Japan’s digital governance to create “trusted web”

Japan’s digital governance to create “trusted web”

Japan’s plans to govern the “trusted web” will democratise parts of Web 3.0 and facilitate verifiable transactions by not only a few big companies, but by the whole private sector.

Japan’s blossoming relationship with the UK over digital transformation was a highlight of digital relations in 2022, carving out a strategy to boost both digital economies, infrastructure, connectivity and digital identity.

Japan’s “trusted web” will reestablish market competition on the internet and return powers to store and transfer information and enable an ecosystem approach to transactions and data-sharing.

The pandemic brought the onset of a digital society, where various efforts to digitalise healthcare and online services has happened at pace. Under these circumstance, some big companies have dominated infrastructure for the web including identity and data management.

Dominant providers have therefore delivered uncompetitive services where it is difficult to verify how data is being used or exploited for third-parties or advertising.

To avoid creating a surveillant state, Japan intends to open up the pool of infrastructure providers again to create internet transparency and “administrative-less” trading with cryptocurrency.

In June 2020, a report published the medium-term vision to creating competition in the digital market followed by a whitepaper in March 2021 which outlined multi-partner collaboration between government, industry and academia.

The value of “trusted Web” will democratise the internet and create easy data flows while instating a new trust framework to allow more parties to seek benefits from the web.

Dan Yerushalmi appointed CEO of AU10TIX

Dan Yerushalmi appointed CEO of AU10TIX

AU10TIX, the global technology leader in identity verification and identity management automation, today announced the appointment of Dan Yerushalmi as its new CEO. Yerushalmi’s record with global technology enterprises and experience in the security, e-banking and telecommunications industries underlines AU10TIX’s intention to help customers counter increasingly sophisticated fraudsters and comply with regulatory changes. He is replacing former CEO Carey O’Connor Kolaja.

Yerushalmi joins AU10TIX from cybersecurity company Checkpoint Software Technologies, where he served as Chief Client and Revenue Officer. Yerushalmi previously headed the technological division of Leumi Bank as a Group CTO, where he served on the bank’s management team. Prior to that, he was President and Business Manager of EMEA for Amdocs. In 2016, Yerushalmi was named one the 100 most influential CIOs in the world by CIO Magazine.

AU10TIX, chaired by Ron Atzmon, is the long-standing industry leader in automated identity verification and management solutions for the digitally dependent global enterprises of today.

The company began in the 1990s, championing innovations in passenger screening technology for airports and border control all over the world. It was then early to identify the global shift to online and mobile services, drawing its technology superiority from the same security-critical standards it grew on. AU10TIX today offers a full-service identity verification and management automation portfolio, enhanced by forensic-level fraud and risk detection. The company is also celebrating the third year of the operational deployment of the market’s first organised crime attack monitor. AU10TIX powers a list of global household names such as Google, PayPal, Airbnb, LinkedIn, Payoneer, Uber and Santander.

Dan Yerushalmi, CEO: “In a world where ‘automation’ is actually enhanced by human ‘experts’ most of the time, AU10TIX stands out with its level of full-process automation and the richness of its fraud and risk output detection. This wins AU10TIX new clients, creates compelling ROI, and is greatly appreciated by regulators. Being a global player with clients on five continents brings massive opportunity for continued growth and inspires me to take AU10TIX to the next level.”

Ron Atzmon, Chairman: “Dan brings a significant boost to AU10TIX. His experience and extensive knowledge in strategy, operations and sales make him the right person for the company as we expand activity and increase personnel globally. The AU10TIX team and I would like to thank Carey for her contribution to the company and wish her best of luck in her future endeavours.”

Israel’s Cognyte embroiled in Myanmar in spyware scandal

Israel’s Cognyte embroiled in Myanmar in spyware scandal

First published on Totaltele.com. Editor: Harry Baldock

Reports suggest the company won a tender to sell spyware to state-run telecoms operator Myanmar Posts and Telecommunications (MPT) just one month before the military overthrew the Burmese government.

Israeli software firm Cognyte is coming under scrutiny this week following media reports that the company’s surveillance technology may have been used to commit human rights abuses in Myanmar.

Documents shared by activist group Justice for Myanmar show a January 2021 letter from MPT to the Burmese regulator referencing Cognyte as the winning vendor for an intercept technology tender.

The documents show that the purchase order was issued “by 30th Dec 2020” – a little over a month before a military junta overthrew Myanmar’s civilian government.

Eitay Mack, an Israeli human rights lawyer, has reportedly sent a letter to the Israeli Attorney General calling for a criminal investigation into Cognyte and the nation’s defence and foreign ministries, accusing them of aiding the Burmese military to commit crimes against humanity.

