Welcome to FindBiometrics’ digest of identity industry news. Here’s what you need to know about the world of digital identity and biometrics today:
ITRC Research Charts Slight Decline in Identity Fraud, and Increase in Severity of Cases
The Identity Theft Resource Center (ITRC) has published its “2023 Trends in Identity Report,” revealing a slight decline in identity fraud cases but an increase in their severity and complexity. In 2023, ITRC assisted 10,904 new victims, marking a 16 percent decrease from the previous year. Despite this reduction, identity thieves have adopted more sophisticated methods, often leveraging AI to create more convincing scams, particularly in job postings. This has led to a rise in severe forms of identity misuse, such as employment-related fraud and the use of stolen Social Security numbers. The report highlights that the most common types of identity crimes involve existing account takeovers and new account creations, especially targeting financial accounts like credit cards and checking accounts. Additionally, there has been a significant increase in reports of attempted misuse, indicating ongoing pervasive threats. Most victims are aged 25 to 64, with Black community members seeking assistance at higher rates than the general population. The highest number of incidents were reported in California, Florida, Texas, New York, and Pennsylvania.
IDV Firm Had Exposed Credentials Online for a Year: Report
AU10TIX, an Israel-based company providing identity verification services to clients such as TikTok, Uber, and X, exposed administrative credentials online for over a year, according to a report by 404 Media. This vulnerability potentially allowed hackers access to sensitive user data, including photographs of faces and driver’s licenses. The credentials were exposed from December 2022 and were found posted on Telegram in March 2023. They included passwords and authentication tokens for services used by an AU10TIX employee, facilitating direct access to personal data such as names, birthdates, nationalities, and images of identity documents. Mossab Hussein, chief security officer at spiderSilk, discovered the issue and notified 404 Media. The breach highlighted the need for stronger security measures, prompting AU10TIX to decommission the compromised system and enhance its security protocols.
Viettel Achieves ISO 30107-3 Certification for FaceID System
Viettel’s electronic Know Your Customer (eKYC) system has attained ISO 30107-3 certification for facial recognition (FaceID) at level 2, making it the first and only enterprise in Vietnam to achieve this accreditation. Certified by Tayllorcox, a globally recognized ISO certification body, this achievement confirms the system’s ability to effectively distinguish between real user faces and various 2D and 3D forgeries. Viettel’s eKYC system underwent approximately 3,000 tests involving simulated facial reconstructions, achieving a flawless error rate of 0 percent. This level 2 certification equips the system to identify sophisticated 3D fraud attempts, enhancing security in operations such as opening accounts, issuing cards, and assessing loans. Integrated with Vietnam’s national citizen identity card database, Viettel’s eKYC system ensures swift and accurate electronic identification and authentication, significantly reducing paperwork and processing time.
Clear Expands TSA PreCheck Enrolment Network
Clear has announced the expansion of its TSA PreCheck enrollment network, adding seven new locations to enhance accessibility for travelers. The new sites include major airports such as Hartsfield-Jackson Atlanta International Airport (ATL), Austin-Bergstrom International Airport (AUS), Denver International Airport (DEN), Detroit Metropolitan Wayne County Airport (DTW), Rhode Island T.F. Green International Airport (PVD), San José Mineta International Airport (SJC), and Luis Muñoz Marín International Airport (SJU). With these additions, Clear now offers TSA PreCheck enrollment at 27 airports across the United States, including Puerto Rico. The TSA PreCheck program, authorized by the Department of Homeland Security (DHS), streamlines airport security screening for enrolled travelers, allowing them to keep their shoes, belts, and light jackets on and leave their laptops and liquids in their bags. Clear also offers a biometric-based membership program called Clear Plus, which costs $189 per year, with discounts available through certain credit cards or bundled packages with TSA PreCheck.
Bank Biometrics to Become Mandatory in Vietnam Starting July 1
The State Bank of Vietnam (SBV) has announced that biometric authentication will become mandatory for certain online transactions starting July 1, 2024. This measure aims to enhance security as cashless payments become more prevalent. Biometric verification will be required for single online transactions exceeding VND10 million (approximately USD $392.65) or daily transactions surpassing VND20 million. The SBV is moving away from traditional password-based systems and one-time passwords (OTPs), which are susceptible to cyberattacks. Biometric data will be matched with the national ID database to strengthen account security and prevent financial fraud. Over 87 percent of adults in Vietnam have personal payment accounts, and the use of QR codes for payments has surged. Experts believe the new biometric requirements will improve account management, help trace and recover money from scams, and limit the use of virtual bank accounts. Domestic banks are preparing for the new regulations by notifying customers to update their biometric registration. In 2023, Vietnam saw financial losses from online scams estimated at VND8-10 trillion, with 91 percent linked to financial schemes. Major General Nguyen Van Giang of the Ministry of Public Security has urged the public to stay vigilant against scams and use multi-factor authentication to protect their financial information.
