Welcome to ID Tech’s digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:
DHS Investigation Scrutinizes TSA’s Expanding Facial Recognition Program Amid Privacy Concerns
The Department of Homeland Security (DHS) is investigating the Transportation Security Administration’s (TSA) facial recognition program amid growing concerns over privacy and congressional oversight. TSA has expanded its biometric screening to 80 U.S. airports as of December 2024, with plans for nationwide deployment before the 2025 REAL ID deadline. DHS analysis has raised equity concerns, particularly noting lower face matching success rates for self-identified Black volunteers, though the TSA’s Credential Authentication Technology reports a 96.8 percent overall accuracy rate. Lawmakers have called for a watchdog review, warning that widespread biometric deployment could create an extensive federal surveillance database without proper authorization. The investigation will assess both security benefits and privacy risks, with potential implications for the future of biometric screening in U.S. airports.
Russia’s Unified Biometric System Reaches 3 Million Enrollments Amid Nationwide Expansion
Russia’s Unified Biometric System (RUBS) has enrolled nearly 3 million citizens as of early 2025, reflecting significant growth since its 2018 launch. The system integrates biometric data for travel, contactless payments, and SIM card registration. Russian banks plan to deploy approximately two million biometric-enabled payment terminals by mid-2025, extending the Face Pay system beyond Moscow’s Metro to cities like Kazan and Nizhny Novgorod. A 2023 law mandating biometric data submission to RUBS has accelerated adoption but raised privacy concerns, with Human Rights Watch warning of increased surveillance risks.
US Air Force Academy Seeks Advanced Biometric Visitor Screening System
The United States Air Force Academy (USAFA) has issued a Sources Sought Notice for a biometric identity vetting system to enhance visitor screening. The system will include self-service kiosks integrated with law enforcement databases such as NCIC and III for automated background checks on wanted persons, immigration violations, and terrorism-related alerts. Key requirements include facial recognition for ID verification, REAL ID compliance checks, and physical ID validation. The kiosks must have wheelchair-accessible cameras, touchscreen interfaces with privacy screens, and secure cellular connectivity. Additionally, the solicitation calls for eight rugged mobile verification devices equipped with smart card readers, PIV-certified fingerprint scanners, and extreme temperature operation capabilities.
Finland Proposes Expanded Law Enforcement Access to Biometric Data for Serious Crime Prevention
Finland’s Ministry of the Interior has proposed amendments to expand law enforcement’s ability to use biometric data stored in police and immigration registers for crime prevention and investigation. The proposal, open for public comment until March 17, 2025, would allow police to compare biometric data with evidence in cases involving serious crimes and significant public safety threats. It does not grant new data collection powers but extends the use of existing biometric records from passports, ID cards, and immigration databases. Law enforcement could share biometric data with the Schengen Information System and, in severe national security cases, with the Finnish Security Intelligence Service and the Finnish Defence Forces. Access would be strictly regulated, with requests limited to serious offenses and biometric comparisons conducted exclusively by the National Bureau of Investigation.
India Expands Aadhaar Authentication Access to Private Sector Under New Rules
India’s Ministry of Electronics and Information Technology (MeitY) has introduced new rules allowing private sector entities to conduct Aadhaar authentication. The Aadhaar Authentication for Good Governance Amendment Rules, 2025, extends authentication access to businesses in hospitality, travel, e-commerce, and healthcare. Private entities must obtain approval from the Unique Identification Authority of India (UIDAI) and relevant government ministries before implementing Aadhaar authentication. The government claims this expansion will improve service delivery while maintaining privacy and security standards under the Aadhaar Act. Privacy advocates have raised concerns, noting that the amendment attempts to reinstate provisions previously restricted by the courts. Private entities using Aadhaar authentication must comply with security and privacy requirements, including obtaining authenticated consent and following Digital Personal Data Protection (DPDP) rules.
