Securing another funding round led by Molten Ventures, data startup Worldr has reached $11m in seed investment.
Worldr surfaced in 2019 with zero trust architecture for high-profile communications platforms like Whatsapp, to help solve data compliance issues in the current climate of data breaches, geopolitical tensions and strict regulatory frameworks on privacy.
Worldr is pathing the way for data sovereignty when enterprises share information over communication and collaboration platforms, such as, Microsoft Teams, WhatsApp, Outlook and Slack, which has attracted funding help from Molten Ventures in its latest funding round. The company has also received funding from IQ Capital and Playfair Capital.
According to the latest statistics, this response is needed to combat an exponential rise in cyberattacks on organisations that occurred 31% more frequently in 2021 than in 2020.
The Worldr architecture offers enterprise-level security and compliance by storing all communications and files within the customer’s own environment. Bypassing a third-party provider’s own servers allows organisations to retain full ownership of their enterprise data, so employees can continue using the platforms they love without the added risk to their data.
The end solution will be a software-agnostic architecture that will operate to secure an organisation’s entire data environment to maintain data sovereignty and compliance, concerns with using Whatsapp in the workplace. Workplaces are curbing the use of private messaging platforms that violate data privacy laws.
Fines worth $1.8 billion have been issued across 16 US financial institutions but Wordlr’s data proposition enables businesses to enhance their open communication channels with the customer and stakeholders while balancing SEC, GDPR and FINRA compliance standards and retaining data privacy.
Max Buchan, CEO at Worldr, commented: “Data sovereignty has never been more important. The increase in cyberattacks, data localisation requirements, and scrutiny from regulators mean that it is no longer enough to blindly trust that collaboration platforms are keeping business communications secure and compliant. Companies rightfully want control of their data to protect themselves against operational, reputational and regulatory risk. This has not only fuelled demand for our zero trust architecture for Microsoft Teams, but we are also being challenged to apply this solution across an organisation’s entire software environment. This funding will be critical to helping us further this mission and scale to meet the demand”.
Leonora Ross-Skinner, Investor at Molten Ventures said: “The move towards zero trust and data sovereignty is becoming critical for any entity which deals with sensitive information. Worldr’s unique product set optimises for privacy, security and data protection with seamless integration into existing enterprise software. Crucially, with Worldr, data is controlled by the enterprise itself, marking an incredibly important step forward in data sovereignty.
“Having made several investments in the cyber and privacy space we really look forward to working with Max, his world-class team and our esteemed fellow investors to build a category-leading company with the fundamentals of security, privacy and data protection at its core.”
Worldr is headquartered in the UK and is setting up a new office in New York.
It plans to outreach to the Middle East, with a base already being set up in Dubai.
The organisers of industry-leading event Identity Week Europe have revealed the first 50 speakers for its 2022 edition in London this summer.
The speakers at the event, to be held 28-29 June at the Excel Centre, include high-profile executives from major firms and senior government representatives.
The list of leading biometrics and identity experts includes Herbert Leitold, Secretary General, Secure Information Technology Center at the Austrian Government, and Andreas Wolf, Principal Scientist Biometrics, Bundesdruckerei.
Others on the list include Pam Dixon, Executive Director of the World Privacy Forum, and Martin Ingram, Product Owner IAM, NatWest Group.
For details of early bird offers, you can also see here.
“We are BACK! Identity Week Europe is the #1 event to unite the Identity industry from across Europe and beyond, to share insights, opportunities and drive innovation in technologies and ideas related to identification, verification, and authentication,” noted the organisers in their statement.
Due to high demand, digital vaccine passports are rushed out worldwide. However, they often have serious data security and validity issues. Let’s see what some of these vulnerabilities are and how ID readers can help in spotting criminals exploiting vaccine passport apps with fake COVID certificates.
Keeping a document on you that proves you received the necessary doses of a COVID-19 vaccine can be a nuisance. However, more and more people accept it as the price of returning to normalcy.
As countries are reopening their borders, there is a justifiable demand for digital versions of our vaccine passports. And states are answering that demand as fast as they can. But due to rushing out these apps, many of them come with severe vulnerability issues.
In this article, we collected the most notorious cases. We also propose a viable option for spotting convincing but forged analog and digital vaccine passports.
Why Is Vaccine Passport Vulnerability a Risk?
We all know that there is no such thing as a perfect mobile application. In many cases, a bug is nothing more than a nuisance. However, vulnerability becomes a priority for apps that store sensitive data, such as the vaccine passport.
