Decentralized biometric system proposed for privacy in ICRC aid distribution

Wouter Lueks, faculty member at the CISPA Helmholtz Center for Information Security in Germany explained a proposed system for digital aid distribution with privacy protections in a presentation at the recent RSA Conference 2024. The key to the system, Lueks says, is the use of smart cards and potentially smartphones to store data and perform transactions without relying on centralized databases.

The work Lueks described in his presentation on “Another Digital ID: Privacy-preserving Humanitarian Aid Distribution,” conducted in collaboration with the International Red Cross, aims to develop a digitized aid distribution system tailored to the needs of vulnerable populations affected by crises such as war, famine, and natural disasters. Traditional methods of aid distribution, which involve manual registration and the physical handling of items, are labor-intensive and prone to inefficiencies, he says, especially when dealing with large numbers of recipients.

Lueks’ research, which garnered a Distinguished Paper Award at the IEEE Symposium on Security and Privacy, addresses the critical challenges faced by humanitarian organizations in crisis settings.

This decentralized digital identity approach aims to enhance privacy and security by minimizing the amount of sensitive information collected and stored. Smart cards include biometric samples to authenticate recipients, reducing the risk of fraud and ensuring aid reaches the intended beneficiaries. This was a problem with food aid distribution by the World Food Programme in Yemen, which Lueks mentions as an example of the drawbacks of centralized biometrics storage.

Deduplication of biometrics, which can ensure beneficiaries are not enrolled under multiple names, for instance, typically requires a centralized database. Lueks says a forthcoming paper will propose a way to deduplicate users’ biometrics without storing them all in one place.

The project presented at RSA involves a close partnership with the International Committee of the Red Cross (ICRC), renowned for its operations in challenging environments. Frequent consultations with the ICRC’s Data Protection office and field personnel informed the development process, ensuring the system met real-world requirements and addressed potential risks.

The distribution process involves verifying the smart card’s authenticity, checking eligibility, and issuing entitlements based on household needs. To prevent double-dipping, where a household might try to receive aid more than once in a distribution cycle, the system employs pseudorandom function (PRF) tags. These tags, unique to each distribution round and household, enable the distribution station to detect and block duplicate requests.

Additionally, the system incorporates cryptographic commitments to facilitate robust auditing. These commitments allow for the verification of aid distribution without exposing detailed personal information, thereby protecting recipients’ privacy. During audits, the system can demonstrate that aid was distributed fairly and accurately, even under scrutiny from external donors or internal reviews.

During his talk, Lueks emphasizes the dual nature of technology, acknowledging its potential to benefit society while also posing significant risks, particularly concerning security and privacy. He notes that while users typically have the option to avoid technologies that threaten their privacy, this choice is often unavailable to those receiving humanitarian aid. For these individuals, rejecting technology can mean losing access to essential resources necessary for survival.

Lueks also discusses the implementation of a similar system using smartphones, leveraging anonymous credentials and domain-specific pseudonyms to maintain security and privacy. This flexibility allows for the adaptation of the system to different contexts, such as using smartphones in areas with higher mobile device penetration.

The ICRC worked with a pair of universities in Switzerland on a series of research projects to improve humanitarian assistance in 2022, one of which involved privately-held biometric data for aid distribution.

Article Topics

biometrics  |  data protection  |  decentralized biometrics  |  deduplication  |  digital identity  |  humanitarian  |  identity management  |  Red Cross  |  RSA