Nomidio adds Aculab’s voice biometrics, proposes key-splitting for immunity passport privacy
The company’s latest State of Identity 2020 research found that during the COVID-19 lockdown 3.5 million people in the U.K. had to prove their identity digitally for the first time. U.K. citizens’ sensitive data is already owned by 39 organizations, the company claims. The use of digital services saw an 84 percent increase, confirming that the high demand for digital ID may be permanent.
The identity service from Nomidio uses a variety of biometric identifiers to authenticate customers on cloud websites or when calling call centers. Customers can say “my voice is my password” and they will be instantly authenticated. By integrating Aculab’s VoiSentry API, Nomidio ensures can match users to voice prints stored to provide identity records and reduce the need for passwords.
“Nomidio is the first of a new generation of cloud services that allow an individual to register their personal identity information just once, and then to identify themselves using their voice, consistently, across the multiple different businesses they interact with. Finally, the password killer we’ve all been waiting for,” said Mark Bosworth, business development manager at Aculab in a prepared statement.
“We’ve designed Nomidio using microservices so it was incredibly simple to incorporate the VoiSentry biometric engine,” said Philip Black, commercial director at Nomidio, in a prepared statement. “We looked at a range of voice engines, but Aculab were the only firm that met our near-obsessive requirement for biometric authentication. Some vendors say they can do it, but there’s always systems integration work down the track – that’s just not what Nomidio is about.”
Nomidio’s service is available on Amazon’s AWS marketplace, allowing the “drag and drop” of consumer biometric authentication in the call flow. Contact center technology provider Avaya has also chosen Nomidio’s technology to improve identity authentication.
Nomidio fears UK’s immunity passports overlook privacy, suggests alternative
Nomidio has expressed its concern regarding U.K.’s recent initiative to introduce immunity passports to allow people to travel and work by confirming they previously had and recovered from COVID-19. The company offers to design privacy-preserving immunity passports as an alternative.
In written evidence submitted to the House of Commons Science and Technology Committee, Nomidio points out there has to be a balance between protection and privacy, but the company fears privacy has not been fully considered out of a rush to make the service available as soon as possible. Nomidio argues a cloud-based identity service with strong encryption could help secure privacy. Implementing threshold (key-splitting) and homomorphic cryptography at the system design phase could preserve human rights and civil liberties in a centralized identity system.
Nomidio’s technology is created in collaboration with Post-Quantum, a team of crypto experts trying to replace open source public-key cryptography standards RSA and Elliptic Curve. The key principles outlined to secure privacy are user consent, cryptographically-assured authorizations, behavioral privacy, no data or meta-data resale, and quantum-safe (full) encryption. The company says Identity-as-a-Service (IDaaS) with biometrics engines can authenticate people online or when physically present and keeps the user in full control and manages consent.