French authorities are preparing to launch a biometric national ID app for access to online government services.
The app is called “Alicem”, an acronym for “certified online authentication on mobile”. Like a number of increasingly popular mobile authentication systems in the financial services sector, the app revolves around selfie biometrics: to register, a French citizen takes a photo of their passport, as well as a selfie video, with the system using facial recognition to match the user’s selfie to their passport, thereby confirm their identity.
The solution was previously slated to launch close to Christmas, but the French government has fast-tracked its debut to November.
This has prompted some alarm from critics concerned about security and user privacy. As Bloomberg reports, a prominent hacker who was able to break into a separate “highly secure” government app earlier this year has cautioned that French authorities could at least implement a bug bounty program before proceeding, in order to ensure that potential security flaws are not discovered after a public launch.
Meanwhile, there are serious concerns that the app will run afoul of the European Union’s stringent GDPR laws, with France’s data regulator, CNIL, warning that the app fails to take the necessary step of allowing citizens to access certain government services using an alternative to facial recognition. And a privacy advocacy group, La Quadrature du Net, is already challenging the government’s use of the app in court.
The issue illustrates duel trends that are playing out in numerous countries: the growing use of mobile and biometric technologies for citizen ID, and an intensifying concern about potential privacy and civil rights breaches stemming from government use of facial recognition technology in particular.
October 4, 2019 – by Alex Perala