Watchdog Group Uncovers Two Breaches of Israeli Biometric Database

Israel’s Interior Ministry has been forced to admit that the Population Authority’s biometric database was breached in two separate incidents that occurred in 2017 and 2018. The government insists that both were “operational incidents” that did not lead to any leaks or compromise the security of the database, but the 2018 breach is still being investigated and the scope and nature of both hacks remain unknown.

Either way, the news is likely to create tension between the Population Authority and the Israeli public, which only learned about the breaches after the Israeli Digital Rights Movement petitioned the High Court of Justice for documents related to the creation of the biometric database. The watchdog group uncovered the breaches in their examination of the documents, nothing that neither incident was reported to the public or the Israeli Knesset at the time.

The latter is particularly noteworthy thanks to a 2017 law that requires any events involving the biometric database to be reported to four separate bodies, including the Knesset’s Joint Committee on Biometric Identification. The database has records on 3.5 million Israelis, and has issued 2.1 million biometric identity cards and 2.7 million biometric passports.

For Israelis, the news recalls an incident that occurred 13 years ago, in which the country’s entire population registry ended up online after a subcontractor copied it and then shared it with someone who would later sell it.

It’s also reminiscent of several recent incidents in other parts of the world. India’s Unique Identification Authority has tried to downplay the severity of a recent Aadhaar breach, while the US Customs and Border Protection agency is facing criticism after a subcontractor illegally transferred facial recognition images to its own servers to train a matching algorithm.

Taken together, the breaches are enough to erode the public trust, especially given the recent controversies and debates around state surveillance.

Source: Haaretz

–

June 25, 2019 – by Eric Weiss

Related News

Sponsored Links

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

TECH5 is an international technology company founded by experts from the biometrics industry, which focuses on developing disruptive biometric and digital ID solutions through the application of AI and Machine Learning technologies.

TECH5 target markets include both Government and Private sectors with products powering Civil ID, Digital ID, as well as authentication solutions that deliver identity assurance for various use cases.

Learn more: www.tech5.ai

Mobile ID World is here to bring you the latest in mobile authentication solutions and application providers. Our company is dedicated to providing users with the best content and cutting edge information on technology, news, and mobile solutions for your mobile identity management needs.

HID powers the trusted identities of the world’s people, places and things. Our trusted identity solutions give people convenient and secure access to physical and digital places and connect things that can be identified, verified and tracked digitally. Millions of people use HID products to navigate their everyday lives, and billions of things are connected through HID technology. https://www.hidglobal.com/

As the world moves to a mobile-first economy, businesses need to modernize how they acquire, engage with, and enable consumers. Prove’s phone-centric identity tokenization and passive cryptographic authentication solutions reduce friction, enhance security and privacy across all digital channels, and accelerate revenues while reducing operating expenses and fraud losses. Over 1,000 enterprise customers use Prove’s platform to process 20 billion customer requests annually across industries including banking, lending, healthcare, gaming, crypto, e-commerce, marketplaces, and payments. https://www.prove.com/

Related News

Footer

Follow Us