Turing Institute introduces Digital ID Safety Pack to protect against common threats

The Alan Turing Institute’s Cyber Threat Observatory hosted an information-rich webinar on Trustworthy Digital Infrastructure for Identity Systems. Over the three-hour webinar insights on face morphing, fraud, digital identity in Sri Lanka and Ethiopia, threat reporting, and much more, were delivered.

Hosted by Professor Carsten Maple, the event introduced the Digital ID Safety Pack, a comprehensive framework designed to safeguard identity systems against escalating cyber risks.

The Institute’s Cyber Threat Observatory reports that Common Vulnerability Exposures (CVEs) linked to identity systems have surged by 300 percent between 2020 and 2024. Maple emphasized that protecting digital public infrastructure is vital, describing it as the bedrock of modern services and a critical area for evidence-based policy.

The webinar featured contributions from experts including Dr. Salim Awudu, Krishnan Rajagopalan of MOSIP, Miroslaw Malinowski, Chinthaka Ekanayake, and Dr. Roberto Leyva Fernandez. They explored issues ranging from deconstructed vulnerability intelligence to the specific threats posed to biometric presentation systems.

The Observatory warns of cascading risks across digital public infrastructure (DPI), where vulnerabilities in identity systems can trigger financial fraud and healthcare data breaches. To counter these threats, the Digital ID Safety Pack proposes technical measures such as multi-modal biometric verification, liveness detection, anti-spoofing algorithms, secure API design, encryption of biometric templates and AI-based deepfake detection.

Governance and policy recommendations include mandatory disclosure of incidents, adoption of the Cyber Assessment Framework, and synthetic identity simulation exercises. Implementation pathways were outlined for countries at different stages of readiness.

In the short term, biometric systems should deploy liveness detection and establish threat intelligence sharing platforms. Medium-term priorities include aligning with international standards and building cybersecurity workforce capacity. Long-term strategies focus on post-quantum cryptography readiness, secure-by-default architectures, and localized biometric data protection.

Data is valuable, security cannot be an after thought

Krishnan Rajagopalan, head of Country Implementations at MOSIP, opened his presentation with a case study of the U.S. Marquis Software breach. The incident, which exposed private data from 74 banks and placed 40,000 customers at risk, originated from a firewall vulnerability. The fintech provider allegedly paid a ransom, a decision that, if true, ultimately validates criminal business models and encourages future attacks.

Drawing parallels to DPI, he argued that identity system data is particularly attractive to attackers because of its connection to financial services. Centralized storage creates single points of failure, while vendor dependencies in proprietary systems heighten supply chain vulnerabilities.

Insider threats, often overlooked in favor of external risks, are equally dangerous, he cautioned. This is reflected in a recent huge data leak in South Korea with the country’s largest ecommerce platform, Coupang, facing a possible $1 billion fine owing to the actions of a former employee.  

Reflecting on 30 years of experience, Rajagopalan noted the tendency to treat security as an afterthought. He called for security-by-design to be embedded from the outset, with encryption at rest, in transit and in use. He advocated for zero-knowledge proofs, federated data storage, tokenization, consent-based access and adherence to frameworks like NIST.

Modular architectures, he explained, allow components to be taken offline for evaluation and patched without disrupting the overall system. Regular third-party audits, tamper-proof logs, and data minimization are also vital to ensuring transparency and resilience.

On governance and policy, Rajagopalan emphasized that governments must enforce privacy-by-design through legislation, independent oversight, and multi-stakeholder consultations. Institutions such as the Alan Turing Institute, he noted, play a pivotal role in educating stakeholders about privacy principles.

Rajagopalan concluded with two recommendations: safeguards must be prioritized from the design phase through to operations, and continuous audits combined with multi-stakeholder collaboration are critical for building resilience in digital identity systems.

Hacking myths, morphing and securing verifiable credentials

The Institute’s Miroslaw Malinowski, a researcher and engineer, introduced the concept of the Work-Averse Attacker (WAA), which challenges the myth of the highly skilled hacker. Instead, WAAs thrive on convenience, relying on existing proof-of-concepts or exploits purchased on the black market. Their approach is defined by reliability, ease of use, and repeatability rather than technical brilliance.

To counter this, the experts propose a dynamic assessment methodology that prioritizes vulnerabilities not just by severity scores but by their actual utility to attackers. If an exploit is low-cost, easy to execute, and capable of delivering high rewards, it should be treated as a high-priority risk. This framework ensures that limited security resources are directed where they will have the greatest impact, strengthening defenses against attackers who exploit efficiency rather than ingenuity.

The discussion also highlighted emerging biometric threats, particularly morph attacks. Researchers Leyva, Maple, and Hooper presented work on anomaly detection approaches to counter morphing, where two or more faces are combined to create a synthetic identity. Their method leverages an “azimuthal feature” derived from distortions in the spatial and frequency domains, building on Durall et al.’s use of azimuthal integrals in frequency analysis. With deepfake detection still lagging, the team is developing an agnostic-data framework that has shown promising results in detecting morph attacks, with further testing underway on their novel model.

Antony Muriithi, a senior technical architect at the Centre for Digital Public Infrastructure in Nairobi, Kenya, gave a presentation on Securing the Verifiable Credentials Ecosystem. He zeroed in on three often-overlooked attack surfaces that, if compromised, can unravel the entire chain of trust in digital identity deployments — trust registries, credential issuance APIs and verifier APIs.

Trust registries, which determine who is authorized to issue credentials, represent a foundational risk. A single compromise can allow attackers to insert fraudulent issuers into the ecosystem. Muriithi illustrated this with a real-world scenario: if a malicious actor adds a fake university to an educational credential registry, they could issue “legitimate” degrees that verifiers would accept without question.

