Converging data security and digital ID concerns lead week’s biometrics news

Securing data with biometrics and the security of biometric data itself are the main themes for the week in digital identity, with hackers beginning to target biometric data and a lack of standards and regulation leading to uneven practices around the world. The concerns do not seem to be hindering continued growth in digital ID, payments, and airport adoption.

Hackers are targeting selfies and ID document photos with phishing campaigns in order to defeat increasingly robust biometric onboarding security processes, according to a report from Kaspersky. The success rate of these data theft attempts is not clear, nor is whether they have been leveraged to defeat KYC checks and open fraudulent accounts.

Morocco’s selection of Idemia to provide the new biometric e-ID cards for its national program was also among the top digital ID stories of the week. The cards will be used for online authentication for both government and commercial services.

Law enforcement agencies in Nigeria and Kenya are deploying biometrics to solve different problems; tracking sex offenders in the former case, reducing corruption in the latter, as our coverage of biometrics and digital ID in Africa shows increasing use of biometrics on the continent. Some deployments are creating attractive targets for hackers, however, Kaspersky warns.

Kaspersky is evidently keen to talk about the risk of biometric data compromise, as another of our top stories of the week presents a fake biometric wearable the cybersecurity company has developed in collaboration with a jewelry designer. The ring is not meant to be commercialized, however, but rather to highlight the need for secure-by-design systems such as its KasperskyOS, which it says will be immune to leaks and attacks.

The need for unique patient identifiers in challenging rural environments for critical healthcare services such as HIV treatment is well established, but inaccuracies continue to hold back programs. A new study of iris recognition for patient ID in Kenya indicates, albeit at a small scale, the improvements in data accuracy possible with biometric systems, providing reason for optimism.

The unfortunate apparent waste of $13 million spent on biometric kits for voter registration in Yemen earlier in the decade is one reason to be wary of advanced technology in development programs, but as Devex reports, concerns about data security and a lack of regulation are holding some NGOs back, even as others expand their use of the tech.

As in healthcare and other situations involving vulnerable populations, data security is particularly important when it comes to children, which is why CITeR takes such stringent methods to ensure the privacy of participants in its academic research to provide longitudinal data on the effectiveness of biometrics for young people, as the center’s Director Stephanie Schuckers explains in an interview.

Further on the theme of data security, hackers could take over smart TVs to commit mischief or cyberstalk people in their homes, the Oregon FBI is warning. The agency applies some consumer cybersecurity best-practices to the scenario to provide advice that should probably be heeded by many more people.

Used improperly, biometric do more to provide a false sense of security than actually protect data, Nalin Asanka Gamagedara Arachchilage, a senior research fellow at La Trobe University at the University of New South Wales, argues in a Nextgov editorial that is the case with smartphone biometrics, as used by most consumers. Smartphone biometrics are an opportunity to implement stronger passwords for higher-security applications, but many people are even aware that is an option, according to survey data.

NEC New Zealand Head of Public Safety Solutions Lynne Jeffery sets out the top five reasons for businesses to authenticate payments with biometrics in a widely-read Biometric Update guest post, and suggests that by 2020, facial recognition could be providing contactless authentication for credit card payments.

More than half of people in the UK would shift from passwords to biometric verification for online accounts, according to an Equifax survey, and representatives from the company and the FIDO Alliance pitched CNN on the need to go passwordless to preserve cybersecurity from the World Economic Forum Cybersecurity Summit.

The biometrics data collection and usage practices of 50 countries around the world are ranked by Comparitech, which finds China last, and the U.S. in unenviable company. In large part those low ranking are due to the DNA program China is running, and the use of facial recognition by DHS, respectively, and each seems to be expanding.

Goode Intelligence has highlighted its ten most influential identity organizations, based on the promotion of good ID ideals (go ahead and guess one right now). Watch out for our exclusive interview with Women in Identity Executive Director Emma Lindley, whose new group made the cut, next week.

The wave of biometric deployments in airports around the world also rolls on, with boarding gates in China expected to double over the next three years, and new announcements at Chicago, London, and Los Angeles airports, as well as in Singapore and Australia.

RealNetworks Vice President and General Manager of Computer Vision Dan Grimm spoke to Biometric Update about how SAFR is scaling up to provide casinos and crowded public spaces with newly-possible facial recognition and analytic capabilities, as well as how to ensure deployments of the technology are responsible.

The company’s Senior Director of Product Management Mike Vance says in a question-and-answer with Spaces4Learning basic access control concerns, rather than the high-profile incidents SAFR was mainly originally thought of for, are the main interest in the technology for primary schools.

Voice biometrics are shifting consumer interactions to the conversational engagement depicted in Star Trek, and acting as one layer in the authentication process that will enable real-time financial transactions, Enacomm CEO Michael Boukadakis writes in a guest post.

Chinese regulators have rolled out a ban on deepfakes, or fake news created with artificial intelligence, as part of a new set of rules governing video and audio content online, Thomson Reuters Foundation reports. The new Cyberspace Administration of China (CAC) rules provide another example of the country taking a leadership position on AI.

A different kind of leadership in AI is shown by Microsoft, which is applying advanced technology including facial recognition to track the monkey population in India, so that it can help control a nuisance which causes not only property damage and headaches for many people, but also health and safety risks for people and monkeys alike, according to a company blog post.

Amazon Rekognition is among the AI and machine learning technologies that will be used to improve the health and safety of football players through a partnership between AWS and the NFL. The partners will develop a “Digital Athlete” platform to model injury scenarios and will work to improve the detection of concussions and other injuries.

Jumio CTO and Chief Data Scientist Labhesh Patel explains in an interview with IDG Connect why AI is both a tremendous opportunity for Jumio, but “also one of the most overhyped technologies out there.”

As always, please let us know in the comments below or through social media if there is a blog post, news item, or perspective you would like to share with the biometrics and digital identity communities.

Article Topics

airports  |  biometric cards  |  biometric data  |  biometric payments  |  biometrics  |  data protection  |  digital identity  |  elections  |  facial recognition  |  healthcare  |  law enforcement  |  online authentication