Israel’s biometric database allegedly managed illegally by subcontractor

Israel’s biometric database has allegedly been managed by a private contractor for more than two years, in violation of the rules for its maintenance established by the government when it was set up in 2011, Haaretz reports. A lawsuit in the National Labour Court filed in October by Meital Magid, an employee of digital security company Log-On, says Magid has been managing the database since September 2015, while the Interior Ministry looked for a long-term administrator. Magid filed the suit

DERMALOG ID checking software receives German government certification

DERMALOG has announced that its ePassport MRTDAPI electronic ID inspection software has been certified by the German Federal Office for Information Security (BSI) according to the “TR-03105” guideline. The BSI confirms with the certification that the software functions reliably and complies with the requirements of the International Civil Aviation Organization (ICAO). ePassport MRTDAPI verifies the authenticity of data stored on chips in eID systems, such as fingerprints or portrait photos, and uses security mechanisms including Extended Access Control (EAC) to

Brazil adopts OSTP Alliance CIPURSE to protect personal data on new drivers’ license smartcards

Brazil has adopted CIPURSE, the OSPT Alliance’s non-proprietary, open standard for secure transaction solutions, to protect personal data including fingerprints and face photos on new drivers’ license cards. Under the new scheme, the cards will be readable by law enforcement officers with an NFC smartphone app, and card-holders can access financial services with fingerprint authentication. The card also allows for public transportation implementations. “CIPURSE was selected as it is a fast, easy to program, open and non-proprietary standard which is

K&L Gates launches biometric data compliance and defense practice

K&L Gates, a fully integrated global law firm with lawyers in five continents, has started a practice in biometric data compliance and defense. The biometrics data compliance and defense group will advise clients on issues stemming from the use of face, voice and iris recognition, fingerprints and hand geometry for authentication. Since Illinois passed the Biometric Information Privacy Act (BIPA) in 2008, several other states have either enacted or are considering the passage of biometric information laws, with potentially sweeping

Majority of European consumers trust organizations using biometrics for online authentication

More than two in three Europeans (68 percent) would trust organizations more if they used biometrics for authentication, according to survey results released Tuesday by Unisys. The survey results indicate broad consumer support for biometric online authentication. Unisys surveyed 3,500 consumers in seven European countries about their opinions on the use of biometric authentication for online accounts and trust levels in organizations managing and storing their personal data. Their responses show 63 percent believe biometrics are stronger than traditional PIN

Australia mulls piloting Facial Verification Service for businesses

Australia’s Attorney General’s Department is considering selling access to its national facial recognition database to private companies, The Guardian reports based on documents released under Freedom of Information laws. Major telecommunications companies are in discussions with the government to launch pilot projects in 2018 for private sector use of the Facial Verification Service, and financial institutions are also interested, according to partially redacted documents. The new system would be similar to an existing program which allows companies to pay the

Online publication of Aadhaar info not a security breach, UIDAI says

Media reports suggesting sensitive Aadhaar data has been breached are an inaccurate representation of fact, the Unique Identification Authority of India (UIDAI) said in a statement issued Monday by India’s Ministry of Electronics and IT. Numerous media outlets reported last week that approximately 210 government websites had published personal information related to Aadhaar registrants, following a proactive disclosure by UIDAI under the RTI (Right to Information) Act. While the details were published, UIDAI says the data is public information, and

BioID ramps up data privacy and protection commitment

BioID has partnered with Microsoft Cloud Germany and Deutsche Telekom to host its highly in demand BioID Web Service (BWS) in the data center of T-Systems to further improve data security and privacy. T-Systems, a subsidiary of Deutsche Telekom, serves as the data trustee in ensuring that all data is stored exclusively in data centers based in Germany, with T-Systems facilitating all access to customer data and any related infrastructure. Providing service via such a data center is a necessity

New York AG calls for stronger security for biometric, electronic data

New York Attorney General Eric Schneiderman is calling on the state to implement its first-ever measures to protect biometric data collected by employers and businesses from cyber attacks, according to a report by Times Union. Schneiderman introduced a proposed law that would add biometric data to updated state protections aimed at a growing number of high-profile computer hacks of confidential personal data kept by businesses on their customers. Appropriately titled “Stop Hacks and Improve Electronic Data Security,” the law would

UIDAI declines privacy activist request for Aadhaar data protection information

The Unique Identification Authority of India (UIDAI), the authority for Aadhaar, have declined Indian privacy activist Vivek Velankar’s request to reveal the names of companies responsible for storing sensitive data as well as the manufacturers of the servers over ‘security reasons’, according to a report by The Times of India. To address data privacy concerns regarding the compulsory Aadhaar registration, Velankar had filed an RTI application asking for the names of the companies storing Aadhaar data, name of the country