The letter claims that Cognyte “should have known” they were providing technology that would be used to commit crimes against humanity, noting that the Burmese military had already openly rejected the results of the November 2020 democratic election when the contract was signed.

But beyond the moral implications of selling surveillance technology to repressive regimes, there is also a legal element at play here.

Back in 2016, the Myanmar military became infamous for their genocidal oppression of the Muslim Rohingya people, killing thousands and forcing hundreds of thousands more to flee to neighbouring countries. In response, various nations placed sanctions on Myanmar, with the US and the EU both ceasing to supply the Myanmar government with military equipment.

Israel, however, continued to export weapons and equipment to the Burmese government until 2018, only stopping when media pressure grew too intense.

As such, Mack argues that any 2020 deal between Cognyte to sell this equipment to MPT was illegal, with intercept spyware tech classified as defence equipment under Israeli law.

It is currently unclear whether the spyware technology has been actively deployed by MPT, though anonymous sources speaking to Reuters confirmed that the technology was tested by the operator. Other sources also confirmed that some form of intercept spyware was used by the operator, though Cognyte was not referenced specifically.

Cognyte and MPT have refused to comment on the matter.

Cabinet Office consultation launched on data sharing between public bodies for digital ID

Cabinet Office consultation launched on data sharing between public bodies for digital ID

The Cabinet Office is seeking feedback on its proposed legislation to allow personal data to be shared with all public bodies.

The Central government’s One Login program to unify 190 sign-in processes across more than 44 department systems is set to be launched in 2023 after 3 years of development, costing more than £400 million.

The consultation will explore whether access to local government services and systems can also be protected by a secure method of authentication leveraging the inter-government user data.

With the exchange closing on 1st March 2023, the public sector are encouraged to provider feedback on the plans which would extend data sharing powers to more inter-government departments.

London local councils, top police officers and secretaries of state are among those specified in the data sharing act under Schedule 4 to use data intended for identity verification.

In addition to the added security protections, a centralised digital ID gateway would reduce face-to-face identity proofing and omit the need for identity documents for people who cannot afford a passport and/or driving licence or security document.

The impact of government-wide services using digital identity could benefit the economy by setting a precedent for private sector companies to adopt these technologies and streamline government operations.

The Cabinet Office stated its plans included “improving data sharing with stringent privacy and security measures in place is central to transforming the delivery and efficiency of public services and people’s ability to interact confidently with government in an increasingly digital world.”

Other public bodies will have to comply with collecting only the personal information which is required to identity the user under four categories of personal data – name, date of birth, address, email address and various identifiers.

NADRA launches KYC service for elderly

NADRA launches KYC service for elderly

‘Knowing Your Customer’ (KYC) as they age is an increasing challenge facing the identity industry. As fingerprints fade during the ageing process, fingerprint biometrics is becoming less useful in confirming someone’s identity.

NADRA says it has found the resolution to this problem among elderly people with the launch of the “Tasdeeq service” which offers over 60s a simpler method of verification.

Some banks will honour the service and ask security questions to confirm customers’ identity as opposed to using biometric technology which is proven to be less effective in screening older generations,

NADRA’s Chairman Muhammad Tariq Malik made the remarks after the launch of “Tasdeeq service” on Thursday.

The five banks to revert back to using security questions include MCB, Allied Bank, Bank Al Falah, Bank of Khyber, and Soneri Bank while a number of other banks are trialling the idea.

Customers will be asked three verifiable personal questions in two attempts to be authorised. Support from the banking sector in offering this service has been well received by citizens.

The KYC system will be built on artificial intelligence (AI) to generate questions using collected personal data in the NADRA database.

 

UNDP tweets support to boosting national ID in 25 countries

UNDP tweets support to boosting national ID in 25 countries

In a tweet to its 1.8 million followers, the United Nations Development Programme (UNDP) said it is supporting the global effort to enable national ID in over 25 countries.

Encompassed in the UNDP’s mission is the goal to assign legal identity upon birth registration until death and build national ID systems to open up everyday services and opportunities.

The statistic from the World Bank and quoted by the UNDP that 1 billion people are still without a legal form of identification is a gross abandonment of basic human rights.

The Sustainable Development Goal 16 is to “promote peaceful and inclusive societies for sustainable development, provide access to justice for all and build effective, accountable and inclusive institutions at all levels.”

No identity

The UNDP is working towards achieving ID equity starting from governments adopting national ID programs and overseeing the issuance of National Identification Number s(NIN) and bearer documents. A NIN enables citizens to have unrestricted access to other public services which significantly improve livelihoods such as obtaining a Work and Resident Permit, Business Registration, Land and Property Registration, making financial and bank Transactions and enrolling for School or University.

