ID Tech Digest – December 19, 2024

Welcome to ID Tech’s digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:

Federal Cybersecurity Gets a Boost as CISA Mandates New Cloud Security Standards

CISA has issued a Binding Operational Directive mandating federal agencies to adopt the Secure Cloud Business Applications (SCuBA) standards to enhance cloud security. Agencies must report their cloud systems by February 2025 and implement required protections, including multi-factor authentication, by June 2025. The directive builds on lessons from the SolarWinds breach and aims to reduce federal network vulnerabilities. It complements cybersecurity measures in the 2025 National Defense Authorization Act, which allocates funds for domestic cyber resilience and international defense, including removing Chinese network risks and addressing spyware threats. CISA’s directive also encourages private sectors to adopt similar standards, reflecting the shared risks in cloud security across industries.

Ryanair Faces €450M Fine Over Mandatory Facial Recognition Policy

Ryanair is under scrutiny by Italy’s Data Protection Authority and Ireland’s Data Protection Commissioner over complaints about its facial recognition verification process for booking flights, which could result in fines up to €450 million. Privacy advocacy group NOYB alleges that Ryanair’s mandatory biometric verification for account creation violates GDPR principles, including data minimization and purpose limitation. The airline requires customers to use facial recognition or provide handwritten signatures with government ID, a practice NOYB argues unnecessarily collects sensitive data. If found in violation, Ryanair could face one of the largest GDPR penalties in the aviation industry.

IOM Deploys Biometric Registration to Aid Displaced Persons in South Sudan

A report from the International Organization for Migration (IOM) highlights the role of biometric technology in improving humanitarian aid delivery for internally displaced persons (IDPs) in South Sudan’s Western Bahr el Ghazal State. In May 2023, IOM’s Displacement Tracking Matrix (DTM) registered 6,981 individuals in 1,727 households at Naivasha IDP Camp and 3,055 individuals in 736 households at the Masna Collective Site using biometric verification. This system minimizes fraud and duplication, ensuring accurate resource allocation and aid distribution. It also enables real-time tracking of displacement trends to inform strategic planning, aligning with regional efforts like UNHCR’s biometric programs in Uganda.

FPC, Anonybit Team Up on Multimodal Enterprise Solution

Fingerprint Cards AB (Fingerprints) and Anonybit have partnered on a multimodal biometric authentication solution for enterprises, set for release in 2025. The system will integrate Fingerprints’ fingerprint and iris biometric algorithms with Anonybit’s decentralized biometric cloud platform to provide passwordless login, account takeover prevention, continuous authentication, and secure help desk verification. Anonybit’s approach involves breaking biometric data into anonymized fragments stored across multiple clouds, eliminating centralized repositories to address privacy and security concerns. Fingerprints and Anonybit aim to enhance cybersecurity for enterprise customers amid growing concerns over account takeover attacks.

Ohio Casinos Now Accept Mobile Driver’s Licenses for ID Verification

The Ohio Casino Control Commission has authorized the use of mobile driver’s licenses for identity verification at the state’s four casinos: Hollywood Casino Toledo, Hard Rock Casino Cincinnati, Hollywood Casino Columbus, and JACK Casino Cleveland. Effective December 18, 2024, the policy allows visitors to present ISO 18013-5 compliant mobile IDs, including Ohio Mobile ID, via smartphones for entry verification. This builds on Ohio’s earlier adoption of digital IDs for TSA checkpoints and Apple Wallet integration.

SEALSQ Unveils Post-Quantum Security for GSMA-Certified eSIM Tech

SEALSQ Corp has introduced GSMA-accredited eUICC technology with integrated post-quantum security measures, aiming to protect mobile and IoT devices from emerging quantum computing threats. The technology incorporates advanced Public Key Infrastructure (PKI) for secure authentication and identification within the GSMA remote provisioning framework, supporting eSIM-based devices in M2M, consumer, and industrial IoT applications. Operating under the GSMA Root CI-accredited framework, it enhances existing eSIM security by adding quantum-resistant encryption. This ensures secure data transmission for applications like smart cities, where IoT sensors manage traffic and infrastructure.

Morocco’s E-Police Platform Builds on Biometric ID Infrastructure

Morocco’s General Directorate of National Security (DGSN) is set to launch an “E-Police” platform on December 20, 2024, to digitize and streamline police administrative services. The system integrates biometric features from Morocco’s IDEMIA-supported electronic national identity cards, enabling remote identity verification and online application processing. Initial services include anthropometric records, national identity card appointments, and police recruitment registration, with future expansions planned. E-Police aims to reduce waiting times and unnecessary travel for citizens, aligning with Morocco’s broader digital transformation and e-government initiatives.

–

December 19, 2024 – by Tony Bitzionis and Alex Perala

Related News

Partners

FaceTec’s patented, industry-leading 3D Face Verification and Reverification software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ finally make trusted, remote identity verification possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for 3D Liveness and Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

AuthenticID provides 100% automated identity verification and fraud detection solutions that are leveraged by companies worldwide, including 2 of the top 3 U.S. Banks, 8 out the top 10 wireless providers in North America, and 2 of the 3 credit bureaus. Using proprietary computer vision and machine learning technology, these solutions help companies accurately verify the identity of their users across retail, digital and call center environments for onboarding and ongoing re-authentication events; KYC, IAM, and more. The solutions are easy to integrate and provide customers a large ROI by stopping fraud losses, increasing customer conversion at onboarding, reducing operational costs and allowing quick and cost-effective operational scalability, all while ensuring global privacy regulations are complied with. https://www.authenticid.com/

Anonybit is a privacy-focused technology platform that provides decentralized solutions for securing personal data, particularly biometric information. Rather than storing sensitive data in centralized repositories, which are vulnerable to breaches, Anonybit uses a distributed architecture that breaks data into smaller encrypted bits and stores them across a network of decentralized nodes. This approach ensures that no single entity has access to the full dataset, enhancing privacy and security, even preventing insider threats. Anonybit is used by leading banks, fintechs and other enterprises for critical biometric identity functions like deduplication and blocklist checks, step up authentication, passwordless login and account recovery https://anonybit.io/

Identity Week aims to be a significant identity industry catalyst. It’s our mission is to help accelerate the move towards a world where trusted identity solutions enable governments and commercial organisations to provide citizens, employees, customers and consumers with a multitude of opportunities to transact in a seamless, yet secure manner. All the while preventing the efforts of those intent on doing harm. https://identityweek.net/

The Biometric Digital Identity Prism is a market landscape framework designed to help influencers and decision makers understand, innovate, and implement digital identity technologies and solutions. This innovative framework for understanding and evaluating the rapidly evolving biometric digital identity marketplace is the only market model that is truly biometric-centric based on the foundational conviction that in the age of digital transformation the only true, reliable link between humans and their digital data is biometrics. https://www.the-prism-project.com

ID R&D is an innovator of biometric facial liveness, document liveness, and voice biometrics. Ranked #1 by NIST, our patented passive approach to liveness, and specialized detection of voice clones, injection attacks and deepfakes, empowers KYC and authentication systems with fast, accurate and secure biometric verification technologies. Over 140 partners in more than 70 countries are collectively processing hundreds of millions of identity checks per year. ID R&D solutions easily integrate with mobile, web, messaging, smart speakers, set-top boxes, and IoT devices. Learn more: www.idrnd.ai