Welcome to ID Tech’s digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:
Researchers Launch Compliance Evaluation Framework for EU AI Act
ETH Zurich, INSAIT, and LatticeFlow AI have introduced COMPL-AI, a compliance evaluation framework aimed at helping generative AI models meet the standards of the EU AI Act. The framework translates the Act’s regulatory requirements into actionable technical benchmarks and includes an open-source tool to assess large language models (LLMs) from companies like OpenAI, Meta, and Google. Early evaluations revealed strengths in mitigating harmful content but noted gaps in cybersecurity and fairness. While focused on generative AI, COMPL-AI’s methodology could serve as a model for evaluating biometric technologies, addressing regulatory concerns related to privacy, accuracy, and fairness.
Shanghai University Researchers Claim Success in Quantum Hack of RSA Encryption
Researchers at Shanghai University have reportedly used a D-Wave Advantage quantum computer to crack a 50-bit RSA encryption, demonstrating the potential of quantum computers to break encryption methods like RSA, which are widely used in digital security. This breakthrough, though based on a relatively small key size, highlights the risk that quantum computing poses to encryption standards, including those that protect sensitive biometric data, such as fingerprints and facial recognition profiles. If quantum technology can crack larger encryption keys in the future, it could expose biometric systems to unauthorized access, underscoring the urgent need for quantum-resistant encryption methods to ensure the security of digital and biometric information.
Researchers Team with Red Cross on Biometric ID for Humanitarian Aid
Researchers from Germany’s CISPA Helmholtz Center for Information Security and the École Polytechnique Fédérale de Lausanne have partnered with the International Committee of the Red Cross (ICRC) to develop Janus, a biometric identification system for humanitarian aid distribution. The tool aims to prevent multiple registrations and ensure equitable distribution of aid by verifying recipients’ identities using biometric data, such as fingerprints. Janus operates through a secure cryptographic protocol, checking if individuals are already in the system while safeguarding privacy. The system only stores data temporarily and uses a dual-computer mechanism to enhance security.
Kroger’s Use of Facial Recognition Spurs Price Gouging Concerns
Kroger, one of the largest supermarket chains in the U.S., is facing political backlash over its use of facial recognition technology in combination with its EDGE smart shelves and Electronic Shelf Labels (ESLs). The system collects customer demographic data to personalize advertisements, and lawmakers, including Rep. Rashida Tlaib, have raised concerns about potential discriminatory effects and price gouging through dynamic pricing. Tlaib and others argue that the technology could lead to surge pricing based on customer profiles, which Kroger denies, asserting that the system is intended to lower prices and enhance the shopping experience.
Building Trust in Biometrics: Inside eu-LISA’s Role in Securing Europe’s Borders
eu-LISA, the agency managing Europe’s large-scale IT systems, plays a crucial role in the EU’s upcoming biometric entry-exit system, designed to track non-EU travelers across the Schengen Area. However, integrating biometric technology while complying with Europe’s strict privacy laws, including GDPR and the EU AI Act, presents significant challenges. In a recent interview, Javier Galbally of eu-LISA emphasized the importance of trust in securing sensitive biometric data and ensuring that innovations do not undermine personal privacy. eu-LISA actively engages in pilot projects, technology monitoring, and educational outreach to build public confidence and ensure compliance with evolving regulations. The agency’s success in balancing innovation with privacy and security will be critical as Europe transitions to more biometric-driven border controls.
Zwipe Brings Biometric Authentication to LEGIC Access Solution
Zwipe and LEGIC Identsystems have integrated biometric fingerprint authentication into LEGIC-based smartcards, adding a layer of security to access control systems. Through the LEGIC neon on card solution, the new feature requires users to verify their identity via fingerprint on the card’s built-in sensor before the card’s credentials are released for NFC readers, eliminating the need for PINs or passwords. Previously available for LEGIC neon-enabled smartphones, this biometric solution is now accessible for smartcards, expanding its application in physical and logical access control. This marks Zwipe’s continued expansion into biometric authentication, following recent trials of its access cards by major global tech and media companies.
NIS2 Directive Takes Effect, Pushing EU to Stronger Cybersecurity Posture
The NIS2 Directive, which strengthens cybersecurity measures across the European Union, takes effect today. The directive broadens the scope of the original NIS Directive, targeting critical sectors such as health, finance, and digital infrastructure. It emphasizes stronger authentication protocols, including multi-factor authentication (MFA), and while not mandating biometrics, organizations may adopt biometric technologies to meet security requirements. The directive’s focus on identity and access management (IAM) will likely drive adoption of advanced IAM systems, which can incorporate biometric verification. ENISA plans to support compliance with an upcoming information campaign.
Lumin Digital Partners with ID Dataweb to Secure Digital Banking
Lumin Digital has partnered with ID Dataweb to strengthen identity security for its digital banking customers. The collaboration will enable financial institutions using Lumin’s platform to integrate ID Dataweb’s identity verification services, which include biometric verification, mobile carrier look-ups, knowledge-based authentication, and fraud prevention tools. These features are designed to help mitigate identity spoofing, synthetic identity fraud, and ensure compliance with KYC and AML requirements across multiple channels such as web, applications, and call centers.
Zimbabwe Launches ‘Online Border Management System’ with Airport e-Gates
Zimbabwe has introduced an “Online Border Management System” (OBMS) with 14 electronic gates (e-gates) installed at Robert Gabriel Mugabe International Airport. The e-gates automate immigration processes, allowing travelers with biometric e-passports to use fingerprint or facial recognition for quick, contactless passage. Inspired by Dubai’s Smart Gates, the OBMS aims to reduce congestion, improve security, and curb illegal activities such as human trafficking and drug smuggling. The system will be expanded to Victoria Falls, Joshua Mqabuko Nkomo airports, and the Beitbridge Border Post, reflecting Zimbabwe’s growing interest in biometric technology.
–
October 17, 2024 – by Tony Bitzionis and Alex Perala
Related News
Building Trust in Biometrics: Inside eu-LISA’s Role in Securing Europe’s Borders
Shanghai University Researchers Claim Success in Quantum Hack of RSA Encryption
Passkeys and Passive PAD – Identity News Digest
ID Tech Digest – October 29, 2024
Researchers Launch Compliance Evaluation Framework for EU AI Act
Lumin Digital Partners with ID Dataweb to Secure Digital Banking
Follow Us