Spoof attacks top this week’s biometrics and digital ID news

Spoof attacks in theory and practice and the deployment of facial recognition for use cases including aviation and border crossings, mobile identity proofing and birth registration were the main themes of the week’s top biometrics news stories. Opportunities continue to arise for social benefits such as decreased fraud in public sector payments and inclusive birth registration, so perhaps the security risks and controversy also in the mix are inevitable.

A new method of spoofing the fingerprint sensors of smartphones with stolen latent prints is our top news story of the week. A team from Tencent’s X-Lab demonstrated the method, which they say works on all phones against all three sensor types, and requires only a $140 hardware investment. Also this week a social engineering hack attack which included a voice biometrics spoof, and netted unknown criminals $29 million, in what may be only the tip of the iceberg, according to a sobering report.

There was a lot of reader interest in the new liveness detection and image capture enhancements released by Acuant, which has been recognized as a “Representative Vendor” for identity proofing by Gartner.

Application fraud in the online channel has increased over the past two years for 52 percent of financial institutions, according to a survey conducted by Aite Group and explored in a BioCatch webinar and blog post. Almost two thirds of identity professionals see synthetic identities as a larger risk than identity theft, and 83 percent of FIs consider behavioral biometrics highly effective for fraud detection, among interesting findings. Multi-factor biometric authentication and cloud services will soon transform payments into an instant, on-demand service available anywhere, with voice activated software built into nearly every new gadget, Enacomm founder and CEO Michael Boukadakis writes in PaymentSource.

This week in facial recognition controversy, AnyVision Chief Commercial Officer Max Constant sought to clarify the record in an email to Biometric Update after a strange interaction with a reporter brought speculation about the company’s corporate ethics back into the news.

The details behind the use of facial recognition evidence to convict a Florida man, and his unsuccessful attempt to have the biometric match thrown of court, are detailed in a Law360 report. Transparency was at issue during the case, and it turns out some information, such as that Lynch was identified with a one-star match, was not shared with the defense. As so often happens, a dubious decision in procedural ethics opens the door to several wild claims from privacy advocates in the article.

On the other hand, airports in Paris have already tripled their facial recognition systems for border control, and are now planning a pilot to use the technology for flight boarding. A new market report predicts that government and retail initiatives will join smartphones in driving the global facial recognition market to double to $7 billion in the next five years, and comes just as new details of the Samsung Galaxy S11’s biometric capabilities, a border control program between the U.S. and Canada, and a successful fundraising round for a fashion brand leveraging the technology were all announced.

Also in the aviation space, Clear’s announcements of biometric service deployments at major airports in Houston and Newark seems to indicate industry momentum in the people-processing space. Sita is launching a single-token biometric system throughout Kuala Lumpur International, and startup Zamna raised $5 million to share passenger biometric identity assurance between different stakeholders, as the market segment continues to develop.

Synaptics SVP and GM of IoT Saleel Awsare makes the case for a future in which biometrics enable personalization and continuous, secure interaction with an IoT-enabled consumer environment in a widely-read guest post this week.

The tension between safety and surveillance are at play in a Bloomberg article on workplace tracking device StrongArm, which does not use biometrics, but has divided workers between appreciation for injury prevention and concern over employer data collection. ForgeRock Senior Director of Applied Innovation Ashley Stevenson argues on Open Access Government that for smart cities initiatives to thrive and continue, biometrics and other data must be employed, which implies a degree of trust yet to be achieved.

Biometric staff registrations to cut down on ghost workers in Nigeria and Liberia are among the top digital ID news stories from Africa this week, with the former facing opposition from the union representing workers, and the latter just getting started.

IBM Trusted Identity CTO Dan Gisolfi provided Biometric Update with some background on an interesting new project in Brazil to use facial recognition during a new birth registration process which generates a blockchain-based digital birth certificate.

In the U.S., there are a number of proposed bills related to biometrics currently sitting at various stages of the legislative process, including the No Biometric Barriers to Housing Act recently introduced by Democratic Presidential Hopeful Cory Booker.

OneZero meanwhile has an in-depth exploration of the Defense Forensics and Biometrics Agency (DFBA) and the Pentagon’s facial recognition system, and how it connects to other government systems. The article is interesting in its completeness, though most of the details have been previously reported.

The U.S. National Security Commission on Artificial Intelligence has warned the government that should it fail to fund AI research and development, it will fall behind rivals like China, and expose itself to a range of risks, the Federal News Network reports. The country’s Chief Technology Officer Michael Kratsios told attendees at the 2019 Fall Conference of the Institute for Human-Centered Artificial Intelligence (HAI) at Stanford University that the government is largely continuing the policies of the Obama administration on AI, and spoke specifically about the need to avoid a patchwork of regulation for facial recognition in the U.S., as reported by the IEEE Spectrum.

CES (Consumer Electronics Show) is giving Chinese surveillance firms, including some of those recently added to the U.S. Entity List, a platform to normalize their operations, according to human rights advocates interviewed by CNET. iFlytek and Hikvision are both slated to participate in CES 2020.

As always, please pass along any good stories, blog posts, or videos or podcasts you want to share with the biometrics and digital ID communities in the comments below or through social media.

Article Topics

airports  |  artificial intelligence  |  behavioral biometrics  |  biometrics  |  China  |  digital identity  |  facial recognition  |  financial services  |  military  |  smartphones  |  spoof detection