To mitigate this, he outlined essential controls such as strong authentication for registry updates using mutual TLS (RFC 8446) and HSM-backed signatures, cryptographic signing of registry entries aligned with W3C DID specifications, distributed registry architectures to eliminate single points of failure, rate limiting to prevent reconnaissance, and out-of-band verification for new issuers. Operational best practice demands strict separation of read and write paths, ensuring registry queries never carry write permissions.

Credential issuance APIs are another high-value target. A breach here could enable unlimited credential generation, undermining the integrity of the ecosystem. Common vulnerabilities include weak authentication at issuance endpoints, missing input validation that allows manipulation of credential content, and exposed metadata that reveals system architecture.

Muriithi pointed to protocols such as OpenID for Verifiable Credential Issuance (OID4VCI), OAuth 2.0 (RFC 6749), and ISO/IEC 18013-5 for mobile driving license issuance as critical standards to secure these endpoints.

Verifier APIs face distinct threats, including information disclosure, replay attacks, and credential enumeration through predictable identifiers. Securing the VC API stack requires careful design to prevent these exploits, with emphasis on minimizing leakage and ensuring robust replay protections.

Muriithi concluded with design principles for VC implementations. Threat modeling must begin with the registry, as it is the bedrock of trust. Standards should be chosen deliberately, with readiness for offline scenarios and multi-tenancy built in from the start. API clients should never be trusted by default, selective disclosure mechanisms must be tested rigorously, and systems must plan for inevitable key compromise. Above all, he stressed that in VC ecosystems, security is distributed — every participant must uphold their security posture, because a single weak link can compromise the entire network.

How Sri Lanka and Ethiopia handle security for their digital ID systems

Chinthaka Ekanayake, program specialist for Digital Public Infrastructure (DPI) at Sri Lanka’s Ministry of Digital Economy, pointed to the strategic role cybersecurity has in accelerating the country’s digital economy.

Speaking on national priorities, he explained that Sri Lanka is building DPI modeled on the approaches of India and Singapore, with cybersecurity positioned not as a cost overhead but as a direct economic enabler. Trust in secure systems drives adoption of digital services, boosts investor confidence and reduces fraud, which allow platforms to scale more rapidly.

Sri Lanka’s MOSIP-based digital ID, known as SL-UDI, is central to this effort. As biometric authentication and national-level data sharing expand, the risk surface grows significantly. Ekanayake outlined focus areas including securing SL-UDI, payments and data exchange, backed by strong governance and alignment with global standards.

Priorities for SL-UDI include biometric security and Automated Biometric Identification System (ABIS) protection, hardware security module (HMS)-based digital signing, fraud detection in authentication, and ensuring secure operations at enrollment centers. To reinforce trust, Sri Lanka will adopt the Alan Turing Institute’s Digital Identity Systems Trustworthiness Assessment Framework (DISTAF).

Global collaboration is seen as essential to this mission. Partnerships will help Sri Lanka strengthen its cybersecurity posture while embedding resilience and accountability into its digital identity ecosystem.

Selemawit Reta, an experienced software project manager, introduced Ethiopia’s Fayda digital ID. Fayda is Ethiopia’s first digital foundational proof of identity, designed to uniquely identify individuals through five demographic attributes and three biometric modalities. It serves as the basis for other IDs and integrates with key services, covering all citizens and legal residents regardless of age. Ethiopia aims to issue 90 million IDs by 2027, with registration free of charge but credentialing and authentication services offered on a paid basis.

Fayda has registered 29 million people, integrated with 90 government, non-government and private entities, and is conducting around 300,000 authentications daily. Built on the MOSIP platform, Fayda follows a “leave no one behind” principle while minimizing data collection.

Securing Fayda relies on a layered ID stack. At its core is the FIN, a 12-digit irrevocable identifier. Complementing this is the FAN, a 16-digit alias ID that can be regenerated as needed and used exclusively within the Fayda platform. Sectoral Tokens (PSUT) are generated on the fly for specific sectors, ensuring they cannot be reverse engineered back to the FAN. Partner Tokens provide unique identifiers for lower-level authentication needs.

These mechanisms form a token management system that preserves privacy and limits the impact of breaches. If one sector’s database is compromised, the damage is contained to that sector alone. While this approach enforces privacy across domains, Reta noted that interoperability between sectors remains the next major challenge.

Biometrics are not the be-all and end-all, fraud management should be layered

The session concluded with insights from the Alan Turing Institute on fraud detection and prevention. A highlight was on detection and prevention limitations. For example, there are serious concerns about biometric authentication in the academic literature.

Single-frame face unlock can be “trivially” spoofed; static-image biometrics are highly susceptible to attacks. Advanced deepfakes now mimic subtle liveness cues such as blinks and micro-expressions, while even simple manipulations can degrade detection performance.

To counter these risks, experts emphasized the need for multi-layered fraud management systems. These should combine biometric quality checks with deepfake detection, deduplication across all modalities, and liveness detection. Fraud analytics must monitor usage patterns to identify anomalies, such as repeated or inconsistent biographical information, and flag more susceptible users.

The Institute’s Cyber Threat Observatory’s research objectives include investigating how generative AI exploits weaknesses in identity systems, assessing the impact of credential and synthetic identity fraud, and evaluating the effectiveness of current policy frameworks such as NIST SP 800-63, among others.

Article Topics

digital ID  |  digital public infrastructure  |  identity management  |  MOSIP (Modular Open Source Identity Platform)  |  Turing Institute  |  Turing Institute. Cyber Threat Observatory  |  verifiable credentials