Workshop showcases EU progress on remote identity proofing, but fragmentation persists
The legal, technical, and user requirements for remote digital identity proofing are sometimes contradictory, but must be navigated by service providers and other stakeholders, and to that end, ENISA and ETSI held a joint workshop on remote identity proofing and the ecosystem which eIDAS regulation addresses.
Professor Dr. Rainer Herpers of the Institute of Visual Computing at Bonn-Rhein-Sieg University opened the event with a presentation on deepfake attacks against identity proofing systems.
The next presentation, by Battista Biggio, PhD., of the Patterns Recognition & Applications Lab at University of Cagliari and co-founder of Pluribus One, explored the use of adversarial attacks on machine learning systems through pixel-level perturbations or during the labeling of training data.
The combination of deepfakes and adversarial attacks could pose a particular threat to remote digital identity proofing systems, according to panelists.
ENISA’s report on attacks and countermeasures was also briefly introduced.
Juliette Delanoe, co-founder and CMO of Ubble.ai, said that the company’s research shows an average of five to six percent of attempted digital identity verifications which it can make a judgement on are fraudulent. She also provided a breakdown of the frequency of fraud types.
This figure was slightly different for other panelists representing the biometrics industry in the first session, IDnow Founder and Managing Director of Technology Armin Bauer and Veriff Co-founder and CPO Janer Gorohhov.
Gorohhov said Veriff has found a six to eight percent fraud rate, depending on what industry is being served, and up to 10 percent in cryptocurrency. Social engineering is the most common attack vector observed by IDnow, Bauer reports.
All agreed that deepfakes are a looming attack vector, but not rare today.
Asked about the impact of NFC and electronic IDs on document fraud, Delanoe argued that the tools that are effective today can be complimented by NFC, but will not be replaced by it, as multiple defenses are always necessary.
Updating identity documents that have been mostly unchanged since the 15th century should be a priority for governments, Gorohhov quipped.
The discussion of real-world attack vectors and mitigation methods became quite detailed, and the panelists expressed optimism that effective counter-measures for sophisticated attacks are known, though they also cautioned against underestimating attackers or failing to anticipate the maturation of their methods.
The second session of the day focused on the perspective of users from the government cybersecurity, telecom and financial services ecosystems.
A session on testing and auditing followed.
NIST Biometrics Evaluator Patrick J. Grother spoke about the current state of the art in face biometrics and risk mitigation. The latter includes coming up with prompts to users that humans can understand, but that automated systems cannot, to prevent the possibility of spoofs interpreting and following the instructions properly.
Kevin Carta of French biometrics laboratory CLR Labs reviewed the threat of biometric data injection attacks, either prepared or live. Injection is possible because current architectures do not allow images to be associated with a particular identified camera.
Biometrics must therefore be deployed against injection attacks. PAD systems, however, are not designed to recognize this type of attack. Specific biometric data injection attack detection methods must be developed to head off near-future developments in the fraud type, according to Carta.
An international standard is in development, he says.
Clemens Wanko of TÜV TRUST IT GmbH presented the auditors perspective, including how identity service providers are audited for compliance to international standards.
Clear reference values are needed to apply specifications to different levels of assurance to move the field forward, he explains. Changes to eIDAS have not helped with clarity.
Certicar.es Technical Director Paloma Llaneza delved further into the complexities of overlapping standards and regulations, each of which need to be regularly updated.
A look at the ETSI TS 119 461 technical specification for electronic signatures and infrastructures for trust service components providing identity proofing.
Hugo Mania of ANSSI gave an overview of the certification scheme and its goals, and Dr. Christian Berghoff of Germany’s BSI described the biometric authentication component of certification.
“AI systems have “complex supply chains and they are quite sensitive to small changes, and this means there are different possible way to attack them,” Berghoff warns.
He advocates for manual inspection of at least some samples, and measures to impede the complete automation of attacks.
Sylvie Lacroix of Sealed explained how technical standards, certifications and regulations fit together for digital identity proofing providers, and Signicat’s Jon Ølnes discussed the reach of the standards and regulation in areas beyond trust services, such as how they impact financial service providers that want to onboard users in a neighboring country.
Knowing what the relevant rules are, and even whether they exist, remains a challenge for many service providers attempting to transact across European borders, according to Ølnes.
A more unified set of requirements that still protects people and businesses from fraud is surely possible, based on the tools and expertise discussed during the event. For now, it is work in progress.
adversarial attack | biometrics | CLR Labs | cybersecurity | deepfakes | digital ID | eIDAS | face biometrics | fraud prevention | identity document | identity verification | IDnow | injection attacks | NIST | remote identity proofing | standards | Veriff