Roger Clarke's Web-Site


© Xamax Consultancy Pty Ltd,  1995-2016

Roger Clarke's 'Biometrics Bibliography'

Biometrics Bibliography

Roger Clarke

Principal, Xamax Consultancy Pty Ltd, Canberra

Visiting Fellow, Department of Computer Science, Australian National University

Revision of 11 March 2003, plus enhancements 31 March, 18 April, 6 May 2004

© Xamax Consultancy Pty Ltd, 2002-04

This document is at

This Bibliography supports the author's work in the area


Introductions to Biometrics

Blackburn D.M. (2001) 'Face Recognition 101: The Technology and Its Applications' [U.S.] Department of Defense Counterdrug Technology Development Program Office, 10 August 2001, at

Bowman E. (2000) 'Everything You Need to Know About Biometrics', Identix Corporation, January 2000, at

Davis A. (1997) 'The Body as Password' Wired 5.07 (July 1997), at

Economist (2000) 'The measure of man' The Economist, 9 September 2000, at

Jain A.K., Bolle R. & Pankanti S. (Eds.) (1999) 'Biometrics: Personal Identification in Networked Society' Kluwer Academic Publishers, 1999

Jain A., Hong L. & Pankanti S. (2000) 'Biometrics: Promising frontier for emerging identification market' ACM 43, 2 (February 2000) 91-98, at

Silberman S. (2001) 'The New ID' Wired 9.01 (January 2001), at

The Biometric Consortium (2002) 'Introduction to Biometrics', at

More Advanced Materials on Biometrics

Ashbourn J.D.M. (2000) 'Biometrics : Advanced Identify Verification: The Complete Guide' Springer-Verlag, 2000

Bleumer G. (1998) 'Biometric yet Privacy Protecting Person Authentication' Proc. Information Hiding Workshop '98, LNCS 1525, Springer-Verlag, Berlin, at

CESG (2002) 'Biometrics Working Group', at

Clarke R. (2001) 'Authentication: A Sufficiently Rich Model to Enable e-Business', December 2001, at

Clarke R. (2002) 'e-Consent: A Critical Element of Trust in e-Business', Proc. 15th Bled Electronic Commerce Conf., Bled, Slovenia, 17-19 June 2002, at

DMOZ (1999-) 'Biometrics Links', Open Directory Project, at

GAO (2002) 'Technology Assessment: Using Biometrics for Border Security', GAO-03-174, November 2002, at (WARNING: 22MB of PDF!!)

Jain A.K., Ross A. and Prabhakar S. (1998) 'Biometrics-Based Web Access' MSU Technical Report TR98-33, 1998, at

Maltoni D., Maio D, Jain A.K. & Prabhakar S. (2003) 'Handbook of Fingerprint Recognition' Springer, 2003, from

Miller B. (1994) 'Vital signs of identity' IEEE Spectrum 31, 2 (February 1994) 22-30

Nanavati S. et al. (2002) 'Biometrics: Identity Verification in a Networked World' Wiley, 2002

Nichols R.K. (ed.) (1999) 'ICSA Guide to Cryptography' McGraw-Hill (1999)

Wayman J.L. (1999) 'The Functions of Biometric Identification Devices', National Biometric Test Center, San José State University, at

Wayman J.L. (2000) 'National Biometric Test Center: Collected Works: 1997-2000', Version 1.3, August 2000, at

Biometric Technology Assessment

BEM (2002) 'Common Criteria Common Methodology for Information Technology Security Evaluation: Biometric Evaluation Methodology Supplement [BEM]' Common Criteria Biometric Evaluation Methodology Working Group, Version 1.0, August 2002, at

Bone M. & Blackborn D. (200) 'Face Recognition at a Chokepoint: Scenario Evaluation Results' DoD Counterdrug Technology Development Program Office, 14 November 2002, at{A23FC638-2E93-4ADF-96F2-620DCB32E317}

CESG (2002) 'Biometric Device Protection Profile (BDPP)', Communications-Electronics Security Group (CESG), at

CESG (2002) 'Biometrics for Identification and Authentication - Advice on Product Selection' 2,0, March 2002, at

CSE (2001) 'Biometric Technology Security Evaluation under the Common Criteria' Communications Security Establishment, Canada, v.1.2, September 2001, at

FTC (2002) 'Identity Theft Complaint Data: Figures and Trends On Identity Theft: January 2000 through December 2000', Federal Trade Commission, February 2002, at

FRVT (2000) 'Face Recognition Vendor Test 2000', at Full report (Warning: 6.2MB of PDF)

FRVT (2002) 'Face Recognition Vendor Test 2002', at FRVT (2000) 'Face Recognition Vendor test 2002', at

FVC (2002) 'Fingerprint Verification Competition 2002', at, incl. Performance Evaluation Metrics, at

Hill C.J. (2001) 'Risk of Masquerade Arising from the Storage of Biometrics' BSc Honours Thesis, Department of Computer Science, Australian National University, November 2001

