FB pixel

Australia Digital ID Bill criticized for biometrics testing barrier, phased rollout

Australia Digital ID Bill criticized for biometrics testing barrier, phased rollout
 

National banks and a biometric testing provider have expressed concerns in submissions to parliament on the Digital ID Bill that will govern the Australian Government Digital ID System (AGDIS). BixeLab commented that the bill as it stands can hinder testing integrity. Banks and others have also argued the private sector should access digital IDs at the same time as state governments, rather than maintain its current multi-step plan, according to InnovationAus.

The Digital ID Bill was first introduced to Parliament in November and includes a number of rules referring to biometric testing. BixeLab submitted an inquiry to parliament supporting the oversight of accreditation by a regulator as outlined in the bill, arguing that it will facilitate change in response to the emergence of novel threats.

The company opposes that the bill leaves it up to the discretion of the regulator as to whether or not independent testing would be required. The committee should “consider an amendment … to make explicit that testing … may be prescribed to be independent of accredited entities,” the submission reads.

A clause in the bill bans the collection of racial or ethnic attributes, which hinders BixeLab and other testing providers from using such data to assess racial bias in biometric algorithms, it notes. Additionally, the bill as it currently stands limits the retention of biometric data for testing to 14 days.

The two-week timeframe “is not a sufficient period to complete testing and associated fraud investigations for more complex and novel threats and attacks,” says BixeLab. It suggests the maximum period for retaining data should be extended to at least 28 days, and preferably to 60 days.

BixeLab also says the three month accreditation period for testing entities could be extended.

The bill outlines which entities will be able to implement AGDIS in a series of phases but not when each phase is expected to begin. As the bill stands today, state and territory governments would have access in the second phase and citizens could use digital IDs to access private sector services in the third phase. The private sector, including current digital ID providers like IDVerse, will only be able to access government services in the fourth and final phase.

The Department of Finance argues that a phased-in approach will give the government a chance to see that the system is operating as planned before continuing to roll out digital IDs.

The National Australia Bank (NAB) argues that whether an organization meets security standards should determine when they can access digital IDs – not an arbitrary deadline.

“Accreditation should be the barometer of an entity’s maturity and applicability for joining the system – not an artificially constructed timeline which does not relate to an organization’s capability to satisfy the state requirements,” states NAB’s submission to parliament.

Australian Payments Plus (AP+), which runs the ConnectID digital ID system that Commonwealth Bank of Australia and NAB currently use, says that the government is prolonging national cybersecurity risks by dragging its feet on private sector access.

Equifax, one of the two largest private users of the government’s currently available identity verification services, says in its submission that delays in private sector access could “undermine consumer confidence in dealing with business and government” as digital identity fraud becomes more sophisticated.

Other submissions from civil rights groups call for stronger restrictions on law enforcement’s access to the system.

Article Topics

 |   |   |   |   |   | 

Latest Biometrics News

 

US discusses ethics of biometric travel

As U.S. lawmakers debate the Traveler Privacy Protection Act, government agencies, including the Transportation Security Administration (TSA), are working on…

 

Nigeria embraces DTCs amid talks on passport-free travel in Africa

The Nigerian federal government has unveiled its intention to adopt digital travel credentials (DTCs), in a bid to streamline the…

 

Prove launches user verification tool with Uber as first client

A new identity verification offering, Prove Verified Users, has been announced to enhance security across digital marketplaces. Its introduction by…

 

ICE to award contract to field more NEC fingerprint capture devices

US Immigration and Customs Enforcement (ICE) intends to award a firm fixed price delivery order under the First Source II…

 

Veriff passes Level 2 biometric PAD evaluation from iBeta

Veriff has completed the ISO/IEC 30107-3 Level 2 Compliance evaluation for biometric passive liveness detection by iBeta. The Estonia-based company…

 

Outdated biometric liveness tests create ‘false sense of security,’ FaceTec argues

Biometrics are replacing legacy knowledge-based authentication for remote and unsupervised authentication scenarios. But the latest liveness detection report from FaceTec…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events