Security News
The risk of deepfakes is rising with 47% of organizations having encountered a deepfake and 70% of them believing deepfake attacks which are created using generative AI tools, will have a high impact on their organizations, according to iProov. Almost 73% of organizations are implementing solutions to address the deepfake threat but confidence is low with the study identifying an overriding concern that not enough is being done by organizations to combat them.
The US state of Illinois has reduced penalties for breaches of its tough Biometric Information Privacy Act. The first version of BIPA, which came into force in 2008, prohibited orgs doing business in Illinois from acquiring, using, storing, and sharing people's biometric data - think retina scans, face scans, fingerprints, and voiceprints - by any means without proper disclosure and consent.
Meta, the parent company of Facebook, Instagram, and WhatsApp, agreed to a record $1.4 billion settlement with the U.S. state of Texas over allegations that it illegally collected biometric data of millions of users without their permission, marking one of the largest penalties levied by regulators against the tech giant. The development arrived more than two years after the social media behemoth was sued for unlawfully capturing facial data belonging to Texas without their informed consent as is required by the law.
An analysis of a hybrid biometric access system from Chinese manufacturer ZKTeco has uncovered two dozen security flaws that could be used by attackers to defeat authentication, steal biometric...
A data protection watchdog in the UK has issued an enforcement notice to stop Serco from using facial recognition tech and fingerprint scanning to monitor staff at 38 leisure centers it runs. During an investigation, the Information Commissioner's Office, Britain's regulator set up to enforce data protection law, found Serco Leisure and several associated community leisure trusts had unlawfully processed the biometric data of more than 2,000 employees at all 38 of the leisure facilities to check attendance and calculate pay.
Prime minister Pham Minh Chinh instructed the nation's Ministry of Public Security to collect the data in the form of iris scans, voice samples and actual DNA, in accordance with amendments to Vietnam's Law on Citizen Identification. Ammendments to the Law on Citizen Identification that allow collection of biometrics passed on November 27 of last year.
By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits and Biometric Residence Cards in a bid to make its borders digital, which is in-line with developed countries like Australia. Presently, students, workers, immigrants and their dependents from non-EU countries residing in the UK are eventually issued Biometric Residence Permits, cards which are proof of their immigration status in the country.
Cyber attacks using AI-generated deepfakes to bypass facial biometrics security will lead a third of organizations to doubt the adequacy of identity verification and authentication tools as standalone protections. Remote account recovery, for example, might rely on an image of the individual's face to unlock security.
The farewell report written by the UK's biometrics and surveillance commissioner highlights a litany of failings in the Home Office's approach to governing the technology. "My time as the biometrics and surveillance camera commissioner has been interesting, challenging, and at times frustrating, in part because of a lack of engagement across Whitehall and often an absence of support in obtaining the resources needed to fulfill my functions: at no time have I had a full complement of staff," Sampson wrote.
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a...