Biometrics-backed digital ID in the spotlight as new laws and systems weighed around the world
The top news stories of the week on Biometric Update focus primarily on digital ID. Those stories cover government programs to improve service delivery and state functioning, as with an Idemia contract in Libya and U.S. legislation discussed in an ID2020 webinar, immunity passports ideas under consideration in the UK and elsewhere, or digital travel credentials like IATA’s for the resumption of air travel. A newly announced plan for a massive biometrics database and an approaching IPO from Idex Biometrics also made headlines.
From enabling de-duplication of fraudulent identities based on driver’s licenses in different states to reaching the underbanked population with stimulus payments, U.S. Congressman Bill Foster told an ID2020 webinar audience that biometrics and digital ID can play key roles in addressing social problems. Foster is author of the ‘Improving Digital Identity Act,’ which is currently before Congress, and also discussed the potential of digital healthcare ID to help Americans.
The UK is developing its vaccination proofing plans for the resumption of something closer to normal international travel, and they may include facial recognition. Digital credentials may also be launched for domestic privileges as well. Chile, Germany, Italy, the U.S. and other countries are also looking ahead to some version of immunity passports, likely dependent on biometrics, and companies are stepping up to provide the technology, but hurdles remain. This issue is garnering increasing consumer media attention, and will clearly be one of 2021’s top digital ID stories.
Doing a better job of digitizing existing analogue identity documents could go a long way towards resolving major digital ID challenges, Constellation Research VP and Principle Analyst Steve Wilson writes in a Medium post. The published submission he made to the U.K. government’s Department for Digital, Culture, Media and Sport says the popular way of looking at digital identity as a “trust” problem overcomplicates the issue, in some cases leading to solutions that create new problems.
IATA has its own ideas for how a biometric health credential for international travel would work, and is planning a trial it says will begin by the end of this year. The credential could potentially not only provide some assurance that other passengers are not carrying COVID-19, but also enable travel without quarantine.
People should be aware of the uncertainty around immunity passports, from the effectiveness of immunization to the ethical and privacy implications, Trulioo COO Zac Cohen writes in a Biometric Update guest post. A lack of preparation and infrastructure for digital identity did not position society to meet the challenges, but the hard work is underway, and with significant government intervention, Cohen believes technology can help restore as much normality as possible.
Idemia has won a contract to help Libya establish a biometrics-backed digital ID, as the country attempts to plan for eventual elections and the delivery of state services. The Interior Ministry also seems to be in talks with Thales regarding border security technology.
Government digital ID projects are advancing in South Africa, Sri Lanka, Nigeria, and Saudi Arabia to improve e-government systems. A Global Government Forum webinar, meanwhile, showed some of the successes possible with robust government digital ID.
The FIDO Alliance’s Authenticate 2020 conference wrapped up this week, after six days of presentations by experts from across the authentication and cybersecurity landscape. The Biometric Component Certification offered by the Alliance was highlighted, and representatives from numerous organizations participated, including Mastercard, Google, Yubico, and Venable.
Businesses attempting to stand up frictionless remote authentication processes must do more than implement biometrics, Aware CTO Dr. Mohamed Lazzouni writes in another guest post. Traditional MFA is easier for vendors because it is easier to integrate, but risks adding unnecessary steps to the process, he cautions.
Plans by the Russian government to establish a massive biometric database have been revealed, but with scant detail available in a brief but widely-read article this week. Foreigners and stateless people will be included in the multi-modal database, along with Russians.
Moving beyond the companies supplying biometric algorithms and security cameras, The New York Times traces some of China’s most repressive surveillance programs back to the Urumqi Cloud Computing Center, which the publication says is powered by chips from Intel and Nvidia. American-made chips are being used in other mass surveillance systems as well, according to The Times, though removing access to the technology could slow the advance of China’s surveillance apparatus, at least for now.
Idex Biometrics is another step closer to listing on the Nasdaq exchange, after filing its preliminary prospectus. The American Depository Shares are expected to have an offering price of $15, and represent 75 ordinary shares. CEO Vince Graziani also joined Biometric Update for an interview on the state of the U.S. market for biometric payment cards. He says the company’s expectations for where the U.S. would fit in the mass-adoption timeline has changed drastically this year.
Fingerprint Cards Global Marketing Manager Maria Pihlström looks beyond payments to other use cases for fingerprint-enabled smart cards in a company blog post. Pihlström writes that with the growing trend towards passwordless authentication, there is huge potential in biometrics cards for healthcare, logical and physical access control.
Touch Biometrix Co-founder and CTO Eric Derckx says in a blog post from Eindhoven’s High Tech Campus, where the company is located, that its fingerprint sensors could reach the market by mid-2021, and says the company hopes to achieve market leadership within five years. He discusses the challenge of finding the right investors, and shares advice for new startups.
Bess Hinson, Ashley Thomas and Bisi Adeyemo of Morris, Manning & Martin LLP’s Cybersecurity & Privacy Practice explore the takeaways from TikTok’s legal struggles in the U.S. and elsewhere, including a suit filed under Illinois’ Biometric Information Privacy Act, in a guest post.
It’s time to stop using the phrase “smart city,” IntelliSite CEO Ken Mills writes in a Forbes Technology Council post. Instead, the industry should focus on communities, specific use cases, and a “smart communities as a service” delivery model.
As regulation catches up to technology, identity verification vendors may soon need to provide assurance to financial institutions and other customers that their AI systems do not include bias, Jumio CTO and Chief Scientist Labhesh Patel tells PYMNTS. Patel discusses the company’s evolution away from having a human in the loop, and the advantages of using a platform rather than stitching together KYC, ID verification and other services.
With latent fingerprints lying around here and there, and research showing iris biometrics can be pulled from high resolution photos, Jim Fenton, co-author of NIST SP 800-63B, argued that biometrics alone are not really secret at the recent PasswordsCon, PortSwigger reports. In the future, he argues, passwords will be part of multi-factor authentication techniques, rather than passwordless.
Please share any articles, podcasts, webinars or other content you would like to pass along to the biometrics and digital identity communities in the comments below or through social media.