Author: Ankur

Categories
Uncategorised

Why are people turning off contact tracing in the NHS Covid-19 app?

“But why would anyone turn off contact tracing if they already had the NHS Covid-19 App?” 🤔

I’m going to put forward a few hypotheses that I would go down if I was trying to research this behaviour.

For starters: a lot of workplaces ask employees to turn off contact tracing. Especially in settings such as retail, hospitality, and the NHS.

Hypothesis #1: There are people who turned off the contact tracing features because of their workplace rules, and then forgot to turn it back on.

Never underestimate the power of asking users to change settings in an app back and forth. There steep cliffs where usage falls off whenever this happens.

Hypothesis #2: is people who turned off the contact tracing feature because they didn’t want to be pinged.

To which I’d say: isn’t it *more* likely that they would just delete the app, rather than fumbling around with settings? 🧐

Hypothesis #3: It’s people who did keep the app, but turned it on/off because they were doing a “high risk” (in their mind) activity that could get them pinged. Going to a pub, taking public transport, etc.

This obviously defeats the purpose…but I wouldn’t be too surprised since a lot of people seem to think the quarantine suggested by app is legally mandatory. (It isn’t.)

Quarantine is mandatory and punishable if violated only when asked by the human NHS Test & Trace team.

The NHS Covid-19 app-suggested quarantine a recommendation. Violating it cannot legally be prosecuted.

But if there’s a persistent misconception that the app’s quarantine is legally binding, it might drive some people to turn it off if they are exposed to crowds.

The @NHSX team likely does know the answers:

– How many people turn it on and off – and after what gap? A few hours could indicate it’s due to turning it off for public transport, parties, pubs etc. 8-12 hours could suggest it’s related to work days.

– How many app users turned off contact tracing, and never came back – but still have the app installed*?
(* Have tracing turned off but opened the app again. Reopening the app is necessary for the analytics to be collected again. This is different than deleting/abandoning app.)

If the NHS has usage data on how many people toggled a feature on or off, it also very likely has data on how how many “active” users the app still has and be able to estimate how many people uninstalled it during the “pingdemic”, too.

Of course, the quantitative data will only tell part of the story – which is qualitative research surveys, focus groups etc come in.

With a population of users as large as the @NHSCOVID19app has, it’s very likely to be mix off all 3 (and more!) reasons in play.

Originally tweeted by Ankur Banerjee (@ankurb) on 10 August 2021.

Categories
Technology

Good and bad takes on Amazon’s in-store biometrics

I’m seeing a lot of takes (some good, some bad) about Amazon’s incentive to register palm prints for its stores in exchange for $10. A 🧵on some of the biometrics and tech behind this – and why some of the takes get implications wrong 👇🏽

For starters, it’s an imbalance on whether it entices certain demographics to give up personal biometric data in return for $10.

This kind of asymmetric power *needs* to be looked at closely, on how that data is used in the future.

“Amazon stores biometrics in the cloud”

What is often not appreciated in this is that biometrics are often stored as mathematical templates; equivalent to “hashes”. A biometric hash CANNOT be used to reconstitute the original hand, fingerprint, or palm print. This is low risk.

If you think of traditional methods of storing passwords, they are often “salted” (add some random data) and then “hashed”.

This is also often how biometric templates are stored. ✅

If there’s a data breach, the templates are useless to a hacker in reusing at a different place.

⚠️ However, this is ONLY secure and private if the company registering biometrics ONLY stores this as a biometric template. It should NOT store the original image/picture of the hand or palm print. 🖐

The analogy here is similar to passwords, where best practice is to never store the original plaintext password, and to only ever store it as a salted and hashed version of the password. ✅

So even if Amazon or any other system stores biometric templates in the cloud, the risk is the same as losing securely stored password hashes: they are useless to a hacker.

It’s all the OTHER data with personal information that’s more useful to hackers.

How does Amazon One compare to on-device biometrics like Apple Touch ID or Face ID? 🤔

The main difference is Touch/Face ID can ONLY be used for 1:1 matching with a single person.

Something like Amazon One which is a central system can be used for 1:1 matching (“give me access to my own account”)

But it can also be used for 1:many matching (“does this palm ✋ print belong to a known fraudster?”)

(How and who decides who is a “known fraudster”?)

Then there’s how Amazon One works, or most biometrics in general.

As a biometrics operator, you want to prevent fraudsters from taking a picture and showing it to a scanner.

⛔️ This is a risk with finger and palm prints…if someone is targeting a specific individual.

As a fraudster though, you’d want to maximise returns and minimise the effort.

Lifting physical finger or palm prints at large scale is *hard* to do.

Amazon uses vein prints, which also can check for something called “liveness”: it’s not just a static image, but can also see if there’s realistic motion that would happen with blood flowing through an actual human’s palm.

This makes it very hard to spoof by a fraudster.

Even if someone had my fingerprints or palm prints, that’s not the same kind of data as my vein patterns.

And even if they had pictures of my vein patterns, it’s hard to spoof the motion associated with vein prints.

TL;DR: the way Amazon One uses vein prints from a palm ✋is secure and follows best practices.

SHOULD they be doing this and whether it’s creepy is a different question that comes down to what’s acceptable in this context by society and users.

(E.g., people don’t mind doing this for passports or border control. They also have no choice in that scenario, whereas Amazon One biometrics is an opt-in programme)

If you’ve stuck by this far (thank you 🙏🏽), would YOU register and give your biometrics to Amazon for entering their grocery stores?

Originally tweeted by Ankur Banerjee (@ankurb) on 6 August 2021.