ID Tech Digest – October 7, 2024

Welcome to ID Tech’s digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:

Orgs Should Use Biometrics and AI to Replace ‘Unsustainable’ Password Authentication: ISACA Strategy Officer

Chris Dimitriadis, Chief Global Strategy Officer for ISACA, has advocated for replacing password-based authentication with biometrics and artificial intelligence, describing the current over-reliance on passwords as “unsustainable.” In an article for Forbes Technology Council, Dimitriadis highlighted the inadequacy of passwords in the face of modern cyberthreats like brute-force attacks and credential stuffing. He argued that biometrics could enhance user-friendliness when used in a multi-factor authentication approach, while AI could improve security by enabling adaptive authentication and real-time anomaly detection. Dimitriadis emphasized the need for ongoing governance of AI, with quality data and effective policies, to manage related risks.

Penske Logistics Faces BIPA Lawsuit for Driver Monitoring Tech

A class-action lawsuit has been filed against Penske Logistics by former employee Jeremy Ratliff, alleging violations of the Illinois Biometric Information Privacy Act (BIPA) for collecting and using drivers’ biometric data without proper consent. The lawsuit claims that Penske used AI-powered cameras to monitor driver behavior, such as eye movements, without informing drivers or obtaining written consent as required by BIPA. The complaint also asserts that Penske shared this biometric data with third parties without authorization. Ratliff seeks $5,000 per willful or reckless violation and requests an injunction to ensure Penske complies with BIPA. This case is similar to one recently filed against Omnitracs, which faced allegations of biometric data collection and sharing without consent.

Concerns Raised Over Police Scotland’s Consideration of Live Facial Recognition Technology

Police Scotland’s consideration of implementing live facial recognition (LFR) technology has been met with criticism from the Scottish Liberal Democrats and privacy experts. Chief Constable Jo Farrell has expressed interest in exploring the use of AI-powered biometric tools, while emphasizing appropriate and unbiased use. However, opponents, including Liam McArthur, justice spokesperson for the Scottish Liberal Democrats, argue that such decisions require a compelling need, legal basis, and public debate. Concerns have been raised about LFR’s accuracy and potential misuse, especially regarding misidentification among ethnic minorities and women. While the Scottish Government has stated that the use of LFR by Police Scotland must comply with the Scottish Biometrics Commissioner’s code of practice, critics demand greater transparency and public engagement before moving forward.

Veridas Looks to Boost European Expansion with Key Executive Appointments

Veridas, a global digital identity verification and biometric solutions provider, has appointed Marco Gouw and Arianna Valente to enhance its expansion in Europe, focusing on the BENELUX, DACH, and Italian markets. Based in Noáin, Spain, Veridas specializes in simplifying secure access for legitimate users while preventing digital attacks and physical breaches, serving sectors like banking and mobility. Marco Gouw, with over 20 years of ICT and security experience, will lead efforts in the BENELUX and DACH regions, leveraging partnerships with industry leaders such as Deutsche Telekom and BBVA Switzerland. Arianna Valente, with extensive experience from her tenure at OneSpan, will head operations in Italy, where Veridas has seen success with BBVA Italy and major airports.

Clearview AI Recognized on Inc. 5000 List of Fastest-growing Firms

Clearview AI has been named to the Inc. 5000 list of America’s fastest-growing private companies, ranking No. 1820 overall and No. 45 in the Government Services category. The company provides a facial recognition search engine that scans over 50 billion images from publicly available websites, used by law enforcement and government agencies to enhance public safety and national security. Clearview AI’s CEO, Hoan Ton-That, expressed pride in the recognition, emphasizing the company’s commitment to innovation and security. Despite the recognition, Clearview AI continues to face regulatory scrutiny, having negotiated a $50 million BIPA settlement and a €30.5 million fine from the Dutch Data Protection Authority this year, along with previous multi-million-euro fines in France, Italy, Greece, and the UK for privacy violations.

Hong Kong Authorities Look to Facial Recognition to Let Tourists Access Sensitive Border Area

The Hong Kong government is advancing plans to transform Sha Tau Kok, an area historically restricted to the general public, into a cultural tourism hub by installing facial recognition technology at the Chung Ying Street checkpoint. Secretary for Security Chris Tang Ping-keung confirmed that final testing is underway, with the system expected to be operational by the end of the year. Chung Ying Street, located on the border between Hong Kong and Shenzhen, is a unique area that lies between two different political and legal systems. Its sensitive border position led to restricted access since the 1950s, but its historical significance has made it a point of interest for tourists. The new facial recognition system aims to streamline access and enhance visitor management, supporting Hong Kong’s broader strategy to promote cultural tourism in Sha Tau Kok.

Upgraded Gaming-focused Identity Assurance Platform Reflects Rise of mDLs, Face Matching

Kentucky-based Veridocs has upgraded its Evolution identity assurance platform with new mobile driver’s license (mDL) reading and facial recognition capabilities, targeted at the gaming and casino industry. The upgrade includes four new modules: mDL Authentication for scanning mobile driver’s licenses, a Facial Comparison module to match the face on an ID to the ID holder using a webcam, a Mobile Verification module for verifying IDs through a mobile app, and a Document Imaging module to scan and store important documents. These new features reflect the rise of mDLs and facial recognition in identity verification, enhancing the ability of operators to authenticate patrons more reliably. Veridocs President and CEO Joe Oprosko emphasized that the expanded platform provides greater assurance in verifying individuals for entry or purchases. The upgrades were announced at the Global Gaming Expo in Las Vegas.

Microsoft Implements Biometric Authentication, Other Fixes to Address ‘Recall’ Backlash

Microsoft is planning to launch an upgraded version of its AI-powered Recall system that incorporates biometric authentication for added security. Users will now need to scan their fingerprints or faces to enable Recall, ensuring only authorized individuals can access the tool. The upgrade comes after cybersecurity experts raised concerns about Recall, which takes periodic screenshots of users’ screens to provide a timeline of past activity. In response, Microsoft has introduced additional privacy measures, such as filtering out specific applications or websites from being recorded and enabling sensitive content filtering by default. Private browsing sessions and sensitive data, like Social Security numbers, will not be captured, and data encryption will keep information secure on users’ devices, with access granted only through biometric authentication. Recall also features an automatic timeout after 15 minutes of inactivity, adjustable by users, and requires manual opt-in for activation. The updated Recall system will be available in beta this month on Microsoft’s new Copilot+ PCs running Windows 11, with the business version available for optional download.

—

October 7, 2024 — by Tony Bitzionis and Alex Perala