Security News

The independent communications authority of South Africa has submitted a radical proposal to tackle the problem of SIM swapping attacks in the country, suggesting that local service providers should keep biometric data of cellphone number owners. SIM swapping attacks are a multi-million problem for all countries and service providers globally, allowing threat actors to port people's numbers to attackers' SIM cards, essentially hijacking the subscriber accounts.

The Italian privacy guarantor has imposed a fine of €20,000,000 on Clearview AI for implementing a biometric monitoring network in Italy without acquiring people's consent. Without ever acquiring those people's consent or informing them about the scraping of their biometric data, Clearview AI offered its clients a search service that employed artificial intelligence to match faces with identities and online activity.

Humans have far greater difficulty identifying images of biometric spoofing attacks compared to computers performing the same task, according to research released by ID R&D. The research report finds that computers are more adept than people at accurately and quickly determining whether a photo is of an actual, live person versus a presentation attack. The study tested humans and machines by presenting them with the most common spoofing techniques: printed photos, videos, digital images, and 2D or 3D masks.

The way the behavioral aspect complements biometrics could cater for safer, more reliable, and faster identification. In contrast to traditional biometrics, behavioral biometric approaches are "Younger" and less standardized.

According to the Kraken Security Labs team, there is a way to clone fingerprints using inexpensive materials, with no high-end tools involved in any step of the process. As the team demonstrated, stealing the fingerprint is a case of photographing it with any modern smartphone and then generating the negative on a photo manipulation software.

How can you be sure that someone is who they say they are, if they're not standing in front of you? In a digital world, how can organizations be sure that an individual attempting to access online services is who they claim to be? Or that they exist at all - are they a fake identity created for fraud or malicious intent? Online biometric authentication enables governments, banks and other enterprises to securely verify user identity.

The survey shows that robust security and a seamless user experience are still non-negotiables when it comes to building digital trust, and the speed of service has also become essential to the digital consumer when setting up an online account. Approximately half of consumers expect that it should take less than three minutes to approve a banking transaction or place a bet, and roughly 35% consumers believe it should take the same time to fill a prescription.

With multiple layers of security in place and biometrics as the central authentication factor, organizations have a future-proofed fraud prevention platform that offers protection against current threats-and whatever new threats the next crisis brings. Layered security involves combining fraud prevention measures like environment detection and anti-spoofing with multimodal biometrics, all underpinned by an AI-powered risk engine that aggregates data from the various layers to generate a risk score for any given customer engagement.

It's not actually banned in the EU yet - the legislative process is much more complicated than that - but it's a step: a total ban on biometric mass surveillance. To respect "Privacy and human dignity," MEPs said that EU lawmakers should pass a permanent ban on the automated recognition of individuals in public spaces, saying citizens should only be monitored when suspected of a crime.

The opt-in nature of this process gives people much more control over the use of their biometric data. When asked to provide your fingerprints for identification purposes, how often do we consider how the matching is performed? Whilst standards exist for the robustness of fingerprint matching when used within the Criminal Justice System, can we assume that the same standards apply to border control systems? Generally, the fewer comparison points to be analyzed, the faster the matching system; in a border control situation where a large quantity of people are being processed, it is important to understand how much of a trade-off between speed and accuracy has occurred.