We have a huge announcement to start your week relating to Identity Week Europe 2024, happening again in June!
Riccardo Koenig, Project Manager for Passports and Identity Documents at Federal Ministry of the Interior and Community is joining our talented speaker line-up on 11-12 June!
Riccardo will be speaking about Germany’s life enrolment journey, secure and accessible biometrics, and Germany’s highly accurate standard for ID.
The event keeps rallying the identity industry together and will return to a great location at the RAI in Amsterdam – a central European destination for identity players to discuss decentralised identity models, security matters, and streamlined authentication and verification.
The industry was united towards a common goal last year which was evident from the physical attendance – beating previous years – and the enthusiastic participation of all our identity experts, speakers and solution providers, who took real pride in networking at their stands.
This year is no exception, with opportunities across the event to have substantial discussions that ‘move the needle’ for identity advancements.
Don’t just watch the photos roll in on LinkedIn.. .be a part of the action and listen to industry insights from identity leaders from Germany, the Netherlands, Estonia, the UK, the USA, Norway, Iceland, Italy, Belgium, Austria…and so many more.
Authentikare, the latest innovation in digital identity verification, is setting new industry standards by emphasising user consent and transparency. This ground-breaking approach seeks to empower users, giving them unparalleled control over their personal data.
In an era where privacy concerns loom large, traditional verification methods have often resulted in the extensive sharing of personal details without explicit user consent. Authentikare tackles this issue head-on by implementing selective sharing and requiring user consent before any data is shared, ensuring that only the necessary information for verification is disclosed.
Whether it is confirming age or identity, Authentikare’s methodology minimizes privacy breaches by reducing the amount of personal information exchanged during the verification process. This not only enhances security but also places the power back in the hands of the user.
By advocating for transparency, Authentikare informs users upfront about what data will be shared, with whom, and why, redefining trust in the digital realm. This initiative represents a significant stride towards safeguarding individual privacy while maintaining the essential functionality of digital verification systems.
With these measures, Authentikare is at the forefront of creating a more secure and transparent digital landscape, prioritising user rights and establishing a new standard for ethical digital interactions.
The Customs and Border Protection has announced the launch of a new feature within its CBP One mobile application. This feature allows non-immigrants, who are required to complete Form I–94 during their departure from the United States, to voluntarily report their exit through the submission of biographic data, facial images, and geolocation data.
The CBP has branded the directive to collect biometric information from departing non-immigrants as a crucial and necessary step to close data gaps on entry and exit tracking. This innovative capability, says CBP, also endeavours to fully automate the collection of I–94 information, however their plan to expand the collection of biometrics has attracted some criticism.
Non-immigrants subject to I–94 requirements may take advantage of this voluntary service to submit their exit information and a live “selfie” photo through the app, verifying their departure from the country. Utilising geolocation and “liveness detection” software, CBP can confirm the non-immigrant’s location outside the U.S. and validate the authenticity of the photo submitted. The comparison of live photos with existing facial images retained by CBP will biometrically confirm an individual’s exit.
This development is particularly beneficial in the land border environment, where there is no mandatory requirement for non-immigrants to report their departure to CBP. Recording the exit as a biometrically confirmed departure in the Arrival and Departure Information System (ADIS), this feature serves as reliable proof of departure, which can also be utilised for air and sea exits.
Historically, CBP has encountered challenges in collecting comprehensive biometric data from departing non-immigrants, leading to inaccuracies in tracking whether individuals comply with their required departure dates. The advent of this biometric collection at both arrival and departure points is poised to significantly mitigate visa or travel document fraud and enhance CBP’s ability to identify criminals and potential threats more effectively.
Since 2004, CBP has experimented with various methodologies for biometric data collection during departures in both land and air environments.
Non-immigrants seeking to report their departure can now do so with ease, circumventing the previously burdensome methods which often resulted in inconsistent record-keeping and data collection issues. .
