Biometrics investments and a security fail top stories this week in digital ID
The discovery of a major biometric data security vulnerability at a Brazilian biometrics company and a handful of multi million-dollar deals and investments contrast starkly and also make up the biggest stories of the week in biometrics. Investments in facial recognition vending machines and camera manufacturing and a fingerprint authentication system for SIM subscribers in Nigeria, as well as technology developed in response to the pandemic show an industry reaching global maturity.
A server stuffed with unencrypted fingerprints and other personal data was discovered by a security researcher to be exposed to the internet, in one of the week’s top biometrics news stories. Storing biometric data in the cloud in an insecure format in 2020 is indefensible, and Antheus Tecnologia is lucky the exposed data seems not to have been found first by a malicious actor.
On the positive side of the news, technologies leveraging biometrics for age-restricted retail products continue to make market progress. Ubamarket’s successful retail app has integrated Yoti facial recognition to enable alcohol purchases, while Emerald Organic picked up $20 million in financing to roll out its vending machines featuring Jumio biometrics.
The market for facial recognition video surveillance cameras in India is thriving, and to supply it Hikvision has built a massive, $68 million-dollar manufacturing facility in Vasai. Eventually it will make all of the cameras the company sells in the country, and indicates the expansion strategy of at least one business included on the U.S. Entity List.
The scale and open digital infrastructure behind Aadhaar were recently discussed by Dr. Pramod Varma, a chief architect of the massive identity system. Varma provides ten key takeaways from building the India Stack, mostly about flexibility, but also privacy and trust principles, and all of which are also supported by initiatives like MOSIP.
Government ID contracts in DRC and Côte d’Ivoire and surveillance concerns in Zimbabwe and Madagascar were among the top biometrics and digital ID stories in Africa this week. The relationships between Uganda’s government and a couple of German companies, meanwhile, may be getting complicated. A major telecommunications company in Nigeria will use BIO-key to biometrically authenticate SIM customers following a $30 million deal with BIO-key and TTI.
The new 3DS Flex biometric authentication service for merchants has been launched by FIS to fill PSD2’s SCA requirements. The Worldpay-developed service implements the latest 3DS2.1 standard with support for fingerprint or facial recognition for online and mobile transactions.
The benefit to construction site software company Causeway from its acquisition of biometrics provider Donseed last year are discussed in an article from Construction News. The software is now used to ensure compliance with regulations for health and safety and privacy, in addition to its main benefit of eliminating the rounding up of hours to increase productivity.
Our deep dive into the industry’s challenges and strategies around facial recognition policy in a contentious and fast-shifting environment remained among the top stories of the week. Which risks are real and which are merely apparent, how to make the distinction clear to people without much background knowledge, and what the industry can do to help its case are discussed by biometrics experts.
A list of the most influential individuals and institutes in the debates around the ethical, rights, and legal implications of facial recognition, at least as it plays out in social media, has been published by digital marketing company Onalytica. The exchange in LinkedIn comments on the post notes the lack of representation from people with technology or industry experience, and quotes the feature article above.
The patchwork of data privacy laws at the state level that apply to biometric automotive technologies is examined by Gail Gottehrer and Lisa Joy Rosner of the Law Office of Gail Gottehrer LLC in one of three illuminating guest posts on Biometric Update this week. Differences in the treatment of personal information, consent, security, breach notifications and disposal requirements are reviewed.
Shaun Moore, CEO of TrueFace, writes in a guest post that the consumer rights granted in CCPA will impose major costs on security departments in the state unless they put in place mechanisms for rapidly finding people’s data, such as a snippet of a feed from a video camera. Moore acknowledges the irony, but the use of biometric tools to support privacy and other rights seems to be a growing focus in some corners of the industry.
In a relatively rare week in which biometric smartcards did not feature prominently in industry news, Fingerprint Cards provides an update on where the process of bringing the technology to market has reached. The commercial certification of the technology by a global payment network shows it is ready, according to the post, and will make remaining certifications easier.
The outbreak of the covid-19 coronavirus has dominated the week’s news, as it has everything else.
The most widely read story of the week on Biometric Update was the suspension of fingerprint biometric time and attendance systems by state and local governments in India, but some observers are concerned about the potential normalization of ever more state surveillance. Wisesoft meanwhile joined SenseTime and Telpo among companies that have developed facial recognition they say can identify people whose faces are partially occluded by respiratory masks.
Telpo has integrated its facial biometrics technology with non-contact fever-detection and healthcare system alerting capabilities, while Remark Holdings has also added body temperature detection, along with mask detection, and trained its KanKan AI to work with subjects wearing facemasks, according to an announcement. Hanvon says technology it began developing in January and began bringing to market in February work on masked faces with 95 percent success, though false positive rates were not disclosed.
Iris ID VP of Global Sales and Business Development Mohammed Murad argues in a guest post that the accuracy limitations of facial recognition systems identifying people with masks makes iris the natural modality for non-contact applications from border crossings to hospitals.
ID4Africa has been postponed until late-October in order to make sure delegations and technology providers from around the world can safely attend the meeting to tackle the world’s largest remaining population of people without formal identification. Connect:ID was not so lucky, with participation numbers impacted even before the second day this week was cancelled.
Facebook’s efforts to keep fake accounts at 5 percent of active monthly users are detailed in a recent MIT Technology Review article. An average of 2 billion accounts that do not truly represent the user, are compromised, spam people to generate revenue, or try to trick people into giving up personal information were taken down each quarter last year by the company with the help of machine learning.
Let us know in the comments below, social media or email of any blogs, opinions or reports we should share with the biometrics and digital identity communities.