On a local level, the UN Legal Identity project is making a real difference in small, third countries like Honduras where the program is focused on displaced peoples, minorities, the LGBTQI+ community and people with disabilities who are more excluded from having an identity.

UNDP said 5.4 million people are now enrolled in the new population database in Honduras, helping to build better citizen databases to enable voting. This effort significantly helped in the 2021 elections.

The Target 16.9 is to, by 2030, “provide legal identity for all, including birth registration.”

About 237 million children under the age of five do not have a birth certificate. And the shocking statistics permeate through a lot of third- world countries. Only half of 2.8 million Afghan refugees in Pakistan are registered under the Government’s database and countries like Rwanda, Mauritania, and Eswatini also face similar obstacles in obtaining digital IDs for their citizens.

Although it is a myth to suggest whole continents like Africa are not establishing digital identity programs and embarking on digital development. Nigeria has reached digital ID milestone, surpassing over 90 million NIN, demonstrating a unified approach to ID and a working ecosystem model.

Nigeria Digital Identity for Development (Nigeria ID4D) initiative is also in a support role “to strengthen the foundational ID system, and in the process, improve national data protection, bolster Nigeria’s digital economy and close the inclusion gaps in access to identification and related key services, while fostering inclusion for marginalised groups, such as persons living with disability, the rural poor”.

Ajay Amlani, SVP Americas, iProov

Ajay Amlani, SVP Americas, iProov

iProov, a leader of Genuine Presence Assurance technology, were exhibiting and Gold Sponsors at Identity Week America, in October.

Between taking to lively sessions and manning their busy stand, SVP Americas, Ajay Amlani had time to share their recent successful applications in this interview with Evie Kim Sing, Editor of IdentityWeek.net.

The last couple of decades have marked successes for iProov, namely their involvement in the US visitor program with the US Department of Homeland Security in 2003. Excited eyes were starting to take notice of biometrics and the myriad of benefits which this profiling technology could provide to businesses, personal security and more.

iProov were greeted in the US market with biometric solutions that recognised genuine users as well as bad actors without friction.

“The evolution of biometrics from a physical layout to a digital layout to allow remote involvement and application…has been a tremendous achievement for the industry itself”.

Genuine Presence Assurance ensures any anomalous user has a genuine identity and is authenticating in real time.

TrustID joins the Open Identity Exchange 

TrustID joins the Open Identity Exchange 

TrustID, market leader in identity verification, has joined the Open Identity Exchange (OIX) community to better understand the developing opportunities and to play a key role in the ongoing evolution of digital ID verification.

A specialist in the verification of identity documents since 2013, strengthened with biometrics, fraud detection and data checks, TrustID is trusted by thousands of HR, compliance, fraud, and security teams across more than 2000 organisations of all sizes in both the public and private sectors.

Thanks to its unique combination of leading technology and team of highly-trained human experts, TrustID was one of the first to be certified as an Identity Service Provider (IDSP) for the Home Office Right to Work, Right to Rent and DBS Digital Schemes.

David Park, Chief Strategy Officer at TrustID:

“The foundation of any digital identity is robust physical identity verification during enrolment. We believe our services will be more relevant than ever when it comes to issuing a digital identity. As technology evolves and remote, online, and digital identity verification become increasingly important, we are keen to identify new opportunities for the continued development of our services. The OIX community is a great place to be able to do that. As one of the first providers in the UK to be certified under the UK trust framework, we also want to be part of the collective OIX voice that is helping to shape the UK’s trust framework.”

Nick Mothershaw, Chief Identity Strategist at OIX,said:

“Our work is playing a key role in influencing and shaping trust frameworks around the globe, including the architecture of the trust framework in the UK, with the ultimate goal to ensure digital ID works well for every party in the digital ID ecosystem. We are delighted to be able to welcome TrustID to the OIX community and we are confident that they will bring as much valuable insight to our mission as we will to their vision and growth plans.”

The Open Identity Exchange is a non-profit trade organisation on a mission to create a world where everyone can prove their identity and eligibility anywhere through a universally trusted ID. OIX is a community for all those involved in the ID sector to connect and collaborate, developing the guidance needed for inter-operable, trusted identities. Through our definition of, and education on Trust Frameworks, we create the rules, tools and confidence that will allow every individual a trusted, universally accepted, identity.