In a landmark initiative, the Ethiopian government, in collaboration with the National ID Program and the UN Refugee Agency, has launched a digital identification system for refugees and asylum seekers. This pioneering project, designed to integrate refugees into national systems, is currently being piloted in Addis Ababa, where refugees are being issued digital ID cards featuring a unique “Fayda” identification number.
The innovative use of biometric technology ensures the prevention of double registration and duplication of IDs, marking a significant step forward in the inclusion of refugees in Ethiopia’s national frameworks. Teyiba Hassen, Director General of Ethiopia’s Refugees and Returnees Service, hailed the initiative as a substantial move towards integrating refugees into national systems and providing them with access to government services.
The issuance of these digital IDs will empower refugees with access to essential services such as healthcare, education, and financial services, including the ability to open bank accounts and register businesses. Yodahe Zemichael, Executive Director at the National ID Program, emphasized that this initiative goes beyond mere identification; it acts as a gateway to dignity, legal recognition, and community integration.
This project, known as the “PING project” (PRIMES Interoperability Gateway), is a part of the World Bank’s Identification for Development (ID4D) project aimed at enhancing inclusivity and governance of national ID systems. It signifies a significant milestone in Ethiopia’s commitment, announced during the 2023 Global Refugee Forum, to integrate over 814,000 refugees into the National ID system.
Andrew Mbogori, UNHCR’s Representative in Ethiopia, expressed optimism that Ethiopia’s strides would inspire other countries across Africa. The phased roll-out of the Fayda ID system aims to cover the 77,000 refugees in Addis Ababa before extending to nearly 1 million refugees from South Sudan, Somalia, Eritrea, and Sudan residing in Ethiopia, Africa’s third-largest refugee-hosting country.
This ground-breaking initiative underscores Ethiopia’s role as a leader in refugee inclusion, setting a precedent for leveraging digital technology to support long-term solutions for refugees on the global stage.
Spanish regulators have listened to a chorus of countries dismissing Sam Altman’s cryptocurrency project, Worldline, over privacy concerns. Co-founded by OpenAI chief Sam Altman, the project, known for its unique method of using an eyeball-scanning device to collect users’ personal data, was rejected after investigations by France, Germany and Kenya.
Reported by The Financial Times, The Spanish Data Protection Agency (AEPD) has issued a directive for Worldcoin to cease the collection of personal data through its eyeball scans in Spain and to halt the utilization of data already collected, giving a 72 hour order to comply.
The decision marks Spain as the first European country to take definite action against the venture, motivated by worries over the collection of minors’ data. AEPD director Mar España Martí highlights the need for coordinated action within the European Union due to the project’s wide-reaching implications.
Worldcoin’s technology, which offers its cryptocurrency in exchange for eye scans to verify human identity, has raised concerns globally. The project, aiming to differentiate humans from machines in an AI-driven future, has seen investments of around $250 million from reputable firms and individuals. Despite its fast user growth and attracting attention, various countries, including Kenya and potential inquiries in the UK, have expressed apprehensions, primarily centred on privacy and data protection.
Amid the controversy, Worldcoin’s data protection officer, Jannick Preiwisch, criticises the AEPD’s decision as undermining EU law and misrepresenting the project’s technology. Yet, with Spain’s crackdown focusing on the ethical collection and use of biometric data, Worldcoin faces challenges ahead in balancing innovative technology with privacy protections.
Following the EU’s passing of the eIDAS regulation last week, the European Interoperability Framework has gained formal recognition to align more efficient digital public services across the EU interconnecting digital public administrations. The Council has now adopted the rounded legislation to drive a high level of interoperability across public digital services.
The regulation, like eIDAS, aims to set key commitments towards the EU’s digital transformation in terms of establishing shared interoperability solutions for digital and identity services.
A cooperation framework for EU public administrations will be drawn up to specifically enhance the seamless delivery of public services across borders.