New York Times correspondent Ceylan Yeğinsu writes that the main problem is that a passport is a government-issued document for certifying personal data. So “many people fear […] handing over personal and sensitive health information that data controllers can easily abuse.” And unlike medical facilities where laws strictly regulate how such information must be handled, businesses outside the health industry can do whatever they want with our health data.
As such, digital COVID certificates should be bulletproof from the get-go. However, these apps had to be developed rapidly to lift travel and social restrictions as soon as possible This resulted in flaws of varying degrees of concern.
Examples of Known Digital Vaccine Passport Vulnerabilities
NYC Safe: One Photo to Fool Them All
It’s hard to tell from a printed vaccine passport whether it’s fake or not, let alone from a photo of the document. This was the case with New York’s NYC Safe application. Heavily criticized for being nothing more than photo storage for paper-based COVID passports, the application allowed individuals to upload any document, legitimate or forged. The weakness of the system became all too evident when it accepted a portrait of Mickey Mouse as proof of vaccination.
NYC Excelsior Pass Wallet: Fake Credentials
The infamous case of this U.S. digital vaccine passport for the citizens of New York State highlighted another type of risk. As discovered by the NCC Group, the NYC Excelsior Pass Wallet application allowed individuals to create and store fake vaccine credentials by simply scanning a phony document. Users could easily exploit the fact that the COVID certificate wasn’t appropriately verified.
Australia’s Express Plus Medicare: Replicating the Animated Validator
Ten minutes. This is all it took for Richard Nelson, a software engineer in Sydney, to expose the vulnerability of Australia’s Express Plus Medicare COVID-19 application. He also proved why QR codes are a must for vaccine passports. The main issue with the Australian COVID certificate is that aside from basic data, it features a supposedly unique animation to demonstrate the passport’s validity. Nelson could easily replicate this animation, allowing him to create as many fake digital vaccine passports as he liked.
Québec’s VaxiCode Verif: Forged Digital Signatures
Like many COVID certificate apps used worldwide, the digital vaccine passport issued by Québec, Canada, uses QR codes containing the necessary vaccination data combined with digital signatures. The digital signature features asymmetric cryptography, using two keys. Theoretically, this guarantees that the validator app doesn’t identify fake credentials as legit.
A cybersecurity expert still managed to fool VaxiCode Verif relatively easily. He generated a key pair and made the public key available at a given website. Then he created two QR codes. One was posing as a valid digital vaccine passport containing the public key and a plain fake COVID certificate. Then he presented the QR code with the public key to the app. It correctly rejected it as a valid COVID certificate but, simultaneously, forcefully downloaded the public key. After that, the app verified the other fake digital vaccine passport as being valid.
We should add that the app’s developers reacted quickly. Soon after the incident, they released a new version that eliminated the problem.
EU Digital COVID Certificate: Vaccinating the Dead
When it comes to the European vaccine passport, called the EU digital COVID certificate, experts usually praise it for implementing the strict privacy rules of the GDPR, especially from overseas. In fact, allowing member states of the EU to develop their own versions of the COVID certificate was a risk, which eventually paid off. That doesn’t mean there were no flaws, however.
Tim Berghoff of GData, a German computer security company, pointed out many issues with the EU certificate’s German version. We’ll highlight two:
In the case of paper-based COVID certificates issued by a pharmacy or a doctor’s office, the accuracy of the data transferred into the app wasn’t verified if the original. Cybersecurity experts managed to validate an EU vaccine passport even though it showed the same date for the test subject’s first and second vaccination.
Berghoff and his team could create a vaccine passport for Robert Koch, a German microbiologist from the 19th century. The EU COVID certificate had no problem validating the vaccination of a long-gone person.
Are Paper-Based Vaccine Passports the Answer?
Not quite. Granted, it seems like a logical step to forget digital vaccine passports and have our vaccination certificates in our pockets.
Like their digital counterparts, paper-based certificates were also rushed out. This led to analog vaccine passports being easily forgeable. In the U.S., the Centers for Disease Control and Prevention (CDC) issued a certificate with data written in ink. It isn’t surprising that scammers took their chance and flooded the black market with fake vaccine passports.
Consequentially, these fake certificates could quickly end up in COVID apps with minimal or no authenticity validation features. This allows unvaccinated people to enter places that require individuals to be vaccinated.