McCullagh D. & Zarate R. (2002) 'Scanning Tech a Blurry Picture' Wired, Feb. 16, 2002, at,1283,50470,00.html

Mansfield A.J., Kelly G., Chandler D. & Kane J. (2001) 'Biometric Product Testing' Final Report, Issue 1.0, March 2001, at

Mansfield A. J. & Wayman J. L. (2002) 'Best Practices in Testing and Reporting Performance of Biometric Devices' Version 2.1, August 2002, Communications-Electronics Security Group (CESG), at

NPL (2001) 'Biometric Product Testing' U.K. National Physical Laboratory, 19 March 2001

Phillips P.J., et al (1996) 'FERET (Face-Recognition Technology) Recognition Algorithm Development and Test Results' Army Research Laboratory, ARL-TR-995, October 1996

Phillips P.J., Martin A., Wilson C.L. & Przybocki M. (2000) 'An Introduction to Evaluating Biometric Systems' IEEE Computer 33, 2 (February 2000) 56-63, from and

Przybocki M. & Martin A. (2002) 'NIST''s Assessment of Text Independent Speaker Recognition Performance' National Institute of Standards and Technology (NIST), at{64B7E320-84B1-4E51-B0C1-F17C1CF9E794}

Thalheim L., Krissler J. & Ziegler P.-M. (2002) 'Body Check: Biometrics Defeated' c't Magazine, June 3, 2002, at,3998,a=27687,00.asp

Tomko G. (1998) 'Biometrics as a Privacy-Enhancing Technology: Friend or Foe of Privacy?' Proc. 9th Privacy Commissioners'/Data Protection Workshop, 1998, at

Wayman J.L. (1999) 'Technical Testing and Evaluation of Biometric Identification Devices' in A. Jain, et al. (eds) 'Biometrics: Personal Identification in a Networked Society' Boston, Kluwer Academic Press, 1999

Wilcox N.A. & Regan T.M. (2001) 'Identity Theft: Authentication as a Solution - Revisited' National Fraud center, 2 October 2001

Woodward J.D. (1997) 'Biometric Scanning, Law and Policy: Identifying the Concerns--Drafting the Biometric Blueprint' University of Pittsburgh Law Review 59.97 (1997), at

Biometric Technology Standards

ANSI X9.84 'Biometrics Information Management and Security'

ANSI/INCITS 358-2002 (see BioAPI)

BioAPI Specification, v.1.1, March 16, 2001, at

NISTIR 6529 'Common Biometric Exchange File Format' (CBEFF), at

OASIS (2002) 'XML Common Biometric Format (XCBF)' OASIS XML Common Biometric Format 1.0 Committee Specification, at

Sceptical Resources on Biometrics Generally

Alexander K.L. (2002) 'Dollar Rent a Car Stops Fingerprinting', The Washington Post, Thursday, 10 January 2002, at

American Banker (2001) 'In Biometrics, Shortcomings Easier to ID than Winners' American Banker 167, 200 (18 October 2001), at

The Economist (2003) 'Prepare to be scanned' Technology Quarterly, The Economist, 4 December 2003

EPIC (2001) 'Biometric Identifiers', at Electronic Privacy Information Centre, Washington DC (EPIC)

Dvorak J.C. (2000) 'Biometrics: Saviour of security?' ZDNet Australia News & Technology, 19 December 2000, at,2000024985,20107886-1,00.htm

Jonas G. (2004) 'Biometrics Won't Catch Disposable Terrorists' National Post, 19 January 2004, at

Leyden J. (2002) 'Biometric sensors beaten senseless in tests' The Register, 22 May 2002

Raikow D. (2001) ' A fingerprint is forever' ZDNet Australia News & Technology, 24 January 2001, at,2000024985,20150649-1,00.htm

Schneier B. (2001) 'Biometrics in Airports' Special Issues, Crypto-Gram, September 2001, at

Schneier B. (2002) 'Fun with Fingerprint Readers' Crypto-Gram, 15 May 2002, at

Schneier B. (2004) 'Fingerprinting Foreigners' Crypto-Gram, 15 January 2004, at

Sceptical Resources on Face Recognition In Particular

ACLU (2002a) 'Q&A on Facial Recognition', at

ACLU (2002b) 'ACLU Opposes Use of Face Recognition Software in Airports Due to Ineffectiveness and Privacy Concerns', at

ACLU (2002c) 'Drawing a Blank: The failure of facial recognition technology in Tampa, Florida' ACLU Special Report by Jay Stanley and Barry Steinhardt, 3 Jan 2002, at (PDF, 528K)

Agre P. (2001) 'Your Face Is Not a Bar Code: Arguments Against Automatic Face Recognition in Public Places ', at

Bray H. (2002) 'Reliability of face-scan technology in dispute: Accuracy questions arise in Logan test' Boston Globe, 5 August 2002, at