Mall of America Introduces Facial Recognition Security System
The Mall of America has introduced a new facial recognition system to enhance security measures following recent incidents of fighting and shootings. Will Bernhjelm, Mall of America VP of security, clarified that the system’s primary purpose is to identify individuals of interest, such as those trespassed or flagged by law enforcement, rather than to find out who shoppers are. The system scans faces and matches them against a database of known persons of interest, issuing alerts for further investigation only if a match is found. This process includes up to three layers of human visual review to ensure accuracy before any action is taken. While some visitors express privacy concerns, security officials highlight the system’s role in improving safety. The mall has partnered with Corsight AI, whose facial recognition algorithm boasts a 99.3 percent accuracy rate, as tested by the National Institute of Standards and Technology (NIST) and the Department of Homeland Security (DHS).
Google Wallet Gets Virtual Hotel Keys
Google Wallet has introduced a new feature allowing users to add virtual hotel keys to their digital wallet, enabling them to unlock hotel doors by tapping their Android device against the door knob. The Clarion Hotel Post in Gothenburg, Sweden, is the first hotel to implement this feature, with plans for more hotels to follow. This update mirrors the capabilities introduced by Apple Wallet three years ago, such as office keys, digital ID cards, and hotel keys, thereby increasing competition in the digital wallet market. For hotels to offer this service, they must ensure compatibility with Google Wallet, requiring collaboration with Google. The process for adding a hotel key involves visiting a specific website or app, following the provided instructions, and pressing the “Add to Google Wallet” button. As this feature becomes more widely adopted, it is expected to enhance and modernize the travel experience significantly.
Papua New Guinea’s ‘Digizen’ ID Card Supports e-Signatures
Digizen PNG Limited has launched the Digizen ID card, aimed at enhancing financial inclusion in Papua New Guinea. The card features several security upgrades, including a CVV code, the ability to update information post-issuance, and support for digital signatures. Approved by the Bank of Papua New Guinea, the card adheres to stringent financial and security standards and includes NFC technology for easy wireless interactions. The rapid issuance process allows citizens to obtain the card in minutes, significantly improving access to financial services for underserved populations. The inclusion of digital signatures enhances its use for secure electronic transactions, supporting the increasing need for secure online interactions. “Digizen enables Papua New Guinea citizens to acquire a digital ID card in minutes instead of months,” said Digizen CEO, Frank van der Poll, emphasizing the company’s commitment to providing accessible financial services to all citizens.
World Bank Provides $45.5M for Nigeria’s National Digital ID Program
The World Bank has provided $45.5 million to Nigeria’s National Identity Management Commission (NIMC) as part of the Digital Identification for Development (ID4D) project, which is co-financed by the World Bank’s International Development Association, the French Agency for Development, and the European Investment Bank. The project, approved in February 2020, aims to enroll 200 million Nigerians in the National Identification Number (NIN) system by 2025, with a particular focus on marginalized groups. As of May, the number of NINs had increased to 107.34 million. Despite progress, the project faces challenges in managing data efficiently and ensuring the integrity of the digital identity system to prevent fraud and underage registrations. NIMC has re-engaged with Idemia to upgrade its biometric systems and has inaugurated a steering committee to push for NIN-linked digital IDs. Recent issues, such as the misuse of NIN data by fraudulent websites, have prompted increased scrutiny from the Nigeria Data Protection Commission. NIMC assures the public that measures are in place to protect the database from cyber threats, adhering to ISO 27001:2013 standards and complying with the Nigerian Data Protection Law.
—
June 28, 2024 — by Tony Bitzionis and Alex Perala
Related News
Signicat Integrates New German IDs into Digital Identity Platform
How LATAM Banks Can Face Down Fraud Amid Booming Digital Business
Human Rights Watch Calls for Suspension of Buenos Aires Biometric Surveillance System
Zwipe Teams With Vopy on Biometric Card Commercialization
Green Bit Reports Business Bump After N2N Challenge First Place Wins
Yoti’s Identity App Passes 10 Million Total Downloads
Follow Us