FB pixel

GlobalPlatform adds biometric authentication in Trusted Execution Environment to APIs

Categories Access Control  |  Biometrics News
 

GlobalPlatform has announced the the functionality of its Trusted User Interface (Trusted UI) APIs has been extended to support developer integration of in-app biometric authentication secured in the device’s Trusted Execution Environment (TEE) hardware.

A Trusted UI is a specific mode granting control of the device’s user interface to the TEE, which prevents malware from capturing sensitive information or running transactions without explicit user consent.

“Sensitive digital services like banking, payments, document signing and access control require strong user authentication and user consent, and to do this users must interact with their device,” comments Gil Bernabeu, Technical Director of GlobalPlatform. “Our work in collaboration with FIDO Alliance and IFAA on the Trusted UI moves away from PINs and passwords processed in the vulnerable device OS, to a world where all sensitive user interactions are secured in the hardware of the TEE. These new APIs enable trusted applications to leverage the device’s biometric sensors, while staying fully isolated from the device OS, and trusted user interactions to be fully configured to the specific needs of each digital service.”

In addition to allowing secure integration of biometric authentication into apps, GlobalPlatform’s TUI Extension: TEE Biometrics API and TEE Trusted User Interface Low-level API increase functionality and add options for configuration of authentication screens and other trusted transaction, according to the announcement.

This is a big step forward for the TEE specifications,” adds Gil. “The market is demanding stronger authentication and biometric technology has come to the fore as it supports security and convenience. But insecure biometrics will not be tolerated by service providers and consumers. This is why the TEE is so important. It is the only technology that brings trust to the device user interface and, as such, is fundamental to the future of secure digital services and strong user authentication.”

Once the industry association publishes a new module for its TEE Protection Profile, it will be possible to certify products as meeting the requirements of the GlobalPlatform TEE Certification Scheme, which it says is the final step to enable biometrics to be integrated with TEE specifications.

The use of restricted operating environments like the TEE is part of the FIDO Alliance’s Level 2 Authenticator certification, which was announced in March.

Article Topics

 |   |   | 

Latest Biometrics News

 

The UK’s election may spell out the future of its national ID cards

Identity cards are back among the UK’s top controversial topics – thanks to the upcoming elections and its focus on…

 

Challenges in face biometrics addressed with new tech and research amid high stakes

Big biometrics contracts and deals were the theme of several of the stories on that drew the most interest from…

 

Online age verification debates continue in Canada, EU, India

Introducing age verification to protect children online remains a hot topic across the globe: Canada is debating the Online Harms…

 

Login.gov adds selfie biometrics for May pilot

America’s single-sign on system for government benefits and services, Login.gov, is getting a face biometrics option for enhanced identity verification…

 

BIPA one step closer to seeing its first major change since 2008 inception

On Thursday, a bipartisan majority in the Illinois Senate approved the first major change to Illinois Biometric Information Privacy Act…

 

Identity verification industry mulls solutions to flood of synthetic IDs

The advent of AI-powered generators such as OnlyFake, which creates realistic-looking photos of fake IDs for only US$15, has stirred…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read From This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events