Fime Product Manager says biometrics testing efficiency improving with AI
As biometric applications multiply across a variety of sectors worldwide, smartphones remain the main medium through which these technologies are delivered for consumers. The combination of relatively inexpensive sensors with the ubiquity of these devices makes them ideal for a number of biometric, security applications.
Both Google and Apple are improving their software developing kit (SDK) infrastructures to allow for easier deployment of these solutions, including facial recognition, fingerprint reading, and more. In this fast-evolving environment, biometric companies focusing on finance and payment authentication solutions are at the forefront of the development efforts.
Biometric Update spoke with Fime Product Manager Jean Fang about mobile biometric authentication on Android, and more generally the company’s current and future goals.
Fime: an overview
According to Fang, the company has advised, tested, and certified the payments industry for more than 20 years.
“Fime enables its clients to create and launch trusted and secure biometrics, payments, smart mobility, authentication, and open banking solutions,” she tells Biometric Update.
The firm combines a global, cross-industry perspective with local insight in testing and certification, with the goal of improving the future of trusted transactions.
Fime counts more than 400 experts around the world among its staff, and the company was recently awarded a FIDO Alliance accreditation for its biometrics testing services.
Evaluating biometric authentication products
Fime provides consultancy and testing services to evaluate biometric authentication solutions against global standards. The company’s global ISO/IEC 17025-accredited laboratories have offered biometrics testing services since 2017 for major payment schemes.
“Depending on the solution that is being implemented, our experts propose and form a customized and cost-effective testing approach to validate products,” Fang explains. “Different presentation attack instruments are produced in our test laboratories to evaluate the resistance of biometrics sensors and liveness algorithms.”
In other words, the company evaluates multiple and different features of biometric authentication solutions.
“[These include] their performance, anti-spoofing capabilities, interoperability, and physical durability,” Fang says.
Biometric authentication on Android
Currently, Fime’s testing services can evaluate facial recognition and fingerprint modalities on Android devices.
“We are also working on new testing methodologies to support the ecosystem to evaluate innovative solutions,” Fang adds, “such as those that use multimodality and behavioral biometrics.”
Moreover, according to Fime’s Product Manager, the company is using artificial intelligence (AI) and machine learning to improve testing efficiency to deliver services in a more cost-effective way.
“For the coming Android 12 protocol,” Fans says, “we also plan to provide evaluation for all supported biometrics modalities.
“Our biometric authentication expertise, combined with our knowledge on other authentication initiatives enable us to support our clients to provide biometric solutions which are of high quality, security, and provide a frictionless user experience.”
Towards passwordless authentication
When asked about her thoughts about biometric authentication on Android, as opposed to traditional methods, Fang said it is important to encourage this transition.
“It’s definitely important to move away from insecure PINs and passwords and it’s now possible due to the high penetration of smartphones supporting biometric authentication,” the Product Manager says.
The benefits are several, according to her, including supporting end-users to change their authentication behavior for the better, enabling stronger authentication with multiple factors, and improving convenience and overall user experience.
“Depending on the implementation, though, the sensitive end-user biometric data may be stored locally on the user device or in the cloud (e.g. Amazon Go),” Fang warns. “These different approaches have significantly different data breach risk considerations.”
Risks of biometric mobile authentication
According to Fang, ensuring the security and performance of biometric solutions is particularly important, as this sensitive private data cannot be changed.
“The industry should be more eager to use validated solutions to protect their users.”
As far as Fime’s work is concerned, Fang says that privacy is as important as security and interoperability for authentication services.
“Our legal team works closely with our technical teams to assure the conformance of our work to regulations regarding the management of sensitive data used for product evaluation,” she explains.
During the evaluation process, Fime uses live subjects and biometric data belonging to real individuals.
“All of this data is securely stored, access is restricted, storage duration is limited and consent is required before any data is used or stored,” Fang explains.
To ensure companies’ privacy, biometric templates are encrypted during the evaluation and deleted afterward.
“In addition, our consulting team supports vendors to map and address regulation requirements on their own management of sensitive data,” Fang says.
Fime’s future plans
Moving forward, Fime intends to support its existing ecosystem further in order to validate its solutions to increase reliability and bring confidence for vendors across multiple regions.
According to Fang, the firm is also working towards the evolution of their consulting and testing methodology services for the ecosystem on various modalities.
These will include environmental bias, multimodality, and behavioral biometric authentication.
“We innovate testing with AI and machine learning, and work to combine multi modalities and shape the future of behavioral and environmental bias evaluation,” Fang concluded.