TrustID is a leading IDSP, offering a range of accurate, affordable and easily accessible identity verification services that protect both private sector organisations and public sector bodies such as NHS Trusts and local authorities from exposure to fraud. Its identity checking products also support compliance with a wide range of legislation, including Right to Work, Right to Rent, Anti-Money laundering (AML) and Know Your Customer (KYC) legislation.

Regula Has Been Recognised by Gartner as an Identity Proofing Vendor

Regula Has Been Recognised by Gartner as an Identity Proofing Vendor

Gartner has recognized Regula, the global developer of identity verification solutions and forensic devices, for the second time this year.

The company appeared in the 2022 Gartner® report “Buyer’s Guide for Identity Proofing” as an example of a vendor that provides identity proofing solutions. This guide was created by the Gartner analysts to help security and risk management leaders better understand the nuances of identity proofing that various vendors introduce to the market and consequently make a balanced decision when choosing ID verification solutions. Previously, Regula was named a Representative Vendor in the Gartner® report “Market Guide for Identity Proofing and Affirmation”2 in 2022. Judging from the announcement, we believe the Representative Vendors are chosen based on frequent inquiries by Gartner clients about the vendor, or offerings with capabilities that are unique or innovative in the industry.

To mitigate online identity fraud, the Gartner Buyer’s Guide suggests organisations set a document-centric identity proofing process that is commonly known as “ID plus selfie.” This concept includes five consecutive steps: document image capture, document assessment, document data extraction, selfie image capture (with checks to eliminate a presentation attack), and face comparison.

What businesses can learn from the report is that paying careful attention to particular features when choosing an ID verification provider can help them ensure the quality and usability of the identity proofing process. Among the key features that make a big difference are the number of document templates in a vendor’s database (a larger number ensures the depth and quality of ID verification), the ability to read RFID chips in identity documents (considered to be the most reliable method of assessment), and the average percentage of selfie and document image recaptures (to make sure the user doesn’t quit the procedure). Finally, if the organisation has a global presence, it’s important to check that the solution’s language support is not only for Latin script.

Ihar Kliashchou, Chief Technology Officer at Regula notes: “It is a challenge for companies to incorporate solutions from multiple vendors into one system. At Regula, we have worked hard to make it possible for our customers to cover all the key stages in the identity proofing process with a single product, making it simpler for them. An entire document-centric identity proofing process which meets all business requirements can be easily set up with just one software solution”.

Digitalising Africa: Ghana and Benin start production of biometric licenses and registration

Digitalising Africa: Ghana and Benin start production of biometric licenses and registration

Ghana and Benin have followed in the path of many other African countries by creating biometric identification linked to car registrations and drivers’ licenses.

Benin launched a biometric driver’s license coupling as a national ID while Ghana generated a solution for car registration.  The rapid advancement of these technologies is solving almost all security needs, assigning assured identities to personal and businesses assets, access management and personal security.

As of January 2023, Benin has changed the requirements for car registration which now must encompass biometrics and national ID.

The National Agency for Land Transport (ANaTT) and Anip collaborated on the production of a biometric driving license that is designed more securely and robustly to prevent counterfeiting in comparison to the previous three layered physical card.

Drivers’ license will not be issued unless a NPI can be supplied as well as documentation confirming the results of blood tests and a driving certificate.

As part of a two step process, drivers’ biometric data will be collected to register the vehicle. The Ghana card will be the main form of ID required in the application.

Twitter user data exposed in apparent breach

Twitter user data exposed in apparent breach

Twitter HQ, under the new governorship of Elon Musk, has been generating even more headlines – this time relating to an apparent data breach.

Since his takeover for $44 million, there have been many publicity-seeking incidents led by Musk drawing attention to Twitter’s new era, however the breach appears to spell genuine trouble for Twitter that predates Musk.

200 million email addresses are thought to have been attained by hackers in the latest breach and posted to an online forum.

Twitter has remained silent about the breach which came to light on social media on 24 December although it is not officially confirmed that the data was hacked from Twitter. It is thought the cyberattack did happen.

The database was published to the hackers platform, BreachForums, on 4 February containing names and emails but not highly sensitive information. It follows a series of connected hacking attacks which were identified by a API vulnerability from June 2021 to January 2022.

In November, the data 5.4 million Twitter users was compromised including email addresses and phone numbers, which hackers attempt to sell on for $30,000 in July 2022.

In another scandal, a former Twitter worker was accused of actually working for the Saudi government to gather intelligence on Saudi dissidents to pass onto Bader al-Asaker. High-profile accounts have also been targeted in sophisticated bitcoin fraud. The timeline of Twitter data breaches dates back to January 2019.

ID Week Europe: Our Startup Village is already taking shape!

ID Week Europe: Our Startup Village is already taking shape!

