Biometrics to support easier interactions grow with new tech, guidance

Iris biometrics capturing at a distance, authentication for encryption keys and open digital identity APIs are all confirmed as mature technologies in a trio of the most-read stories on Biometric Update this week. NIST has made room for passkeys in its digital identity guidelines, NEC technology has enabled the introduction of new biometric border control gates in Singapore, and OSIA has been officially accepted by the ITU. Each represents an expansion supporting ease of use. Meanwhile Microsoft has decided not to make deepfakes creation easier, a Jumio executive offers some practical advice as age verification gets serious, and biometric payment cards gain more traction in Asia with a deal for Idex.

Most-read biometrics news this week

NIST is not waiting for the next revision of its digital identity guidelines to make room in them for passkeys. The agency issued a supplement on “syncable authenticators,” which specifies that private keys duplicated between devices can meet Authentication Assurance Level 2 (AAL2) as long as they are protected by biometrics or another authentication factor. The FIDO Alliance suggests passkeys can even meet AAL3. Service providers continue to take up passkeys (and FIDO biometrics generally) at a rapid rate, with WhatsApp and X (aka Twitter) the latest to announce their support on iOS.

The ITU has accepted OSIA as an official Recommendation for interoperable digital identity management. OSIA officials say the designation shows the platform’s maturity and potential for increasing competition in the government ID market. The telecom standards organization is continuing to collaborate with OSIA and the SIA.

Social dialogue around the European Digital Identity Wallet has developed into a mix of worried speculation, patient reassurance, and practical cautions. Cybernetica’s Yuliia Kravchenko has pointed out the need to craft an effective cybersecurity protocol to make the EUDI Wallet interoperable, while the Mobey Forum suggests it is a double-edged sword for banks.

Microsoft has developed a generative AI video engine that it says makes it easy for people to create deepfakes. In recognition of the likelihood of misuse, the tech giant is holding off on releasing VASA-1 in any form, but some observers suggest the space will be impossible to regulate.

Uber is verifying the identity of its app users, but through third-party database checks or identity document verification rather than selfie biometrics. The blue checkmark system is intended to improve driver safety, but driver’s have requested the same type of facial authentication for riders as they have long had to use to verify their identity to Uber.

Lawsuits over facial recognition use have hit several major consumer brands. Shoplifting prevention systems have prompted a complaint against T-Mobile in New York and against Target in Illinois, while Amazon is getting sued under BIPA for an employee time and attendance system. Each set of allegations includes a lack of informed consent for biometrics collection.

Biometric payment cards built with software and sensors from Idex Biometrics are coming to customers of Bangladesh’s Mutual Trust Bank, Idex’ second bank customer announced in the country. A biometric card made by Feitian with sensors from Fingerprint Cards has been approved by Mastercard, meanwhile, as launch announcements add up in the Asian market.

NEC technology is being used for new border control gates developed by Singapore government agency HTX that capture iris biometrics from travelers while they walk. The “Identification on the Move” prototype captures iris images from twice the distance of standard iris scanners, and was showcased at the recent Milipol Asia-Pacific TechX Summit.

Canada’s border authority is planning to spend at least $3.6 million on selfie biometrics to evaluate adding the capability to a border control app. Mobile apps and preclearance are on the agenda in Australia, expanding for travelers to the U.S., and examined in a new white paper from SITA.

Identity theft has spread to children, who too often leave vulnerable digital trails by easily bypassing flimsy age restrictions, writes Jumio Worldwide Privacy and Regulatory Counsel and Data Protection Officer Veronica Torres in a guest post for Biometric Update. Torres explores the complexities involved in age verification and offers some advice for organizations that want theirs to be effective.

Some similar complexities could make protecting people against online stalking difficult, despite measures introduced in the UK’s Online Safety Act, writes Luciditi’s Philip Young in a recent company blog post. Digital ID presents an opportunity to address those complexities and prevent stalking without introducing mass surveillance, Young argues.

Please tell us about any editorials, interviews or other content we should share with the people who work in biometrics and the broader digital identity community, either in the comments below or through social media.

Article Topics

biometric authentication  |  biometrics  |  digital identity  |  identity verification  |  week in review