MGM Resorts Agrees to $45M Settlement Following Major Data Breaches
MGM Resorts International has agreed to a $45 million settlement in a class-action lawsuit over two major data breaches in 2019 and 2023 that exposed the personal information of approximately 37 million customers. The 2019 breach compromised driver’s license numbers, passport numbers, and residential addresses. The September 2023 ransomware attack not only exposed customer data but also disrupted hotel and gaming operations, causing an estimated $100 million in losses. Under the settlement, individuals whose social security numbers or military IDs were exposed may claim up to $75, while those affected by passport or driver’s license breaches can receive up to $50. All impacted customers will receive identity theft protection and credit monitoring. The lawsuit alleged MGM failed to implement sufficient security measures, aligning with recent warnings from the NSA and CISA on identity and access management risks.
Incode Agrees to $4M Settlement in Illinois Biometric Privacy Lawsuit
Incode Technologies has agreed to a $4 million settlement in a lawsuit alleging violations of the Illinois Biometric Information Privacy Act (BIPA). The lawsuit claimed that Incode failed to meet BIPA’s requirements for biometric data collection, including proper user notification and obtaining explicit written consent. Under BIPA, companies must inform users in writing about data collection, specify storage duration and purpose, and secure consent before collecting biometric information. Illinois residents who uploaded a selfie and photo ID to an Incode-powered service between November 11, 2018, and August 5, 2024, may be eligible for payments ranging from $65 to $240, depending on the number of valid claims. Former Illinois residents who used the service while in the state remain eligible.
FaceTec Appoints Former SSA OIG Official as Director of Biometric Cybersecurity
FaceTec has appointed Nicole McNamee-Wicks as its new Director of Biometric Cybersecurity. McNamee-Wicks previously worked at the Social Security Administration Office of the Inspector General (SSA OIG), where she specialized in fraud detection, identity theft, and program integrity. In her new role, she will oversee the adoption of FaceTec’s UR Code protocol among government agencies and the deployment of the company’s 3D Liveness and 3D Face matching software for digital identity verification. UR Codes encode both biographic and biometric data into a scannable QR code, linking a person’s face to an identity credential. McNamee-Wicks’ career includes national policy oversight, more than 40 awards, and recognition for contributions to law enforcement operations.
Socure Doubles Identity Verification Volume in 2024
Socure reported significant growth in 2024, with a 54 percent year-over-year increase in GAAP revenue and a doubling of its identity verification volume to 2.7 billion requests. The company verified 370 million unique identities, marking a 100 percent increase from the previous year. Its customer base grew by 42 percent to over 2,800 organizations across financial services, government, telecom, and gaming. Socure’s public sector partnerships increased by 193 percent, now including 13 U.S. states, over 30 state agencies, more than 20 higher education institutions, and two federal agencies. The Sigma Fraud Suite identified 92 percent of ID fraud within the riskiest 3 percent of users, outperforming the industry average. Socure Verify achieved up to 99 percent verification rates, with strong performance among Gen Z users.
Transguard Group Deploys Over 400 Invixium Biometric Devices for UAE Workforce Management
Transguard Group has deployed over 400 Invixium IXM TITAN biometric devices across multiple sites in the UAE, including Expo City Dubai, to manage time and attendance for more than 65,000 contract workers. The system integrates with Invixium’s IXM WEB platform, providing identity verification, time tracking, analytics, and audit trails. The TITAN devices were selected for their speed and accuracy in challenging environments, such as construction sites, and feature cellular connectivity to ensure continuous operation. Transguard has extended the system’s use beyond attendance tracking to include general workforce and meal management. Chief Security Officer Tim Mundell emphasized the system’s role in eliminating time theft and improving administrative efficiency.
Halton Police Board Awards $1.18M Facial Recognition Contract to IDEMIA
The Halton Police Board in Ontario has approved a $1.18 million contract with IDEMIA Identity and Security Canada to implement facial recognition technology. The system, already in use by Peel and York Region police since May 2024, requires an initial investment of $362,764, with annual maintenance costs of $180,643 for four years. Halton Police will collaborate with Peel and York Police to share mugshot databases, with matches serving only as investigative leads. Deputy Chief Jeff Hill emphasized that facial recognition results will require further verification. Halton Police Chief Stephen Tanner criticized restrictions on national database access, calling for broader investigative capabilities. The police service has committed to using only legally obtained images and plans to engage with the public on privacy concerns.
–
February 3, 2025 – by Tony Bitzionis and Alex Perala
Follow Us