After the landmark approval of eIDAS2.0 regulations for the digital wallet, IOTA Identity Platform seeks to harmonise decentralised identity management and blockchain with the EU’s successful digital ID initiative. The provision of digital wallets in 2026 will establish the pillar of many digital economies across Europe. IOTA wishes to align its solution with the end goal of developing the eIDAS regulation to introduce the wallet which will centralise decentralised mobile digital services.
IOTA offers a single identity management protocol that installs data protection and privacy by design.
Through the debate of eIDAS, citizens’ privacy and inclusivity across all digital services have been important considerations to obtain favourable votes.
Now that the regulation looks to become legislation, IOTA has promoted its trust attributes and compliance with data and privacy laws around the world to gain a stake in this project.
IDVerse, a leading provider of identity verification solutions, today announces the global launch of FraudHub, a groundbreaking product designed to revolutionise fraud detection and prevention for businesses worldwide. After two years of rigorous testing with global telcos and banking institutions, FraudHub is set to be available for general use for current IDVerse customers in early March, promising to set a new standard in fraud prevention technology.
FraudHub represents the next evolution of IDVerse’s acclaimed identity verification solution, offering businesses an additional layer of protection against repeat fraud attempts. Unlike traditional fraud detection systems which operate in isolation, FraudHub provides businesses with contextual insights by analysing patterns within their user base.
IDVerse’s CTO, Matt Adams, commented:
“INTERPOL has IFRS, but FraudHub is possibly the IFRS for the rest of us, empowering businesses large or small with cutting-edge, ethical face recognition security solutions that protect privacy.”
With FraudHub, businesses gain the ability to identify repeat fraud attempts by recognizing similarities in faces or ID details across transactions. This empowers businesses across all industries to proactively detect emerging fraud trends and mitigate potential threats to their platforms. By integrating FraudHub with IDVerse’s existing solution, businesses can stay ahead of evolving fraud tactics and innovate beyond emerging trends.
The launch of FraudHub heralds a new era in fraud prevention, offering businesses several key benefits, including:
Early detection and prevention:
FraudHub enables businesses to identify and prevent fraud attempts before they result in financial losses or operational disruptions.
Expanded arsenal against fraud:
By integrating FraudHub into their fraud prevention strategies, businesses gain additional tools to combat evolving fraud tactics effectively.
Focused on real threats:
IDVerse’s identity verification solution is adept at detecting sophisticated forms of fraud, ensuring that only genuine threats are flagged by FraudHub.
Streamlined operations:
The blocklist functionality of FraudHub will allow users to automatically flag new transactions involving previously identified fraudulent actors, streamlining the fraud prevention process.
FraudHub addresses critical challenges faced by compliance and risk teams, offering a comprehensive solution to reduce fraud attempts and mitigate financial losses. The new product enables businesses to detect and prevent fraud on a broader scale, thereby empowering them to safeguard their operations and protect their customers’ interests.
The Estonian Ministry of the Interior has decided to maintain the mandatory status of identity cards (ID-cards) until the EU digital wallet becomes operational. Despite calls for voluntary ID-cards, the Ministry of Economic Affairs and Communications (MKM) opposes the move.
Under existing law, all Estonian citizens must possess an ID-card, with the option to apply for a passport. However, a recent draft law proposed more flexible rules, allowing individuals to choose between an ID-card, a passport, or both.
Elen Kraavik, an adviser at the ministry, highlighted the growing adoption of mobile solutions over physical ID-cards. With e-services increasingly accessible via mobile devices, the need for traditional ID-cards has diminished. Kraavik emphasized that computers often lack ID-card readers, making the physical card cumbersome.
While ID-cards require replacement every five years, passports remain valid for up to a decade. The Ministry of the Interior contends that if citizens no longer require an ID-card, they should not be compelled to obtain one.
Madis Tapupere, head of digital state technologies, acknowledged the historical significance of mandatory ID-cards in Estonia’s digital transformation. However, he cautioned that voluntary mobile-ID solutions could impact critical mass adoption.
