Non-profit IT consortium OASIS is developing a server-based biometric authentication standard. Industry professionals, government officials, and academics have been invited to help develop the standard as part of the Identity-Based Attestation and Open Exchange Protocol Specification – or IBOPS – Technical Committee.
The basic idea of the system they’re working on is to organize data storage by a server-based index system which, when accessed, would link to biometric identities that are not on the server. In other words, the data itself is not stored on the server, just indexed; and that index tells you where you can get the data, but that source is protected by biometric security measures. With this method, hackers could not access sensitive data by merely breaching the server.
It’s a timely effort. As one of the contributors noted in a press release, “With so many biometrics-based solutions emerging today – some effective, some not so much – there is truly a need for this standard… It will enable interoperability of biometrics-based identity assertion solutions, which until now has been non-existent.”
The committee is open to working with other industry regulators such as the FIDO Alliance, thereby ensuring interoperability. This comes at a time of increasing data securitization in the wake of recent high-profile breaches, and a general shift of sensitive information such as financial data into the online world.
November 6, 2014 – by Alex Perala