Verifying Vaccination Status
Application bugs and issues will always be discovered and eliminated sooner or later. This is what happened in the case the apps of Québec and the State of New York. Furthermore, virtual COVID certificates – at least those implementing digital signatures – are still more resistant to forgery than their paper-based counterparts. In any case, those who trust analog vaccine passports more should make sure they store them in a secure location.
If you are part of a business and have to verify the validity of digital vaccine certificates, there are two things you should consider. First, check, and double-check the document in front of you. Although some national and international vaccine passports do not feature advanced security solutions like digital signature, they are in the minority. The number of states requiring vaccine passports is rising. Many of them are likely not to accept vulnerable certificates as valid travel documents.
One way to verify that an individual isn’t presenting a fake COVID certificate is by cross-checking it with another ID document. An advanced automated ID reader like Osmond can verify a travel passport’s authenticity while also obtaining virtually all data from travel passports via optical character recognition technology, including the traveler’s name, country of origin, and many more.
About the Author
As an International Sales Manager at Adaptive Recognition, I am responsible for the business development in several countries all over the world. We are market leaders in the OCR based technologies industry, and my task is to help our partners, customers find the most suitable solution for their needs in the ID reading & verification technology.
Alcatraz AI, a leader in physical security technologies, announced today the release of their updated platform technology, Alcatraz Platform V2. The new update includes enabling 3rd Party Access Control System software integration, lowering minimum system requirements, and enhancing troubleshooting tools, which will bring a simplified, and advanced experience to Alcatraz AI customers. New, seamless additions to Alcatraz AI’s Platform will enable Alcatraz AI to continue its mission of bringing AI technology to every door for precise identity verification and bring the customers to the next level of security.
“Driven by customer insights, the latest major release of our platform includes an evolution of our backend software,” said Alcatraz AI’s Vice President of Product, Blaine Frederick. He continued, “It will provide integrators more flexibility when deciding how to deploy the solution on either Windows or Linux operating systems. Additionally, the new platform enables the Alcatraz API, which provides a mechanism for integrators and end-users to add enhanced custom functionality.”
Alcatraz AI is reimagining the way you enter secured spaces using your face as your credential. Alcatraz AI’s state-of-the-art product, the Rock, transforms access control by leveraging artificial intelligence and analytics to make powerful decisions at the edge. With features like touchless or multi-factor authentication, tailgating intelligence, and video at the door, the Rock makes companies’ physical security strategies future-proof.
Alcatraz Platform V2 will provide simplified installation on customer-provided infrastructure and simplified system upgrades and troubleshooting tools, improving the user experience in all aspects of installing and upgrading the Rock. Deploying the Alcatraz Platform and the Rock does not require a low-level software integration. However, the new platform enables deep software integrations to enterprise platforms such as the Tyco Software House C•CURE 9000 security and event management system from Johnson Controls. The Alcatraz API provides customers flexibility if they require tighter integration between Alcatraz and their Access Control System.
FacePhi, a company specialising in identity verification solutions and a leader in the Latin American banking sector, continues to strengthen its position in the region thanks to an agreement, signed and announced last July, with Cencosud Scotiabank, Cencosud’s financial credit arm and one of the largest retail conglomerates in the continent. This agreement meant, in turn, entry into the Chilean market for the first time.
The project developed by FacePhi and Cencosud Scotiabank is based on the adoption of digital onboarding technology, thanks to which customers of the financial services company Cencosud Scotiabank will be able to request a credit card in a process that is 100% online. This process will be carried out entirely from the user’s own mobile phone, requiring a photo of their identity document and a selfie. These two simple steps will be enough to apply for the card which, thanks to the combination of capturing the identity document through optical character reading with facial recognition, will quickly and securely verify the identity of the person who has requested the card.
“It has been a very exciting and high-tech project so far, in which we have never lost focus on continually improving our customers’ experience, as well as keeping all their information secure and private. FacePhi has become a strategic ally for us, both for its advanced technology and for its team, with a high level of commitment and responsibility,” highlights Ariel Espinoza, Manager of Digital Factory Cencosud Scotiabank
“It is an enormous satisfaction to have entered Chile with a company as emblematic as Cencosud Scotiabank, whose initiative in the digitisation process will blaze a trail in the sector for the next few years,” explains Jorge Sanz, CRO of FacePhi.
“Since FacePhi began, we have focused on offering our technology to the banking and financial sector, two highly regulated areas that require high security standards and where the adoption of measures that facilitate and simplify accessibility for the client is essential. This experience allows us to adapt our identity verification solutions to industries that, without a doubt, are going to progressively incorporate this type of technology in their relationship with the consumer, as is now the case in the case of financial retail,” he stated.