Despite the debate, approximately 840,000 Estonians hold citizen’s passports, and 1.1 million possess ID-cards.
Proposed legislation in Illinois aims to establish a mobile ID system, allowing residents to carry digital versions of their state IDs or driver’s licenses on their smartphones. Secretary of State Alexi Giannoulias has endorsed this forward-thinking bill, recognising the potential benefits it offers.
The bill enables the Secretary of State to issue mobile-based state IDs or driver’s licenses to eligible individuals. These digital credentials would serve as an alternative to physical documents and be bolstered in terms of security, as holders can selectively share relevant information with requesting parties without revealing unnecessary details.
Illinoisans can make changes to their personal information remotely, eliminating the need for in-person visits to government offices. This feature aims to reduce wait times and enhance convenience.
Giannoulias emphasises that Illinois intends to create the most secure and state-of-the-art mobile ID system. The state can collaborate with various agencies, including other states, the federal government, or private third parties, to issue, use, and verify these digital credentials.
Illinois’s proposed legislation aligns with Tennessee’s HB 2792/SB 2661, introduced in January. Both states recognise the importance of innovative digital ID systems while adopting a decentralised approach to citizens owning data. U.S. states may be finally embracing some aspects of a national identity by being collaborative over the use and inclusion of mobile IDs in smartphones.
Giannoulias also said that smartphones hold a haven of digital credentials and products to improve functionality within society and interaction with everyday services. Smartphones have been repositories for tickets, credit cards, and more. Most states are putting in the groundwork to build a “truly digital” mobile ID system and create digital products and services from the ground up, rather than just digitalising physical documents.
Criminals interacting with a ground-breaking chatbot on Pornhub could be deterred from attempting to search for sex abuse images of children, which do not exist on the platform.
Pornhub, the biggest free platform for adult content, has adopted the chatbot to alert and detect users that attempt to find these types of images.
The tool is designed to make the user consider the consequences of their actions and what digital footprint they could be leaving on the site, even though this illegal content is prohibited on Pornhub. Searches will not yield results.
Research by the University of Tasmania supports the idea that many people will be put off from completing harmful searches after seeing a warning message. Pornhub, the biggest free platform for adult content, has adopted the chatbot to alert and detect users that attempt to find these types of images.
Chatbots are a digital customer service tool used on many websites to enable a customer to get instant assistance from a bot rather than limited human resources. Pornhub’s chatbot is deployed to engage with users that attempt this illegal activity online. The static warning page signposts users to stop searches and even contact support channels.
The independent review found there was a decrease in the number of searches for sexual images of children on Pornhub in the UK during the time the chatbot was deployed.
In addition, the vast majority of users (82%) whose searches triggered a warning did not appear to search again for sexual abuse images of children.
President Biden will issue an executive order updating countries of “concern” that have no business or trading relationship with the U.S., for example, sanctioned countries like Russia.
President Biden’s motive for cutting off data-sharing agreements with countries of concern is to protect U.S. citizens’ personal data. The order will also safeguard other activities that could enable their access to Americans’ data and align big companies with a mass dataset of citizen data.
Sensitive information protected by the order will include “genomic data, biometric data, personal health data, geolocation data, financial data, and certain kinds of personally identifiable information”. Data exploitation by bad actors could be passed onto other scammers, data brokers and foreign intelligence services, violating the privacy of U.S. citizens outside of their own data protection measures.
The arrival of a KLM flightKL672 from Montreal to Schiphol Airport enacted a joint pilot by Canada and the Netherlands to give passengers seamless border checks using the Digital Travel Credential. The digital travel document, containing data from the chip of a passport, is being tested to shorten long queues in particular for intercontinental journeys.
The European Commission issued the request to practice the use case for easier border management as the end of the pilot approaches on 31 March 2024.
Passengers on the selected KLM flight were guided effortlessly through the final part of their journeys at the DTC Tap & Go border gate that used facial recognition.
