Welcome to FindBiometrics’ digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:
FedRAMP Likely to Get Revamped
Lawmakers in Congress are expected to push legislation to reform FedRAMP through the upper chamber in the coming weeks, according to a report from FedScoop. The FedRAMP Authorization Act would establish a new cloud advisory committee comprising five representatives from cloud services companies, and would require that one representative each from the National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) would get a seat on the primary, 15-person advisory committee. The legislation also includes a “presumption of adequacy” clause that would essentially rubber stamp the use of FedRAMP-approved tools without the need for additional oversight.
FCC Bans Huawei, ZTE, and Restricts Hikvision, Dahua, Hytera
The Federal Communications Commission (FCC) has banned the U.S. sale of new devices from Huawei and ZTE, citing “an unacceptable risk to national security of the United States or the security and safety of United States persons.” The FCC also implemented restrictions on the sale and import of new video surveillance and telecommunications equipment from Dahua, Hikvision, and Hytera. Hikvision has also been under intense scrutiny in the UK, where the Biometrics and Surveillance Camera Commissioner as well as numerous MPs and Lords have urged the government to ban the company’s products.
Facebook BIPA Plaintiff Found to Have No Standing
A California federal court has tossed a putative class action lawsuit against Facebook under Illinois’s Biometric Information Privacy Act (BIPA), on the basis that the plaintiff had no standing in the case. Clayton Zellmer had argued that Facebook failed to provide users with a written policy concerning its retention and deletion of biometric data as required under BIPA; but the court determined that Zellmer did not demonstrate how this had caused him harm – a constitutional requirement for a plaintiff to have standing in a given case.
Researcher Says Eufy Sends Biometric Data to AWS Cloud
Security researcher Paul Moore claims that Eufy is quietly sending facial recognition data collected from its home security cameras to the cloud. It’s a problem: Eufy claims that this data is only stored locally, but in a video posted to YouTube, Moore details how his Eufy Doorbell Dual camera uploads a face image to the AWS cloud with metadata attached, and how Eufy matched that face data to another image captured using a different camera. Moore also says Eufy camera feeds can be accessed via URL, with no authentication process.
Precise Biometrics Restructures Access Control Business
Precise Biometrics has announced a “strategic reorganization” that will combine the sales, customer service, and even R&D channels of its YOUNIQ and EastCoast product lines, resulting in an anticipated operating expenses reduction of about SEK 5 million for 2023. Precise had acquired EastCoast Solutions, the provider of a SaaS-based visitor management solution, in November of last year; YOUNIQ, meanwhile, is Precise Biometrics’ own physical access control solution.
FPC Teams With Taiwanese Card Maker
Fingerprint Cards has partnered with SmartDisplayer, a Taiwan-based card maker, on a biometric card solution based on the FIDO2 standard. The card will feature Fingerprints’ FPC-BEP software system and its FPC1323 fingerprint sensor, and will be aimed at “a wide range of different logical access applications,” according to FPC’s announcement. The companies will be demonstrating a concept version of the card at this week’s Trustech event in Paris.
AMAG Integrates Identity One’s FIPSlink
Identity One’s FIPSlink software has been integrated into AMAG Technology’s Symmetry Access Control platform, and the joint solution has now been approved by the Federal Identity Credential and Access Management (FICAM) conformance program, enabling its listing on the Government Services Administration’s Approved Product List. The joint solution offers support for multi-factor authentication via digital certificates and biometric authentication.
Infineon, Bundesdruckerei, and AISEC Demo Post-Quantum e-Passport
Infineon Technologies, the German Federal Printing Office (Bundesdruckerei GmbH), and the Fraunhofer Institute for Applied and Integrated Security (AISEC) have developed an e-passport that they say is secure against quantum computing hack attacks. With an Infineon security controller at its core, the solution supports Post Quantum Cryptography, anticipating the emergence of quantum computing attacks that will easily undermine conventional cryptographic security, and enabling e-passports of the future to protect sensitive data including biometric data. The solution is being showcased at the Trustech industry event.
App Leverages Biometrics to Help Diagnose Long COVID
A new mobile app is designed to use physiological biometrics to help track the signs of long COVID as well as chronic fatigue syndrome. It’s called ‘Visible’, in a nod to its mission of helping to uncover the diagnostic symptoms attached to medical conditions that remain mysterious to physicians. The app asks users to log data about sleep quality and menstrual cycles, and to place their finger on their smartphone’s camera lens in order for the app to read heart rate and heart rate variability biometrics.
UBS Enables Biometric Onboarding With Regula
The Swiss bank UBS is now using a selfie-driven onboarding system from Regula, which has replaced a previous system based on video interviews. It asks customers to scan their biometric passport, which is read using Regula’s OCR engine and its RFID chip verification; and to take a selfie, with Regula’s facial recognition technology matching them to the biometrics from their e-passport’s chip, and applying liveness detection to ensure the customer really is present during the onboarding session. The system enables customers to open a new account in under five minutes.
Neurotechnology Launches ‘MegaMatcher On Card’
Neurotechnology has launched a Software Development Kit for applications that support biometric matching on a smart card microcontroller. Dubbed “MegaMatcher On Card”, the SDK’s algorithms have been embedded in NXP Semiconductors’ JCOP 4.5 operating system, supporting both fingerprint and face matching. “We’re excited to offer our NXP-first CC EAL 6+ certified biometric match-on-card solution that adds an additional level of security for user authentication thanks to our JCOP ID 2 and the software solution developed by Neurotechnology,” said NXP’s eGovernment marketing manager, Julien Vintrou.
Veridos Announces Physical ID Security Tech
Veridos has unveiled new ID security elements for physical identity cards, all of which are focused on transparent window of an ID. The Amber ID solution makes the embedded image of the cardholder appear metallic when lit from the front, and makes it almost transparent when lit from the back. Diamond ID is fully transparent in daylight and glows white in UB light. Finally, Spectre ID makes the image appear to move when the card is tilted.
Just in Time for the Crypto Winter
Sentry Enterprises has launched the ‘Sentinel Cold Storage Crypto Wallet’, via a newly-created subsidiary, Sentinel Wallet LLC. The company says it’s the first biometric wallet to attain Common Criteria EAL5+ software certification on a certified EAL6+ silicon. The crypto wallet has a payment card form factor, and includes an embedded fingerprint sensor. In announcing the solution, Sentry emphasized the importance of self-custody of cryptocurrencies in the wake of the collapse of FTX, a centralized crypto exchange that recently lost billions of dollars’ worth of crypto assets that it managed.
November 29, 2022 – by Alex Perala