With this new agreement, FacePhi strengthened its presence in the Latin American region, where technology is a leading factor in the financial sector. Throughout this year, the company has earned the trust of large financial firms, operations to which it added its arrival in Chile, one of the few countries in the region where the company had not yet become established.
Cencosud Scotiabank is a financial services company among the most prominent in Chile, in terms of its placement and number of clients. In the last period, it has worked hard to position itself as a digital frontrunner in the industry, making all financial and self-management services available to its clients through its website and mobile applications, with high security standards and continuously improving agility in the processes involved.
Accounting outsourcing service Knopka has implemented Smart Engines technology for Russian passport recognition into its HR system. The service users now have access to the capabilities of the Smart ID Engine software product, which provides fast and secure entry of passport data, simplifying the process of hiring new employees. Knopka is an accounting outsourcing company with management accounting and legal protection for firms and organizations in Moscow and throughout Russia.
Now clients of Knopka for a new employee’s employment do not need to enter their passport data manually. The Smart Engines OCR will quickly and accurately extract data from the passport based on modern artificial intelligence technologies. Then it is automatically entered into the new employee’s account fields in Knopka’s customer HR system.
Smart Engines software products do not require any special skills from end-users. Flagship GreenOCR® technology provides high speed and accuracy scanning on scanned copies and passport photos taken from different angles and under other lighting conditions. The document in the image can be at any angle.
“Giving the user a useful hands-on experience means understanding modern standards and applying them in service development. Before using Smart Engines, customers spent up to 10 minutes entering data by hand. Now, this is not required, and the saved time can be devoted to solving the problems of your business,” said Evgeny Kobzev, co-founder of Knopka.
IDEX Biometrics has announced a proprietary software platform including a biometric card operating system (COS) and applets developed in collaboration with its partners jNet ThingX Corp., a Preferred Security Partner of Infineon Technologies AG. This software platform enables a full turnkey solution for biometric smart cards, reducing the complexity of card manufacturing, accelerating time-to-market, and lowering costs.
The IDEX turnkey solution is an extension of jNet’s Javelin EMV COS, which is based on Java CardTM, the world’s most popular and open application platform used to secure smart cards. The initial software release has been optimized for use with the highly-differentiated smart card reference design jointly announced earlier this year by IDEX Biometrics and Infineon Technologies.
The tight integration of this design enables fingerprint authentication with low latency, high accuracy, and excellent power efficiency. Full biometrically-authenticated EMV transactions can be completed in approximately 500 milliseconds end to end. The platform solution enables safe and easy user enrollment, secure storage of fingerprint templates, and rapid matching, all without any biometric data ever leaving the card. The COS is fully compliant with GlobalPlatform security standards and EMV interoperability requirements.
Card manufacturers leveraging IDEX’s turnkey solution can benefit from reduced time-to-market by six to nine months, while significantly cutting development and certification costs. The complete solution includes the hardware reference design including a proprietary passive inlay, a new COS, a suite of financial applets and a proprietary matching algorithm, deployed on Infineon’s latest secure element SLC38BML800 and accelerated by our proprietary TrustedBio ASIC. Fingerprint authentication is provided by IDEX Biometrics’ TrustedBioâ solution, which incorporates a fingerprint sensor, biometric functions, power management, and encrypted communications into a single module.
Vince Graziani, Chief Executive of IDEX Biometrics, adds, “This advanced software platform unlocks the differentiated performance of the IDEX Biometrics – Infineon collaboration. As a Preferred Security Partner to Infineon, jNet ThingX has experience with multiple generations of Infineon security devices making them the perfect development partner for our new software offering. This turnkey solution enables customers to quickly deploy fingerprint payment cards with industry-leading performance.”
The platform is available for customer evaluation now.
Argos KYC, Korean KYC/AML service company, has partnered with Smart Engines, an AI-powered ID scanning vendor, to perform OCR data extraction with greater speed and accuracy.
Argos KYC will use high-precision Smart Engines’ software for intellectual data extraction of ID cards, passports, and driving licenses. This partnership improves and secures automated identity verification that is crucial for Argos KYC. It aims to increase its efficiency and speed of verification while maintaining data security and privacy at the highest level.
Smart Engines’ ID scanning software based on edge-cutting Green AI helps Argos KYC perform OCR data extraction faster and more accurately. Smart ID Engine SDK automatically identifies the document type, precisely extracts data at various angles and lighting conditions, and provides instant ID scanning ability to mobile applications.