Our Start-up Village is an important section of the conference which ensures a balance is struck between engaging the industry about the state of identity and creating viable routes for new companies to reach the marketplace.

2023 is already exceeding estimations. We announced in late 2022 that the event will be relocated to Amsterdam. Amongst our frequent attendees, we assessed a need and interest to move the conference to a more accessible location, which fits our growing needs. We event is bigger than ever – we hope you can join us at this new and improved venue!

A brand-new vast expo floor and modern stages will elevate our discussions and demos by our exhibitors. However at our core, we’re still focused on bringing together the most qualified identity experts in the industry which have a significant bearing on identity innovation.

Whether you’re a startup founder, enterprise looking to align with organisation strategies for digital identity, or vice versa looking to fulfil a tender with the best-in-class technology provider, Identity Week Europe fulfils expectations for all attendees.

Practical networking that leads to new partnerships, tenders, and deployments is our goal and renewed promise in 2023!

Meet people who would not normally be in your orbit and get new calls in your calendar.

Here’s a sneak preview of how our 2023 Identity Week Europe show is shaping up! 

Vendors include: iProov, IDEMIA, Muhlbauer, AU10TIX, Aware, Entrust, Cetis, FacePhi, Infineon, QOMPLX, OVD Kinegram, Thales, TECH5, Covestro, Melzer, Regula, Aratek and so many more.

See the full list here: https://www.terrapinn.com/exhibition/identity-week/sponsors.stm

Organisations include: Ofcom, Norwegian Labour and Welfare Administration (NAV), Finnish Immigration Service, IATA, Salesforce, Ministry of Justice Netherlands, AVPA, HM Passport Office, , Ministry of Justice and Security, Netherlands Government, European Commission, Women in Identity, United Nations, Netherlands Ministry of the Interior, Open Identity Exchange, Department for Digital, Culture, Media and Sport (DCMS), MOSIP, Document and Identity Investigation Office, Ministry of Justice and Security, Netherlands Government, National Office for Identity Data, European Parliament. 

The first 100 speakers will be announced next week!

Startups include: 

KYC Spider – digitising and automating Compliance

DuckDuckGoose – deepfake detection

DigiRoad (formerly NewBridge Technologies) – identification infrastructure of new generation

IAMX – the first Self-Sovereign Identity (SSI) solution provider to incentivise consumer activity and comply with the strictest security standards

PresentID – a seamless remote user ID verification solution through the combination of technologies developed in-house including ID Card OCR capture

walt.ID – web3 identity, self-sovereign identity (SSI) and NFT infrastructure for developers

Mark ID – complete identity and document verification solutions for user onboarding.

My Voice AI – speaker verification, anti spoofing, digit verification and emotion, gender and age detection

Mintelium – A mobile data bank that stores workers’ sensitive information privately and securely while granting organizations temporary access with the worker maintaining complete control and ownership of it.

Blue Biometrics – Contactless fingerprint scanner for law enforcement, financial services, digital identity

Clustdoc – Client Onboarding Software for Businesses

KYC Hub – end-to-end customer onboarding and screening platform

Truvity – next-generation digital trust management platform

brighter AI – The world’s #1 image and video anonymization

Do you have a story to tell, or insights to share with the industry’s most important decision-makers?

Join our line-up of leading identity experts from 13-14 June in Amsterdam for Identity Week Europe 2023. 

Open to industry experts, professionals, entrepreneurs, universities, R&D centres, associations and organisations — share your powerful ideas, case studies and innovative initiatives with the most influential members of the identity community.


Join our line-up of leading identity experts from 7 – 8 November in Singapore for Identity Week Asia 2023. 

Join our line-up of leading identity experts from Oct 3 – 4 at Identity Week America 2023.

Telcos consult EU Commission on identity-driven advertising platform

Telcos consult EU Commission on identity-driven advertising platform

Four of the largest telecom operators – Deutsche Telekom, Orange, Telefonica and Vodafone – have notified the European Commission about intending to start a joint venture into identity-driven advertising, which will assign digital identities to customers on networks. 

The concentration is under review until the 10 February pending approval from the European Commission. Copying the market of large tech companies, the EU Commission will review the creditability of the ID-network venture to uphold users’ privacy.

Operators will have to seek consent from regional mobile network users to “opt in” before leveraging their data to deliver targeted marketing and advertising campaigns.

The proposal was filed on 6 January 2023 and details have been published by the Directorate-General for Competition.

A secure “pseudonymized” token will be developed from an encrypted identity that relates to users who consent for their data to be used.

