FB pixel

GlobalPlatform adds biometric authentication in Trusted Execution Environment to APIs

Categories Access Control  |  Biometrics News
 

GlobalPlatform has announced the the functionality of its Trusted User Interface (Trusted UI) APIs has been extended to support developer integration of in-app biometric authentication secured in the device’s Trusted Execution Environment (TEE) hardware.

A Trusted UI is a specific mode granting control of the device’s user interface to the TEE, which prevents malware from capturing sensitive information or running transactions without explicit user consent.

“Sensitive digital services like banking, payments, document signing and access control require strong user authentication and user consent, and to do this users must interact with their device,” comments Gil Bernabeu, Technical Director of GlobalPlatform. “Our work in collaboration with FIDO Alliance and IFAA on the Trusted UI moves away from PINs and passwords processed in the vulnerable device OS, to a world where all sensitive user interactions are secured in the hardware of the TEE. These new APIs enable trusted applications to leverage the device’s biometric sensors, while staying fully isolated from the device OS, and trusted user interactions to be fully configured to the specific needs of each digital service.”

In addition to allowing secure integration of biometric authentication into apps, GlobalPlatform’s TUI Extension: TEE Biometrics API and TEE Trusted User Interface Low-level API increase functionality and add options for configuration of authentication screens and other trusted transaction, according to the announcement.

This is a big step forward for the TEE specifications,” adds Gil. “The market is demanding stronger authentication and biometric technology has come to the fore as it supports security and convenience. But insecure biometrics will not be tolerated by service providers and consumers. This is why the TEE is so important. It is the only technology that brings trust to the device user interface and, as such, is fundamental to the future of secure digital services and strong user authentication.”

Once the industry association publishes a new module for its TEE Protection Profile, it will be possible to certify products as meeting the requirements of the GlobalPlatform TEE Certification Scheme, which it says is the final step to enable biometrics to be integrated with TEE specifications.

The use of restricted operating environments like the TEE is part of the FIDO Alliance’s Level 2 Authenticator certification, which was announced in March.

Article Topics

 |   |   | 

Latest Biometrics News

 

Reflections on the Global Digital Public Infrastructure summit 2024

The Global Digital Public Infrastructure (DPI) summit 2024 has drawn attention to the transformative power of DPI in driving digital…

 

Binding physical and digital worlds with biometrics key to decentralized ID

Stakeholders in New Zealand’s digital identity ecosystem addressed the evolution of identity systems, particularly focusing on decentralized identity and biometrics…

 

Swedish police want to fight crime with live facial recognition

The Swedish police want to use facial recognition in real time to crack down on serious crimes. Government investigators have…

 

Biometrics cycle from innovations to scale-up opportunities

Biometrics integrations range from the experimental to the everyday in the most-read articles of the week on Biometric Update. Yesterday’s…

 

US Justice developing AI use guidelines for law enforcement, civil rights

The US Department of Justice (DOJ) continues to advance draft guidelines for the use of AI and biometric tools like…

 

Airport authorities expand biometrics deployments with Thales, Idemia tech

Biometric deployments involving Thales, Idemia and Vision-Box, alongside agencies like the TSA,  highlight the aviation industry’s commitment to streamlining operations….

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events