Password-213868591.html

Tavani, H.T. (2013). Ethics and technology: Controversies, questions and strategies in ethical

computing (4th ed). Hoboken, NJ: John Wiley & Sons, Inc.

U.S. Customs and Border Protection. (2014). Global Entry Program. Retrieved from

https://help.cbp.gov/app/answers/detail/a_id/1035/~/global-entry-program

U.S. Department of Homeland Security. (2012). Privacy impact assessment for the Automated

Biometric Identification System (IDENT). Retrieved from

http://www.dhs.gov/sites/default/files/publications/privacy-pia-nppd-ident-06252013

http://www.theguardian.com/world/2013/may/14/india-biometric-data-identity-mapping

BIOMETRICS IN THE UNITED STATES 66

United States Census Bureau. (n.d.a) Age and sex composition in the United States: 2012.

Retrieved from http://www.census.gov/population/age/data/2012comp.html

United States Census Bureau. (n.d.b). Educational attainment. Retrieved from

http://www.census.gov/hhes/socdemo/education/

United States Census Bureau. (n.d.c). USA. Retrieved from

http://quickfacts.census.gov/qfd/states/00000.html

Wolf, A.M. (2013). European ID policy and border crossing. Presented at the Biometric

Consortium Conference 2013, Tampa, FL. Retrieved from

http://www.biometrics.org/bc2013/presentations/int_wolf_wednesday_1400

Zalud, B. (2012). Biometrics? Time to go beyond – video, face, voice and more. Security, 49(10),

48-50. Retrieved from http://search.proquest.com/docview/1231588461?accountid=8289

http://www.census.gov/hhes/socdemo/education/

http://search.proquest.com/docview/1231588461?accountid=8289

BIOMETRICS IN THE UNITED STATES 67

Appendix A

Survey Questions

BIOMETRICS IN THE UNITED STATES 68

BIOMETRICS IN THE UNITED STATES 69

BIOMETRICS IN THE UNITED STATES 70

BIOMETRICS IN THE UNITED STATES 71

BIOMETRICS IN THE UNITED STATES 72

BIOMETRICS IN THE UNITED STATES 73

BIOMETRICS IN THE UNITED STATES 74

Appendix B

Survey Summary

BIOMETRICS IN THE UNITED STATES 75

BIOMETRICS IN THE UNITED STATES 76

BIOMETRICS IN THE UNITED STATES 77

BIOMETRICS IN THE UNITED STATES 78

BIOMETRICS IN THE UNITED STATES 79

BIOMETRICS IN THE UNITED STATES 80

BIOMETRICS IN THE UNITED STATES 81

BIOMETRICS IN THE UNITED STATES 82

BIOMETRICS IN THE UNITED STATES 83

BIOMETRICS IN THE UNITED STATES 84

BIOMETRICS IN THE UNITED STATES 85

BIOMETRICS IN THE UNITED STATES 86

BIOMETRICS IN THE UNITED STATES 87

BIOMETRICS IN THE UNITED STATES 88

BIOMETRICS IN THE UNITED STATES 89

BIOMETRICS IN THE UNITED STATES 90

School of Science, Technology, Engineering, and Math

MS in Information Technology

The thesis for the master’s degree submitted by

Joshua D. Brandt

under the title

Biometrics In The United States: Balancing Privacy, Security, And Accessibility

has been read by the undersigned. It is hereby recommended for acceptance by the faculty with

credit to the amount of 3 semester hours.

(Signed, first reader) __________________________ (Date) ______________

(Signed, second reader, if required) _______________________ (Date) ______________

Recommend for approval on behalf of the program

(Signed) ______________________________ (Date) _______________

Recommendation accepted on behalf of the program director

(Signed) ______________________________ (Date) __________________

Approved by academic dean

Date ______________________

I, _Joshua D. Brandt_, owner of the copyright to the work known as _Biometrics in the United

States: Balancing Privacy, Security, and Accessibility_ hereby authorize

_____________________________ to use the following material as part of his/her thesis to be

submitted to American Public University System.

Page Line Numbers or Other Identification

_________________________________

Signature

Institutional Review Board (IRB)

4 March 2014

Dear Joshua Brandt,

The APUS IRB has reviewed and approved your application # 1-2014-6 (submitted 2/26/2014).

The approval covers one calendar year. Should you need an extension beyond the one year

timeframe, an extension request will have to be submitted. However, this does not mean your

research must be complete within the one year time frame. Should your research using human

subjects extend beyond the time covered by this approval, you will need to submit an extension

request to the IRB.

Sincerely,

Patricia J. Campbell

Chair, IRB

This capstone has been approved by Dr. Novadean Watson-Stone for submission, review, and

publication by the Online Library.

Author’s name: Joshua D. Brandt____________________________________________

Title: Biometrics in the United States: Balancing Privacy, Security, and Accessibility___

Professor: Dr. Novadean Watson-Stone_______________________________________

Second reader, if required: _________________________________________________

Program: Master’s of Science in Information Technology with a concentration in Digital

Forensics_______________________________________________________

Pass with Distinction:

YES NO

Keywords/Descriptive Terms: biometrics, privacy, security, accessibility, technology

acceptance

[ ] Contains Security-Sensitive Information

Expert paper writers are just a few clicks away

Place an order in 3 easy steps. Takes less than 5 mins.

Calculate the price of your order

Type of paper needed:

Pages:

You will get a personal manager and a discount.

Academic level:

We'll send you the first draft for approval by at

Total price:

$0.00