The tokenised identities, protecting the personal data of users, will optimise the delivery of personalised ads to network customers. The EC document also specifies that users across all the networks would have access to a privacy portal, containing information about privacy regulations.

All four networks will have equal shares and control over their marketing and advertising endeavours. In December, Meta’s targeted advertising plans were accepted but with a warning on adhering to privacy standards by the EDPB, a body that ensures GDPR compliance.

The largest tech companies delivering ID-network advertising campaigns, including Meta and Apple, are also being confined by data privacy concerns. Last year, Deutsche Telecom and Vodafone conducted trials to test-run the current proposal with a limited number of publishers and advertisers.

Data reveals demographic disparities in patient access to electronic health information (EHL)

Data reveals demographic disparities in patient access to electronic health information (EHL)

Digital identity is enhancing the open and trusted exchange of medical data between patients and healthcare professionals.

New data has highlighted the need again for secure networks enabled by patient federated interfaces.

In a disappointing statement, the study by healthITbuzz states that white patients are more likely to be offered and use a patient portal to their electronic health data, while ethnic patients who typically do not report not being offered portal access use other mobile apps.

54% of black patients were offered a patient portal as opposed 65% of white patients.

In 2019, the majority of hospitals and surgeries offered patient portals, however encouragement to use portals by providers differed between demographic groups, contributing to disparities in patient access.

Eliminating racial and ethnic disparities in patient portal offers should be the driving concern to ensure equity by design of federated access systems.

In 2020, ONC published the Cures Act Final Rule, which sought to advance patient access to EHI by calling for health IT developers to adopt application programming interfaces (APIs) that could enable patients to access their patient data using health apps via via their mobile device.

 

Source:  HINTS 5, Cycle 3 (2019) and Cycle 4 (2020)

Source: https://www.healthit.gov/buzz-blog/health-it/disparities-in-patient-access-to-electronic-health-information-insights-from-a-national-survey

NIST guidelines: management of digital identities online

NIST guidelines: management of digital identities online

The National Institute of Standards and Technology’s draft framework on how to manage digital identity architecture online has been published. NIST will accept suggestions on how the draft could be revised until 24 March.

Download the guidelines which provide the technical specifications for government digital identity services and platforms to authenticate online users. The guidelines encompass identity proofing and authentication of users engaging with government systems over networks. It revises risk management content pertaining to the challenges of implementing digital identity systems and providing services to all eligible people.

The objectives include emphasising optionality and giving customers choice over which digital identity or biometric technologies they wish to entrust their personal data to and use to verify their identity.

In a fourth revision, fraud and advanced threats are assessed against new authentication techniques for phishing attacks and regulation.

Click to access NIST.SP.800-63-4.ipd.pdf

Porn sites slapped with age verification rules

Porn sites slapped with age verification rules

Some U.S. pornographic sites are being forced to introduce tighter restrictions to curb underage viewing. 

The State of Louisiana is following in approach to the UK’s Online Safety Bill by legislating that porn sites must implement age verification processes to prioritise online safety for under 18s.

One of the most well-known porn websites, Pornhub, is now redirecting visitors from Louisiana to an age verification process before they can proceed onto the site.

Most sites will be able to sync with a mobile app called LA Wallet where users can upload a form of physical ID – a digitalised driving licence or a state recognised identity card – to prove their age.

The changes to the law, supported by popular culture singer, Billie Eilish, mean websites can be sued if they do not comply and hold total accountability for providing the content over young people who may access porn sites within the current laws.

The UK’s Online Safety Bill was one step ahead in cultivating a safer online environment for children and legislating age verification checks, however the bill is not inclusive of all forms of advertisements that can target children based on exploited personal data and algorithms.

Failing to act in accordance with the Online Safety Bill would result in fines up to 10% of a company’s annual worldwide turnover by the independent regulator Ofcom.

The Louisiana Age Verification Law is a welcome arrival in 2023 which takes action against the universal accessibility of the internet along with the harms of third-party sharing of personal data.

The law states strict guidelines over personal data privacy; any website “shall not retain any identifying information of the individual after access has been granted to the material”.

Only just last month, Republican US senator Mike Lee, from Utah advocated for another law to be passed mandating age verification checks across the whole of the U.S however this was hampered in part due to the belief in American constitutional rights to freedom of speech, hence lending different states to take varying degrees of action on this problem.

The legislation states: “Pornography contributes to the hyper-sexualization of teens and prepubescent children and may lead to low self-esteem, body image disorders, an increase in problematic sexual activity at younger ages, and increased desire among adolescents to engage in risky sexual behavior.”

“No internet service provider, or its affiliates or subsidiaries, search 2 engine, or cloud service provider shall be held to have violated the provisions of this law”.

