SUPPORT
We create technological value for the prosperous life of our customers.
Support ArticlesStay up-to-date on company and partner news, product tips, and industry trends.
Panelists at a recent policy forum said passkeys with detection-enabled biometrics make for a more secure online future, but accessibility and digital equity concerns must be addressed.
With data breaches that compromise personal info soaring — 2023 was a record year in the U.S., one report found — new methods of verifying identities are almost certainly on their way.
ITRC Chief Operating Officer James Lee advocated facial comparison-based user verification, which he emphasized was different from facial recognition. According to the ITRC, the key difference is that facial comparison compares a person’s selfie or live image against the photo of them on their ID, whereas facial recognition compares a face to those in a database of many faces.
But biometric checks must be handled carefully.
For one, checks must include liveness detection otherwise the system can be tricked, said Stephanie Schuckers, director of Clarkson University’s Center for Identification Technology Research. That means using sensors, accelerometers or challenge-and-response interactions to confirm it’s a real person, not a photo, video or deepfake.
Accessibility is a key concern, too. Not everyone has a smartphone or other device suited to capturing biometrics, Lee said.
Some cautioned against using biometrics as a primary solution, noting organizations must plan against something going wrong and collect only as much data as absolutely necessary. Otherwise the details they store could become a honeypot for hackers.
Schuckers said using approaches like the FIDO protocol enables biometric information to remain on users’ devices, avoiding organizations storing that information themselves.
Organizations can use still more methods too. The Social Security Administration (SSA)’s electronic Consent-Based Social Security Number Verification System is one example. It lets individuals permit a bank to contact the SSA to verify that identity details match those on file, said Jeremy Grant, coordinator for the Better Identity Coalition.
That model could be applied more widely, beyond just the financial sector. Grant’s Better Identity Coalition released a new report detailing policy recommendations and assessing government’s efforts thus far. The report praised federal promotion of multifactor authentication, but said the U.S. needs to do more to develop systems for digitally proofing identities across all sectors.
The report also urged the White House to create a task force of state, local and federal agencies focused on closing gaps between physical and digital credentials. The coalition urged federal agencies to ramp up efforts to create standards and guidance that could help states debut “remote identity proofing applications” for digital credentials like mDLs, as well as provide states with grant funding. Grant also praised mDLs programs, while advocating increased focus on using them to support online verifications.
The Better Identity Coalition’s report also cautioned that efforts to promote digital identity must not overlook the challenges of people who struggle to get core, physical ID documents.
Ben Roberts is director of Foundry United Methodist Church’s Social Justice Ministries, which runs an ID Ministry program helping community members get identification documents. Roberts said during the panel that people who are homeless often have their documents destroyed or stolen. And replacing documents can be difficult due to the fees, transportation and long wait times.
Still, plenty of trust-building may need to happen before residents are comfortable with government retaining and vouching for their ID data
[source:government technology. 2024.Jan.29 Jule Pattison-Gordon]
Meet TrustKey’s expert.
CONTACT US
Copyright © 2020 TrustKey. All Rights Reserved.