Identity News Digest – June 12, 2024

Welcome to FindBiometrics’ digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:

New York Gets Selfie-secured Mobile Driver’s License, Care of IDEMIA

New York has introduced a mobile driver’s license (mDL) solution developed by IDEMIA. The mobile ID app, available on the Apple App Store and Google Play, allows residents to set up a virtual driver’s license or state ID for use as official identification at TSA checkpoints in JFK, LaGuardia, and 27 other airports nationwide. Emphasizing security and privacy, the mDL adheres to ISO 18013-5 standards and employs a selfie-based identity verification process, using facial recognition to match the user’s uploaded photo with their physical ID. The mobile ID offers enhanced privacy protections by allowing users to authenticate their identity with a face or fingerprint scan or PIN, without revealing personal information such as home address and date of birth.

Ann Arbor Moves to Restrict Police Use of Facial Recognition

Ann Arbor, Michigan, has taken a decisive step to limit the use of facial recognition technology by law enforcement, citing concerns over civil rights and privacy. The City Council unanimously directed City Administrator Milton Dohoney to work with the Ann Arbor Police Department to develop a policy that restricts facial recognition to a supplementary investigative tool rather than a primary method for identification, arrest, or prosecution. The council cited documented cases of wrongful arrests linked to facial recognition inaccuracies, particularly affecting Black individuals, as noted by the American Civil Liberties Union (ACLU). While earlier studies, including one by the National Institute of Standards and Technology (NIST) in 2019, highlighted biases in facial recognition systems, more recent research from the UK’s National Physical Laboratory (NPL) has shown improvements.

Virginia Joins AAMVA’s Digital Trust Service for Mobile IDs

Virginia has become the third state to fully participate in the American Association of Motor Vehicle Administrators’ (AAMVA) Digital Trust Service (DTS) for mobile driver’s licenses (mDLs), joining Maryland and Utah. Its participation reflects the growing acceptance of DTS, which uses Public Key Infrastructure (PKI) to authenticate mDLs and ensure interoperability across jurisdictions. The DTS, launched by AAMVA as a “minimally viable product,” is designed to collect stakeholder feedback and incorporate changes during its development. Under the DTS framework, the Virginia Department of Motor Vehicles provides its public keys to AAMVA for storage, enabling the authentication of virtual driver’s licenses without storing personally identifiable information.

Krispy Kreme Becomes Latest BIPA Target

A class action lawsuit has been filed against Krispy Kreme Doughnut Corporation by former employee Brian Krase, alleging the company violated the Illinois Biometric Information Privacy Act (BIPA). The lawsuit claims that Krispy Kreme collected and stored employees’ fingerprints through a biometric timekeeping system without obtaining explicit consent or providing required disclosures about the data’s use, storage, and deletion. Krase, a delivery driver from September 2021 to October 2023, asserts that employees were not informed about the purposes of data collection or potential third-party data sharing for payroll management. He seeks over $75,000 in damages, legal fees, and an injunction to halt these practices. This case adds to a growing list of BIPA-related lawsuits against companies like Amazon, Target, and Wingstop.

ZKTeco USA, Credence ID Collaborate on mDL Infrastructure

ZKTeco USA and Credence ID are collaborating to integrate Credence’s mobile driver’s license (mDL) technology into ZKTeco’s visitor management and access control systems. The partnership is significant for the growing acceptance of mobile ID technology, as ZKTeco’s systems are widely used in corporate offices, higher education campuses, and government buildings. The integration aims to allow individuals to use smartphone-based mDLs for facility access, enhancing convenience and privacy by sharing only necessary information. Credence ID CEO Bruce Hanson emphasized the importance of adopting modern, secure, and privacy-preserving ID presentation methods as more states launch mDL initiatives. The companies plan to implement mDL support across all ZKTeco USA’s systems by the end of the year, reflecting the rapid adoption of mDLs in the U.S.

NIST Teams with Think Tanks to Develop Digital ID Guidelines for State Benefit Programs

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) is partnering with the Digital Benefits Network at Georgetown University’s Beeck Center for Social Impact and Innovation and the nonprofit Center for Democracy and Technology to adapt its digital identity guidelines for state and local benefits programs. The collaboration aims to develop voluntary resources to help public benefits program providers evaluate the necessary degree of authentication and identity proofing practices for their services. NIST and the think tanks will engage with various stakeholders, including federal partners, state benefit program administrators, state IT and cybersecurity leaders, digital identity experts, technologists, and advocates. Public workshops will be held to gather feedback.

AuthenticID’s New Deepfake Detection System Scans Images, Text, and Behaviors

Seattle-based AuthenticID has introduced a new system designed to detect deepfakes and generative AI injection attacks, aiming to prevent fraud during remote identity verification processes. This fully automated solution comprises three core components: visual fraud algorithms that identify synthetic media, text fraud algorithms that detect errors in potentially forged documents, and behavioral algorithms that monitor user activity for anomalies during ID submission and capture. Stephen Thwaits, AuthenticID’s SVP of Global Solutions, highlighted the need for advanced anti-fraud measures due to the sophistication of AI tools employed by fraudsters. AuthenticID’s Identity Fraud Taskforce continuously develops new algorithms to enhance fraud detection and improve their identity verification decision engine.

North Carolina Mulls mDLs as DMV Reels from IDEMIA Software Glitch

The North Carolina Division of Motor Vehicles (DMV) is seeking approval to issue digital driver’s licenses through House Bill 199, as part of an initiative to modernize the state’s transportation laws. DMV Commissioner Wayne Goodwin emphasized the enhanced security and flexibility of digital licenses, allowing users to share specific personal information as needed. The move aims to reduce wait times and backlogs at DMV offices, a problem exacerbated by a recent software glitch blamed on IDEMIA that resulted in a 12-day backlog. Despite disagreements over the handling of the glitch, House Bill 199 received approval from the state Senate’s Transportation Committee last week, potentially allowing North Carolina drivers to opt for digital licenses over traditional laminated ones.

—

June 12, 2024 — by Tony Bitzionis and Alex Perala