The pilot has been led between the Ministry of Justice and Security, the Ministry of the Interior and Kingdom Relations and the National Office for Identity Data at the EC’s request, and IDEMIA is appointed as technology partner.
The participating airlines and airports that are adopting the DTC have been cooperative in the pilot too, namely Amsterdam Airport Schiphol, KLM, and the Royal Netherlands Marechaussee.
Other flights with matching departures from Canada and landing in Amsterdam are eligible to participate in the pilot as long as opted passengers hold a Belgian, Dutch or Canadian passport and are over 18 years of age. Passengers were invited by KLM to test the digital travel credential, and before travel enter their passport information and a facial photo at home via an app. This facilitated advanced checks before passengers reached the border at Schiphol.
At the airport, their face is scanned and the DTC is called up. The individual then presses their passport against the e-gate reader which assesses a match with their DTC.
Barry ter Voert, Chief Experience Officer and EVP Business Development at KLM commented:
“On a daily basis, we examine how we can make the passenger journey even more comfortable and enjoyable from start to finish. As an airline, KLM is responsible for passport checks as well as check-in and boarding. Digitisation provides an opportunity to make these checks faster and more efficient for our customers, starting from home. To do so properly, legislation and regulations are needed. That’s why are happy to be participating in the trial conducted by the Dutch government so that we can share our expertise and improve our services.”
One of the most important European regulations has been adopted today after a vote passing revisions to the eIDAS 2.0 proposal.
The amendments to the framework will unify standards for European digital identity services, in particular for the EU Digital ID wallet which will condense common digital credentials into one mobile application.
Businesses and government will build services into the wallet, having been sold on its interoperable and cross-border capabilities to improve users’ experiences.
As the standard has promised from the start of negotiations, adoption will be on a purely voluntary basis for EU citizens although traction of the wallet and its credentials has rocketed as digital services fully embrace verification.
Across converging mobile apps in the wallet, data collected, stored and processed by providers will be owned by the individual themselves.
The four main wallet pilots are expanded with the inclusion of “qualified electronic signatures” for users. The Cloud Signature Consortium advocates for e-signatures being a significant opportunity for the wallet, given the need for users to sign ID and other digital documents required by many sectors e.g. banking and travel.
RapporteurRomana Jerković commented on the standard, which will now be formally endorsed by the EU Council of Ministers to become law: “This legislation aims to empower citizens by putting them in full control of the use and sharing of their data. Digital identity has evolved from being a mere convenience to becoming a catalyst for civic involvement, social empowerment, and a means to foster inclusivity in the digital age”.
The DCMS has published a consultation where in-depth views were heard from members of the public on trust in digital identity products across the UK’s economy.
From the onset, the DCMS has appealed for the public’s engagement to provide the feedback, detailed below …
Participants contextualised their views on trust in relation to government and business, and managing trust during challenging social, economic and political situations such as, the COVID-19 pandemic.
The public dialogue favours important rules in the framework which hold identity service providers to achieving “usability, transparency, accountability and inclusivity in digital identities” and protecting data.
Digital identity service users felt that the collection of their data articulated a human behind identity processes and recognised their role in society.
Participants want to be assured that digital identity providers are motivated by public benefits of their technologies rather than by income.
Accountability and transparency should be at the core of trustworthy digital identity services.
Trust services and documents should be available to all in society.
Having control over their data is important to participants.
Giving an interview to the Financial Times, CEO Keily Blair describes “their incredible UK tech success story” after scoring their highest revenue.
At the helm of OnlyFans, Blair credits her background in “cyber, privacy and online safety” for helping to steer the “challenging landscape” that tech companies face whilst speaking cautiously about AI’s influence for creators and safety measures.
Blair sets a safe boundary for AI’s place on the platform, banning non-verified human creators from generating AI counterparts. However, once verified creators can leverage AI powers to create better content.