Dearne K. (2003) 'Face recognition fails test' Australian IT News, 27 February 2003. at,7204,6048331%5E15306%5E%5Enbv%5E,00.html

EPIC (2002) 'Face Recognition' Electronic Privacy Information Center, at

Greene T.C. (2001) 'Face recognition useless for crowd surveillance' The Register, 27 September 2001

Perera R. (2001) 'Borders Books kills face-scanning plan amid criticism', IDG News Service, 27 August 2001, at,4125,NAV47_STO63359,00.html

Smith R. (2000) 'Face Scanning at Airports: Ready for Prime Time?', at and October 2001 presentation at

Smith R. (2002) 'FaceIt evaluation home page ', at

Stanley J. & Steinhardt B. (2002) 'Drawing a Blank: The failure of facial recognition technology in Tampa, Florida' An ACLU Special Report, 3 Jan 2002, at (PDF, 528K)

Product, Supplier and Research Catalogues

International Biometric Industry Assoication Membership, at

[U.S.] National Institite of Justice, at

Biometrics Institute, at

The Biometric Consortium 'Research Databases', at

Precise Biometrics, 'Biometric Index Site', at

Some Suppliers of Face Recognition Products

Biometrics and Privacy

Clarke R. (1988) 'Information Technology and Dataveillance' Commun. ACM 31,5 (May 1988) 498-512, re-published in C. Dunlop and R. Kling (Eds.), 'Controversies in Computing', Academic Press, 1991 , at

Clarke R. (1989) 'The OECD Data Protection Guidelines: A Template for Evaluating Information Privacy Law and Proposals for Information Privacy Law' April 1989, at

Clarke R. (1994) 'Human Identification in Information Systems: Management Challenges and Public Policy Issues' Information Technology & People 7, 4 (December 1994), at

Clarke R. (1996) 'A Vision of Consumer Payments Futures' May 1996, at

Clarke R. (1996) 'Privacy and Dataveillance, and Organisational Strategy' Proc. Conf. I.S. Audit & Control Association (EDPAC'96), May 1996, at

Clarke R, (1997) 'Introduction to Dataveillance and Information Privacy, and Definitions of Terms', August 1997, at

Clarke R, (1998) 'Privacy Impact Analysis' November 1988, at

Clarke R, (1999) 'Identified, Anonymous and Pseudonymous Transactions: The Spectrum of Choice' Proc. Conf. User Identification & Privacy Protection, Stockholm, 14-15 June 1999, at

Clarke R. (2000) 'Beyond the OECD Guidelines: Privacy Protection for the 21st Century' January 2000, at

Clarke R. (2001) 'Biometrics and Privacy', April 2001, at

Clarke R. (2001) 'Person-Location and Person-Tracking: Technologies, Risks and Policy Implications' Information Technology & People 14, 2 (Summer 2001) 206-231 , at

Clarke R. (2002) 'Biometrics in Airports: How To, and How Not To, Stop Mahommed Atta and Friends ', February 2002, at

Clarke R. (2003) 'SmartGate: A Face Recognition Trial at Sydney Airport ', February 2003, at

Davies S. G. (1994) 'Touching Big Brother: How biometric technology will fuse flesh and machine' Information Technology & People 7, 4 1994

EPIC (2002) 'Biometric Identifiers' Electronic Privacy Information Center, at

EPIC (2003) 'Comments on the OASIS XML Common Biometric Format (XCBF) 1.0 Committee Specification Before the OASIS XML Common Biometric Format (XCBF) Technical Committee', Electronic Privacy Information Center, February 28, 2003, at

IPCO (2001) 'Open Letter to the Chair of Management Board of Cabinet of Ontario, Information and Privacy Commissioner of Ontario, 5 April 2001, at

Rule J.B. (1974) 'Private Lives and Public Surveillance: Social Control in the Computer Age' Schocken Books, 1974

Rule. J.B., McAdam D., Stearns L. & Uglow D. (1980) 'The Politics of Privacy' New American Library, 1980

Wayman J.L. (2000) 'Federal Biometric Technology Legislation' IEEE Computer 33, 2 (February 2000) 76-80, from

xamaxsmall.gif missing
The content and infrastructure for these community service pages are provided by Roger Clarke through his consultancy company, Xamax.

From the site's beginnings in August 1994 until February 2009, the infrastructure was provided by the Australian National University. During that time, the site accumulated close to 30 million hits. It passed 50 million in early 2015.

Sponsored by Bunhybee Grasslands, the extended Clarke Family, Knights of the Spatchcock and their drummer
Xamax Consultancy Pty Ltd
ACN: 002 360 456
78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 6916

Created: 2 April 2002 - Last Amended: 11 March 2003, plus enhancements 31 March, 18 April, 6 May 2004 by Roger Clarke - Site Last Verified: 15 February 2009
This document is at
Mail to Webmaster   -    © Xamax Consultancy Pty Ltd, 1995-2013   -    Privacy Policy