Canada’s online streaming bill (C-11) was also amended to require age verification to access porn and received criticism for violating the constitution.

This story was originally published by the BBC. https://www.bbc.co.uk/news/technology-64153375

Rolando Kattan, President Commissioner, National Bureau, Registry of Honduras

Rolando Kattan, President Commissioner, National Bureau, Registry of Honduras

The spotlight on digital identity is cast over almost all places in the world now that have inhabitance. For the channels to exist between citizens and businesses and public entities, strong architecture of technology and serial authentication has to be the foundation for security.

 

This interview was conducted with Rolando Kattan, President Commissioner of the National Bureau, Registry of Honduras, who represents a small country in Central America where the spotlight regardless is shining bright on digital innovation to enhance citizens’ lives, the economy and bring administration to the cloud in the 21st century.

Honduras is the first nation in the world to have a secured citizen registry database in the cloud which enabled biometric fingerprint authentication to count the votes in last local election.

Working with the UNDP and World Bank, Kattan explains their efforts to digitalise public administration, already delivering a new ID card for citizens and the infrastructure so that citizens can authenticate to systems.

When asked how close Honduras is to achieving a national form of digital identity for everyone, Kattan said “we’re already there”.

Regardless of its physical size, it was fascinating to hear that Honduras is ticking many of the future requirements of the population in terms of digital government. Kattan says he prefers the term of delivering an efficient “automatic government”, rather than digitalising.

Ahead are the likes of Estonia, a country that has fully deployed a system of digital identity and transaction, whereas Honduras is beginning to develop a similar ecosystem.

“We come from a very small country but we say we come from the future!”, he says proudly.

It comes across during the interview that a main driver of growth and productivity for the government in Honduras is having the capability of installing data in the cloud and operating through every institution with biometric authentication. Documents such as birth certificates can be distributed automatically through scanning a digital id in the app to release the document in seconds.

Rolando also touches on compliance being essential in every step of the chain of value.

Questions asked:

1. What is your strategy to establish digital ID infrastructures to increase identity inclusion, and boost economic growth?

2. How close are we to achieving digital identity/ an official form of identity for everyone in society?

3. What sort of approach to innovation are you going to advocate in terms of how we can enhance secure systems, improve collaboration and consumer trust?

4. Why is it important to attend events like Identity Week America?

Bangkok delivers digital ID card on 10 January

Bangkok delivers digital ID card on 10 January

A state-issued mobile digital ID card in Bangkok will be available from 10 January. The e-ID card called D.Dopa will allow mobile users to verify their identity when accessing public services.

The Internal Affairs Ministry will be the only government department currently to make use of the ID card before further deployment will be considered to other government agencies and private bodies like commercial banks.

In 2021, Bangkok Bank launched a mobile ID verification service via the “atta” app which is compatible with devices of large mobile providers (AIS, DTAC and TRUE) to open a new account or apply for mobile banking without physically having to visit a branch. This facilitates transactions to a chosen payee using digital ID.

To continue making online banking a more convenient option of banking that can be done easily anytime, anywhere, it is likely that the digital ID card will be offered to customers of Bangkok Bank and others in the not distant future. 

It follows plans to digitalise identity documents for banking that the Digital Public Service Act proposes.

Online registration to access the relevant services requires a physical ID card too with the district office’s registry division.

Thailand also boasts a unique National Digital Identity Platform (NDID) that provides a secure method of identity verification with an ID that the user holds. Banks such as the TRD with the Bank of Thailand and National Digital ID Company develop a digital ID verification system based on NDID.

Tech demonstration calls for identity fraud verification solutions

Tech demonstration calls for identity fraud verification solutions

The Department of Homeland Security Science and Technology Directorate is inviting vendors with a solution to tackle identity theft and fraud to participate in a number of tech demonstrations in 2023.

The 2023 Remote Identity Validation Technology Demonstration will hopefully foreground solutions that can stop breaches in accounts and during the onboarding process when a user should be checked and authenticated. Security documents can also be duplicated, doctored or illegally manufactured with false information or passport images to allow a traveller to adopt a potentially dangerous new identity.

The technology demos will be spread out throughout 2023.

There is a higher percentage of new accounts being created and services that can be accessed without a company or government gateway system to warrant tests on newer technologies.

Arun Vemury, Lead of S&T’s Biometric and Identity Technology Center, explained that while a flurry of new tools have appeared on the market in recent years, which claim to authenticate documents and verify identity, there are “a wide range of questions about the performance and fairness of the technologies as well as concerns that bad actors could exploit weaknesses in the new process to commit fraud at scale”.

