Welcome to FindBiometrics’ digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:
Massachusetts Bill Would Set Facial Recognition Regulations for Cops
Massachusetts lawmakers heard a legislative briefing this week concerning a proposed bill that would establish clear regulations for the police use of facial recognition in the state. The bill would make the Massachusetts State Police the only law enforcement agency in the state that is allowed to perform facial recognition searches, and would require police to get a warrant before requesting such a search, with exceptions for certain emergency situations. Arrests can only be made in the event that other incriminating evidence besides a biometric match is found. A representative of the American Civil Liberties Union said the legislation is the result of negotiations involving advocacy groups and government agencies, joking that it “may be the first time the ACLU and the state police have ever agreed about anything.”
China Sets Security Regulations for AI Training
China’s National Information Security Standardization Committee has published security regulations for companies involved in artificial intelligence. The regulations include a blacklist of sources that must not be used in the training of AI models, and proposes periodic security assessments to verify compliance. They also require organizations to get consent from individuals before using their personal information or biometric data in AI training. And no information that pertains to “overthrowing the socialist system” or “damaging the country’s image” can be used.
Taipei to Replace China-Made Biometric Tech
The Taipei City Government is looking to replace certain municipal devices after councilors claimed that 19 municipal offices were using biometric time and attendance tracking systems that were either made in China or assembled in Thailand but largely based on Chinese components. At a news conference, Taipei City Councilor Lin Yen-feng said this was a breach of cybersecurity guidelines, and that the Thai machines were on a blacklist. The Taipei Department of Information Technology has launched a probe to assess any potential security impacts of the procurements.
Ugandan University Deploys Biometric Attendance System
Makerere University, Uganda’s oldest higher education institution, has implemented a biometric attendance tracking system for staff, in a bid to fight absenteeism. The system reportedly scans face and thumbprints. According to a statement, the university indicated that the rollout is part of an ongoing digitization process “as the institution continues to improve the system to achieve a full computerised access control system for all installations.”
New Partnership Extend CLEAR Into Healthcare
CLEAR, known for its biometric traveler screening and venue access platform, is expanding into the healthcare sector. The company has announced a partnership with Verato, the provider of a healthcare-focused Master Identity Management platform. CLEAR has also established a separate partnership with B.well Connected Health, which offers an IT health platform based on the Fast Healthcare Interoperability Resources (FHIR) standard. The company didn’t offer specific details about how it would collaborate with Verato, but in announcing the B.well partnership, it explained that the latter will integrate its “advanced technology and backend identity authentication, which involves cross-referencing attributes on a user’s government-issued identification and a selfie.”
Tech Trio Launches Converged Access Card
IDEMIA, HYPR, and Wavelynx have jointly announced a new converged access card for both physical and network access control in the enterprise. The card features a FIPS-certified PIV applet, and a FIDO Certified passkey with MIFARE DESFire support, enabling interoperability with next-generation access control readers based on the LEAF protocol. The card also has a Prox interface, allowing it to work with legacy access control readers. The card’s announcement comes ahead of the Authenticate 2023 Conference, where IDEMIA Identity and Security North America VP Teresa Wu and HYPR Field CTO Ryan Rowcliffe will lead a session titled “How to make your ID badge smarter” on October 17.
Shufti Pro Gets a New Client in Dubai
Shufti Pro is now providing identity verification services for Omnispay, an emerging fintech company based in Dubai. Omnispay offers a cloud-based platform aimed at helping Small and Medium Enterprises based in the United Arab Emirates to manage cash flow. Co-founder Simanta Das said it’s “the perfect partnership” as Shufti Pro provides “an advanced and easy-to-integrate platform that allows for faster rollout of services.” Shufti Pro recently upgraded its selfie-based identity verification system with AI-powered “depth sensing technology” designed to detect presentation attacks.
UK’s First Accredited Digital Proof of Age Card Launches
United Kingdom-based Luciditi has launched the first digital proof of age credential to be accredited under the Home Office-backed Proof of Age Standards Scheme, and is embarking on a real-world pilot in partnership with the compliance testing specialist Serve Legal. The Age Proof mobile ID card is available in 16-plus and 18-plus formats, and lets third party organizations validate the holder’s age with a QR code scan. In a statement, the company said that its pilot will involve “products such as vapes, energy drinks and gambling scratch cards across retailers ranging from supermarkets to convenience stores.”
Government Site’s Bug Exposed Aadhaar Numbers, Fingerprints: Researcher
Security researcher Sourajeet Majumder says he recently discovered a bug on the West Bengal government’s website that enabled him to obtain digital copies of land deeds containing sensitive data including Aadhaar numbers and images of signatories’ fingerprints. Majumder reported the issue to government authorities, including India’s cyber-response team, “CERT-In”, and the issue was resolved soon after. The credit agency Moody’s recently published a report questioning the security of India’s Aahdaar program, which ties unique ID numbers to citizens’ biometrics. The Indian government vehemently insisted that Aadhaar is secure, and claimed that it has never seen any data breaches.
October 13, 2023 – by Alex Perala