More selfie biometrics could ease government and financial service access in UK, Australia, US
A single sign-on for government service access is in development in the UK, Australia’s government has published a case study with OCR Labs on selfie biometrics for financial services access and the U.S. contracts LexisNexis Risk Solutions to help deal with the wave of unemployment fraud attempts, of which spoof attacks have made up a significant part.
The UK Government Digital Service (GDS) is standing up a single sign-on (SSO) digital identity solution to ease access to government services.
The announcement notes the range of login requirements and processes for different online government services offered by Gov.uk, and that GDS research shows people are confused about the different logins and which services they already have accounts for. Reliance on identity documents could exclude some people, and running multiple digital identity systems in parallel also adds costs for taxpayers to bear.
Cabinet Office minister Julia Lopez referred to plans for a single sign-on system back in March, and GDS says it is now working with stakeholders across the government to stand up the service. Experts from more than 30 service teams within the government are participating, and GDS is looking for more partners.
The announcement notes the importance of learning from its past projects, including Gov.uk Verify, which was kept active to facilitate the delivery of government benefits during the pandemic with help from Mitek’s selfie biometrics.
The test was part of NAB’s participation in an Australian AI Ethics Principles pilot, which CBA and Telstra also participated in.
NAB said: “The ethical AI questions we asked appeared to be a first for some vendors who were unable to answer them without deeper preparation.”
Following the pilot, NAB merged its data and AI ethics assessment processes, boosted resources to increase internal awareness of AI ethics, held internal discussions and began developing mechanisms to measure and monitor operations.
During the test, verification requests which did not pass OCR Labs’ checks were passed to human operators, rather than rejected.
LexisNexis Risk Solutions has been awarded a five-year, $1.2 billion blanket purchasing agreement by the U.S. Department of Labor as it attempts to reduce fraud in state workforce systems.
The agreement gives State Workforce Agencies authentication capabilities based on document capture, biometric identity verification and risk assessment of the device and associated behavior.
“Unemployment fraud has become an epidemic of its own and state UI agencies need a trusted partner with decades of experience to leverage risk-based digital identity verification tools that work equitably and seamlessly,” says Haywood Talcove, CEO of Government at LexisNexis Risk Solutions. “Our unique solutions stop over $1 billion in fraudulent payments every week and turn data into actionable, unbiased insights without friction for users, which sets us apart from others in our industry. We consider it an honor to put our innovation and research to work to assist government agencies to prevent fraud and get critical, life-saving benefits to the American people.”
Stopping the epidemic of fraud will require effective biometric liveness detection, it seems.
ID.me has been providing identity verification including biometric facial authentication to 26 states, and the Wall Street Journal reports it caught more than 80,000 spoof attempts against its selfie biometrics, just between June 2020 and January 2021.
The article details a few experimental and real-world presentation attacks on face biometric authentication systems, and Veridium Chief Strategy Officer John Spencer claims to be able to “break almost all” facial authentication systems within an hour of trying with printed faces.
Despite this, ID.me says fraudulent selfie biometric checks have mostly been stopped, and the number of fraudulent claims reduced from millions to single digits.