The interview showcases one leader’s astute understanding of how AI can be a double-edge sword. As a company, they will continue to allow real users to leverage the best parts of AI whist limiting AI-driven fraudsters from penetrating their IAM processes.
The company is dedicated to securely verifying every user on the platform through facial recognition technology.
Across regions where OnlyFans operate, a range of data is collected from the user from government-issued IDs and social media checks.
OnlyFans have introduced substantial changes to increase their alignment with the Online Safety Act.
The FIDO Alliance is consolidating the route for FIDO standards merging into the commercial payments ecosystem with the help of smart card company, EMVCo.
The authentication protocol is growing with global consensus between members for open standards based on passkeys. EMVCo’s product is a smart payment method underlaid with technical standards for secure transactions.
The duo will guide merchants, issuers and acquirers on how to submit and process FIDO authentication data under the standardised approach.
Merchants like EMVCo are adopting FIDO standards to create seamless, trust-bound e-commerce transactions in EMV 3DS secure messages. The whitepaper explores merchants using device-based authentication where any payments credential is bound to the trusted device to verify the credential is being used by the rightful cardholder.
The whitepaper suggests issuers require more data and control to validate cryptographic authentications, which should be transparent through a chain of trust between cardholder authentication, FIDO enrolments and FIDO authentication.
You can now download our first report by IdentityWeek.net on deepfake, morphing and AI trends.
We take a positive look at disruptive trends of Artificial Intelligence, not only generating deepfake attacks but powering the defence of biometric verification solutions.
Supported by the upcoming EU AI Act which will adopt a tiered-based risk system, the industry IS agreed on a balance of good and bad use cases surrounding AI.
Positives of AI-deepfakes:
Age-predicted deepfake images of missing people
Digital Twins for public figures
Google, Microsoft embrace digital avatars
Deepfake fraud more of a problem for organisations rather than users
Negatives of AI-deepfakes:
Deepfake media manipulating election messages
Increased circulation of fraudulent immigration/ travel documents used to human traffic
Sexual exploitation
Broken IAM for private and public sector
Find out more about these use cases. Thanks to our contributors of the first report – and we hope to collaborate with more identity experts for the next one!
France and Portugal have legalised digital documents – such as, mobile ID, passports, and driving licences – all in one go, making it necessary to issue a digital wallet.
The wallet incorporates digital credentials categorised under the four mainstream large scale pilots including payments, the travel DTC and eIDs.
The legislation to bring forth a digital wallet in these countries must be supported by both governments which have now agreed with other countries to unleash the benefits of mDLs and national IDs for global citizens.
According to BiometricUpdate.com, Portugal has given digital cards and documents the same legal grounding as physical IDs in the id.gov wallet app. Both apps, holding a limited number of digital credentials at this stage, will not integrate with other nation IDs.
In January, Denmark made multiple documents compatible with activating or logging into a MitID account from overseas. Several upgrades for MitID have been announced, which among them include a new and easier way of creating an app – by copying a new app from one device to another.
The upgrade mitigates the problems of having to input activation codes or scan a national passport; foreign passports, introduced in January 2024, and ID cards with a chip have been enrolled as documents to activate the MitID app online. A new MitID account can be created by transferring from one device to a second or third device, however a user may wish to activate a new MitID app by the following other ways: by scanning a passport and face in the MitID app or physically visiting the Citizen Service.
The Danish population and government has fully embraced digitalisation.
MitID.dk still provides users with a self-service solution but a QR code displayed within the app can scan the authentication tool over to different device.
MitID activation codes will be phased out, a fraud risk that can be disclosed to any criminal.
The Gold Standard for defeating AI Deepfakes.
You can now download our first report by IdentityWeek.net on deepfake, morphing and AI trends.
We take a positive look at disruptive trends of Artificial Intelligence, not only generating deepfake attacks but powering the defence of biometric verification solutions.
Supported by the upcoming EU AI Act which will adopt a tiered-based risk system, the industry IS agreed on a balance of good and bad use cases surrounding AI.