Biometrics testing, more user control contrast with US surveillance expansion

Biometrics and digital identity technologies and policies are being upgraded by providers and implementers to increase trust, as seen in most-read articles of the week on Biometric Update. AI fraud is already undermining trust in everything from online account onboarding to camera feeds. But efforts like Ingenium’s test of iProov’s IAD technology, the evolution of the FIDO Alliance’s passkeys and reusable identities like those from Evrotrust could restore integrity to the digital world, if governments don’t undermine public trust with surveillance and secrecy first.

More facial recognition, less transparency

The U.S. Federal Government’s approach to facial recognition has changed.  How exactly, is less clear.  ICE’s “Midway Blitz” enforcement operation in Chicago coincided with a follow-on contract awarded to Clearview AI, which is banned from selling to law-enforcement in Illinois. A related DHS policy document on facial recognition use disappeared from the web earlier this year, and EPIC suggests surveillance is expanding without oversight or restrictions.

A letter signed by four Democratic senators calls on ICE to stop using Mobile Fortify and to disclose information about its legal basis, accuracy, and policy controls. The letter notes the apparent use of facial recognition technology indiscriminately on Americans. And local law enforcement can now use the facial recognition and fingerprinting app too, with CBP uploading Mobile Fortify to the Google Play store for officers deputized to perform limited federal immigration enforcement functions. It is not clear if the CBP version draws on the same dataset with hundreds of millions biometrics records as ICE.

Another letter, from Senator Marsha Blackburn to PimEyes, demands information on how many accounts have been blocked for targeting law enforcement and if it can block searches used to identify or dox them. Giorgi Gobronidze tells Biometric Update the site does not identify individuals or occupations, providing statistics that Blackburn asked for but also identifying “misinterpretations” in her letter.

AI fraud

New protections for cameras are now necessary to keep deepfakes out of the records they provide, writes Former UK Biometrics and Surveillance Camera Commissioner Fraser Sampson. The trustworthiness of these records not just for police, but society in general, depends on it, so smart devices must not be blindly trusted.

Au10tix has invited evoke and Booking.com to join a webinar hosted by Biometric Update next Wednesday on how businesses can protect themselves from AI fraud. Adaptive, predictive and collaborative defensive technologies will be demonstrated and discussed based on real-world experiences.

iProov has passed a Level 2, or “High,” evaluation for biometric injection attack detection from Ingenium Biometrics. The IAD test, based on the CEN TS 18099 standard, shows iProov’s Dynamic Liveness aligns with the requirements introduced in NIST’s updated digital identity guidelines.

Australia’s eSafety Commissioner is handling complaints from social media companies, most of them American like X and YouTube, but also Telegram, in the runup to the deadline for them to comply with the country’s new age verification rules. AI chatbots could be next added to the dynamic list of regulated applications.

More and better digital ID

Passkeys are going into wider use by WhatsApp and Microsoft Password Manager, and increasingly recognized as a critical piece of digital identity infrastructure. The protocol is also continuing to evolve, with the FIDO Alliance working on easing account recovery and digital credential sharing. FIDO Alliance CEO Andrew Shikiar appears on this week’s episode of the Biometric Update podcast to talk about how passkeys are growing, but also still changing.

Evrotrust’s $7.5 million funding round will help it bring reusable digital identity that works seamlessly across borders to market, CEO Konstantin Bezuhanov tells Biometric Update in an email. The company’s technology already backs the national digital identity system in its home base of Bulgaria, and its cryptography and biometric liveness detection meet the highest standards, he says.

The details for how the EU Digital Identity Wallets will work is becoming clearer, with three new Implementing Acts published by the European Union. They deal with interface standards, data protection protocols, risk policies, accreditation of conformity assessment bodies and trust list templates.

Utah’s State-Endorsed Digital Identity program has received plaudits from the OpenID Foundation for its protection of user control. SpruceID approves as well, providing a checklist of good digital ID characteristics for states and saying the SEDI program checks a lot of boxes.

Please tell us in the comments below or via social media if you see any opinion pieces, podcasts or other content we should share with the people in biometrics and digital identity.

Article Topics

biometrics  |  digital ID  |  digital identity  |  week in review