Biometrics considered to answer tough policy questions as US rules settled
Biometric authentication systems are under attack by sophisticated hackers who target active liveness detection, the head of iProov told a public policy event in one of the most-read articles of the week on Biometric Update. The relationship between face biometrics and regulations was also spotlighted by a legal win for FaceTec, a pullback by Verkada, and ongoing debate about how to protect children from inappropriate goods and content online. Also this week, significant government digital ID program developments were unveiled in Kenya and Sierra Leone.
Top biometrics news of the week
Hackers are targeting face biometric systems that use active liveness detection for customer onboarding to commit fraud, said iProov CEO and Founder Andrew Bud at a recent Westminster eForum event. The company’s Security Observation Centre (iSOC) is observing an average of 200 injection attacks a day, and injection attacks are spreading from browsers to mobile.
Also during the eForum, stakeholders including TechUK, LawtechUK, representatives of iProov and Idemia, and the Biometrics Institute urged advances in policy support for and adoption of digital identity in the UK. The DIATF should be delivered this year, public and private sector IDs should be interoperable, global standards should be utilized, they say. Bud wants technology providers to take on responsibility for usable security.
Proposed amendments to the UK’s Online Safety Bill would introduce age verification for access to pornography online. That could take the form of uploading ID cards or credit card details, or age estimation based on submitted selfies. On the other side of the world, New South Wales, Australia appears to be working on a pilot of digital identity and age verification for online alcohol sales.
Researchers from the Oak Ridge National Lab are observing student volunteers from the College of DuPage in a test of long-range biometrics under the BRIAR program run by the U.S. intelligence organization IARPA. Students perform a series of simulated tasks while Oak Ridge scientists attempt to identify them through face, gait, or whole-body biometrics.
The new government administration in Kenya is changing course on the country’s digital ID, with less emphasis on cards, and an apparent name change. The UPI is a continuation of the Huduma Namba initiative, at the same time, intended to ease public service access.
Some clarification came with announcements that the UPI will be available to Kenyans from birth until death, as the country tries to close its remaining 10 percent birth registration gap. Sierra Leone is launching a new CRVS based on a biometric ID card, meanwhile, which is also intended to improve financial inclusion and drive down KYC costs.
A biometric data privacy lawsuit no longer names FaceTec as a defendant, after the company made clear that it does not hold or process any data from people living in Illinois before, during or after authentication. FaceTec does not take on any responsibilities under BIPA, therefore, and plaintiff’s counsel voluntarily dismissed their complaint.
The facial recognition capabilities offered on Verkada surveillance cameras have been turned off in four U.S. jurisdictions in response to legal restrictions. The regulatory environment seems to be trending that way, with biometric data privacy legislation has been proposed in Hawaii, Maryland, Massachusetts, Tennessee and Mississippi already this year.
ID.me CEO Blake Hall sets out to clear the record in an interview with Technical.ly, saying that there is a reasonable explanation for the company’s claims about fraud savings during the pandemic which were questioned by U.S. legislators. ID.me has continued to add government customers at the state and federal level in the meantime.
Mastercard is launching its Farm Pass product in India, digitizing farmer’s identities, along with crop and sales records to improve their income and access to credit. The company is pitching Farm Pass as a way to reduce poverty by cutting out brokers.
Worldcoin explained its decision to design its own iris biometrics collection device as the means of onboarding people to its cryptocurrency platform in a company blog post. The device contains a customized lens built with a partner specializing in machine vision.
Please let us know about any podcasts, opinion pieces or other content we should share with the people in biometrics and the broader digital identity community in the comments below, or through social media.
biometric authentication | biometric liveness detection | biometrics | CRVS | data protection | digital ID | digital identity | identity management | regulation | research and development | week in review