FB pixel

GlobalPlatform adds biometric authentication in Trusted Execution Environment to APIs

Categories Access Control  |  Biometrics News
 

GlobalPlatform has announced the the functionality of its Trusted User Interface (Trusted UI) APIs has been extended to support developer integration of in-app biometric authentication secured in the device’s Trusted Execution Environment (TEE) hardware.

A Trusted UI is a specific mode granting control of the device’s user interface to the TEE, which prevents malware from capturing sensitive information or running transactions without explicit user consent.

“Sensitive digital services like banking, payments, document signing and access control require strong user authentication and user consent, and to do this users must interact with their device,” comments Gil Bernabeu, Technical Director of GlobalPlatform. “Our work in collaboration with FIDO Alliance and IFAA on the Trusted UI moves away from PINs and passwords processed in the vulnerable device OS, to a world where all sensitive user interactions are secured in the hardware of the TEE. These new APIs enable trusted applications to leverage the device’s biometric sensors, while staying fully isolated from the device OS, and trusted user interactions to be fully configured to the specific needs of each digital service.”

In addition to allowing secure integration of biometric authentication into apps, GlobalPlatform’s TUI Extension: TEE Biometrics API and TEE Trusted User Interface Low-level API increase functionality and add options for configuration of authentication screens and other trusted transaction, according to the announcement.

This is a big step forward for the TEE specifications,” adds Gil. “The market is demanding stronger authentication and biometric technology has come to the fore as it supports security and convenience. But insecure biometrics will not be tolerated by service providers and consumers. This is why the TEE is so important. It is the only technology that brings trust to the device user interface and, as such, is fundamental to the future of secure digital services and strong user authentication.”

Once the industry association publishes a new module for its TEE Protection Profile, it will be possible to certify products as meeting the requirements of the GlobalPlatform TEE Certification Scheme, which it says is the final step to enable biometrics to be integrated with TEE specifications.

The use of restricted operating environments like the TEE is part of the FIDO Alliance’s Level 2 Authenticator certification, which was announced in March.

Article Topics

 |   |   | 

Latest Biometrics News

 

Biometric identity verification gets caught up in great expectations and politics

The next generation of biometric identity verification collides with the politics of digital identity in the most-read articles of the…

 

ISO’s mDL standard can’t guarantee issuer trustworthiness

The fear that the server retrieval capability supported by the ISO/IEC 18013 standard for mobile driver’s licenses (mDLs) could be…

 

One app, two app, three app, four: DECTA study shows users have ‘wallet fatigue’

While some see the concept of a “15-minute city” as sinister, advocates say they just don’t want to go very…

 

Stop ghost students stealing college financial aid with biometric liveness

The Associated Press recently documented a vast and fast-growing fraud on the U.S. education system in which scammers use AI…

 

Russia launching digital ID ‘super-app’ inspired by Chinese WeChat

Russia is introducing a new digital identity “super-app” that will combine messaging, government and private services, e-signatures and digital IDs….

 

Biometric Update Podcast races into the future with 1Password and agentic AI

Where do identity verification and Formula 1 racing cross paths? Jeff Shiner, CEO of 1Password, has the answers. At an…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Biometric Market Analysis

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events