The performance of technologies will be tested against well-known and sophisticated types of attacks and evaluate fairness in commercial or government applications.

Vemury said: “In the past year, we’ve seen tremendous innovation from the identity and biometrics industry to adapt to new government and private sector identity needs”. “While we understand performance will vary among different technology providers, we need to develop measures to evaluate the performance and new risks associated with these capabilities.”

80 companies have so far registered their interest to join the demonstrations.

Solutions may fall in one of these categories:

  • A product that validates identity (e-)documents .
  • Innovative solutions to secure physical documents.
  • e.g. IDEMIA’s LASINK technology, https://identityweek.net/idemias-lasink-security-features-for-identity-documents/
  • A “liveness” selfie-taking application to estimate user’s age or enable face matching.
  • Face recognition vendor, Yoti and Meta announced a UK-wide facial age verification rollout across the social media platform.
  • Remote identity validation technologies, two-factor authentication.
  • Turkey is introducing a blockchain digital identity to verify citizens during login to public services.

Application instructions will follow, however the deadline to submit an initial application in the ‘Document Validation’ Track is 15 February 2023, with the vendor selection process taking place on 15 March 2023. Read the updates at IdentityWeek.net.

The closing date to enter the ‘Match to Document’ Track is to be confirmed.

Interested companies can visit https://www.dhs.gov/science-and-technology/remote-identity-validation-technology-demonstration. 

 

Public sector starting to realise the benefits of digital ID and facial recognition

Public sector starting to realise the benefits of digital ID and facial recognition

As digital ID and biometric technologies are outstaying their novelty touch and public scepticism, lots more commercial use cases can be identified in travel, banking, retail and media.

Governments too that offer vast public services to citizens require secure authentication – a definite reason why the public sector is now recognising the benefits of digital ID and face biometrics to improve all its functions.

A GlobalData report suggests that governments must implement stronger identity authentication to set the trend for private companies and explore new phenomenons like the metaverse.

IdentityWeek.net has reported on the government’s One Login digital identity program which will streamline over 48 different authentication systems used by governmental departments, migrating to a single login system. This new system will mitigate users of one account having to submit their information each time they access a service.

Driven by the sudden need for proof of vaccination status, governments have also developed e-certificates and COVID e-passports to meet short deadlines.

David Bicknell, Principal Analyst, Thematic Intelligence at GlobalData, says that ‘digital identity’s time is now”. “There are many possible use cases, from financial services to tracking and managing identities in the metaverse.  It took a global pandemic for governments to recognise that vaccination certificates on smartphones enabling foreign travel was the killer app that digital identity could deliver, and people could use, even if they might not recognize it as digital identity.”

“It is clear that decentralised identities will help deliver an identity revolution” he added. A revolution is already evident with many countries following the trend of establishing their own digital ID systems to curb fraud rates and common privacy threats.

India has the Aadhaar ID system; Nordic countries and Estonia formed the NOBID Consortium. Japan and China are leaders in surveillance technologies while building stoic digital economies. The EU Wallet is almost on the finishing line and remote ID checks on new workers and tenants in the UK can still be opted for as part of the UK’s Right to Work and Rent schemes.

These examples show the catalogue of changes that governments have made to scale digital ID innovation.

UK Policing 

The use of face and fingerprint biometrics has permeated through UK and Scottish policing and is leveraged as a regular tool in investigations. Biometric data has also been shared by the Home Office with U.S. aviation bodies (i.e. U.S. Department of Homeland Security) to make intelligence that could protect public security readily available.

The Times spoke to an ex-police chief, Tom Wood, who said that new policing methods need not be treated with reluctancy and doubt due to the great benefit on enhancing investigations.

Backlash about privacy has cast suspicion over fingerprint, CCTV and other surveillant methods. A retired Deputy Chief Constable for Lothian and Borders police, Tom Wood spoke about the  public’s perceptions of their freedoms, rights to privacy and consent over personal data being threatened by newer police tools.

All modern police practices “were cast as dire threats to civil liberties”  the article said. Bias and some inherent inaccuracies in the technology are issues to be addressed however this is vastly outweighed by police successes and other proven use cases.

In the Scotsman, Wood discounted the concerns stressing: “We must continue to embrace new technologies, including artificial intelligence and facial recognition”.

Stricter rules imposed in Scotland govern the police’s use of facial recognition technologies so that a balance can be maintained.between privacy and keeping people safe. Scotland’s Biometric Commissioner, Dr Brian Plastow, supports promoting good practice in our police forces but feels biometrics are completely justified to be used as an investigative tool at the police’s discretion.