‘Digital identity is critical national infrastructure’: ID4Africa 2025

World Bank and European Commission Technical Consultant Adam Cooper examined the global landscape of digital identity adoption, noting that he sees an acceleration in adoption.

But if they are not reusable, those identities will have limited value. Digital wallets are helping popularize reusable IDs, particularly across the Asia-Pacific region. The EU is following suit with its EU Digital Identity (EUDI) Wallet. Mobile driver’s licenses (mDLs) also act as de facto ID, further expanding the scale of the trend to places like the U.S.

Aadhaar also continues to evolve, including with a mobile app backed by biometrics. And Ethiopia launched its FaydaPass digital wallet to deliver reusable identity on Wednesday.

Use cases like age verification and cross-border trade are driving the adoption of this particular, more advanced version of digital identity, Cooper says.

Biometrics, and the safeguards that must accompany them to maintain public confidence in the wallets and IDs, are a necessity to ensure their integrity. Without that integrity, the impressive capabilities of these next-generation digital identities also make them vulnerable to “industrialized attacks,” Cooper warns.

“Digital identity is critical national infrastructure, not just digital public infrastructure,” he asserts.

Matching biometrics to identity needs

NIST Biometric Testing Project Lead Patrick Grother followed, delivering an overview of best practices and techniques for binding credentials to their real owners with biometrics.

Grother reviewed NIST SP 800-63 Digital Identity Guidelines, and then moved on to the capabilities of QR codes. NIST has research forthcoming specifically addressing this trend within the biometrics industry.

“This has been a big topic of discussion this week,” he observed.

A face image can be compressed down to about one kilobyte for inclusion in a QR code that comes with a digital signature. Iris images cannot be compressed beyond about 2KB, making them unsuitable for QR codes, but MINEX-compliant, and therefore interoperable fingerprint minutia templates can be rendered as small as 300 bytes. Proprietary face biometric templates vary considerably, from roughly 100 bytes to 4KB, while iris templates tend to be even larger.

Face templates stored in QR codes have some disadvantages compared to images, as they could potentially lead to vendor lock-in, Grother notes.

Idiap research shows that face templates can be inverted, but not consistently enough to rely on for dependable manual comparison. Irreversibility cannot be depended on, either, unless specifically irreversible templates are used.

But facial recognition accuracy has reached the point where the only likely errors are from poor quality images, which can be avoided, children and changes from aging over a long time period.

Grother also touched on the state-of-the-art in infant fingerprint biometrics and contactless fingerprinting.

For systems capturing face biometrics from twins and triplets, Grother suggests their record should note that their siblings. Even non-twin siblings, however, can generate false matches.

A series of sobering warnings followed about presentation and injection attacks, deepfakes and face morph attacks. The answer to the questions these raise, Grother says, is “trusted capture.” A system like the ID-Pass kiosks in the UK protect against morph and injection attacks, but could be vulnerable to presentation attacks.

Grother recommended attendees concerned about deepfakes to seek out the U.S. Department of Homeland Security’s “Increasing Threat of Deepfake Identities” report and its “Phase Two: Mitigation Measures” follow-up.

University of North Carolina Professor and CITeR Director Dr. Stephanie Schuckers delved further into the importance of liveness, and the increasing commonality of presentation attacks and other biometric spoofs.

Schuckers also introduced the work of the FIDO Alliance, and encouraged attendees to join the FIDO ecosystem, from adopting Passkeys to joining as members.

Article Topics

biometric liveness detection  |  biometric matching  |  biometrics  |  data protection  |  digital identity  |  ID4Africa  |  ID4Africa 2025  |  NIST  |  QR code  |  reusable digital ID  |  Stephanie Schuckers