FB pixel

Digital injection 6x more frequent than biometric presentation attacks

iProov CEO Andrew Bud reveals stat at Trust Services Forum
Digital injection 6x more frequent than biometric presentation attacks

Biometrics can help secure ID checks for remote environments, but only if injection attacks can be mitigated, according to iProov CEO Andrew Bud, who spoke Friday at the Trust Services Forum/CA Day in Berlin, Germany.

Bud highlighted that the European Union’s digital wallet must be user-centric because security and ease of enrollment are critical for the adoption and use of wallet services.

“The old concept of a trade-off doesn’t work anymore,” Bud says, “and we can see the tremendous economic benefits to be gained if we do this right.”

To deliver the best security for digital identities, he says, biometrics should be considered a top priority. These technologies can defend against three threats.

The first is that the person is not who they claim to be. This can be solved using mobile face-matching algorithms, which Bud claims are now “orders of magnitude more effective than necessary in these sorts of environments.”

Second, he says, are presentation attacks, particularly those relying on rubber masks crafted ad-hoc to spoof face biometric systems. The third threat is digital injection attacks such as deepfakes.

“Only if these three threats are mitigated can one reliably use automated biometric verification as part of a [digital] identification process.”

Bud adds that on-device verification, as opposed to using a matching algorithm in the cloud, invites attackers to conceal their identity as well as the method of their attack, as shown by threat intelligence information gathered by the company using its Security Operations Center.

Once these methods are compromised, it is impossible to know how and when they’ve been compromised. Furthermore, once attackers find an effective method of breaking such biometric systems, they often sell it on the dark web, making the whole infrastructure relying on that system a security risk.

“The whole self-reliance on the whole digital identity community and the eIDAS community on online video identification today represents a real and present hazard, a threat to the security of the [community].”

Bud says his company has noticed a sharp increase in digital injection attacks, which are now six times the number of presentation attacks against biometric systems.

To protect against these dangers, Bud recommends not relying on users’ devices for security, using inaccessible processing to prevent reverse engineering attacks, and securing non-biometric enrollment options, among others.

The seminar comes days after iProov partnered with Microblink to develop a selfie biometric and ID document check-based identity verification solution. Also last week, fintech veteran Lou Anne Alexander was added to the company’s corporate board as a non-executive member.

iProov’s Ajay Amlani was warning about the scalability of injection attacks at Authenticate 2022.

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News


Asian banks deploy biometrics and digital ID for security, additional services

As digital identity gains prominence in a financial industry beset by fraud, nations in Asia are enabling banks to lead…


Mobile ID combats fraud, gives holder control of personal data: USPF report

The U.S. Payments Forum (USPF) has published a new white paper entitled “The Role of Mobile IDs in Payments.” Authored…


Wyoming plots mobile driver’s license launch for 2025

Wyoming is moving towards the issuance of digital ID in the form of an optional mobile driver’s license, but it…


EU publishes rollout schedule for AI Act

The European Union has published the final text of the Artificial Intelligence Act, outlining the most important deadlines for complying…


World Bank identifies priority actions for DPI in Equatorial Guinea

A World Bank team has identified immediate actions which the government of Equatorial Guinea should undertake in ramping up its…


Some sort of ID could be ‘inevitable’ for UK: lawmakers

The UK is still debating national identity documents and digital identities, with lawmakers and experts arguing that the creation of…


Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events