The speed and accuracy of OCR data extraction are possible through the state-of-the-art GreenOCR technology created by Smart Engines. This OCR extracts data of ID cards, passports, residence permits, and other identity-related documents in more than 100 languages, including Korean, Japanese, and Chinese, all Latin-based and Cyrillic-based European languages with all special symbols. The SDK minimizes CPU energy consumption and carbon footprint thanks to the framework of low-bit pipelines for deep neural network inference. With Smart Engines ID scanning, the customer’s data is processed securely without sending anything to external services.
“I have no doubts that positive experience with the KYC solution will enable further expanding the services based on ID scanning for our customers and to effectively apply legal, regulatory and operational measures for combating identity theft, money laundering, and terrorist financing,” – said Q Lee, CEO at Argos KYC.
“We are proud that our OCR performs exceptionally well for the Korean language. Our partnership with Argos KYC not only corresponds to the needs of their business but will help it to get in the head place among its competitors,” – said Nikita Arlazarov, Chief Financial Officer at Smart Engines.
Suprema, a global leader in access control and biometrics, today announced the successful integration of its biometric access control products with Genetec™ Security Center, a unified security platform that connects security systems, sensors, and data in a single intuitive interface.
Through this integration, Genetec™ Synergis™ (the access control system of Security Center) can be paired with Suprema access control devices to allow users to verify access credentials with fingerprints and facial recognition along with existing RFID cards and PIN numbers. Biometric data such as fingerprint and facial recognition records can be quickly registered through either the Security Center software or Suprema’s BioStar 2 software, with all data being synchronized in real time and transmitted to a server. The integration is suitable for enterprise level use, allowing up to 1,000 devices to be connected at once.
Suprema CEO Hanchul Kim said, “Through this partnership, customers of both companies can more easily build and operate biometric-based security management systems. We will strengthen our partnership to elevate our status as a global security leader.”
“The integration of Security Center Synergis with Suprema’s biometric access control solutions simplifies the architecture thereby enhancing the end user experience,” said Francois Brouillet, Product Line Manager, Access Control, Genetec, Inc. “This brings increased value to our joint customers and partners and further strengthens our long-standing relationship with Suprema.”
Morpho Labs, a software company committed to the development of open-source blockchain programs, and Shufti Pro, an AI-powered ID verification service provider, have signed a strategic partnership to perform KYC and AML checks on investors that wanted to fund the company with cryptocurrencies.
With global regulators imposing stringent KYC and AML requirements on the cryptocurrency industry in recent years, effective KYC solutions have become vital for streamlining compliance. AI-powered KYC and AML services delivered by Shufti Pro will assist Morpho Labs in maintaining compliance with regulatory requirements.
Automated ID verification solutions offered by Shufti Pro will monitor Morpho Labs’ investors, assuring the mitigation of financial frauds through cryptocurrencies. Shufti Pro’s AML screening solution verifies the crypto users by screening them against Politically Exposed Person (PEP) lists, global sanctions, and criminal watch lists gathered by regulatory bodies such as FINTRAC, FATF, AUSTRAC along with others. With the help of these services, compliance targets and digital ID fraud prevention will be achieved seamlessly in one go.
“Shufti Pro definitely helped us to perform KYC and AML checks for funds that invested In Morpho Labs with cryptocurrencies” stated CEO of Morpho Labs Paul Frambot.
Commenting on the partnership, the CEO of Shufti Pro, Victor Fredung said, “We are excited to join hands with Morpho Labs in delivering state-of-the-art KYC and AML solutions for the crypto industry. We believe this collaboration will certainly mitigate the risks of identity and monetary fraud for Morpho Labs and will assist them in staying compliant with global KYC and AML requirements”.
AI-based identity verification solution provider Shufti Pro currently offers ongoing AML monitoring and KYC services to more than 500 businesses worldwide, in industries including finance, banking, crypto, and fintech among others. The company has extended its services to 230+ countries and territories and has won various awards owing to an accuracy rate of 98.67%.
Investment company, Pure M Global, chooses ID verification service provider, iDenfy, to comply with KYC & AML regulations.
Convenient as it is, living in the digital world has its flaws. Cyber security, for one, is now more crucial than ever – both to meet regulations and protect against fraudulent actors.
Data security was the number one priority forPure M Global, a group of companies working in the forex, crypto exchange, and investment industry. It recognized the importance of safety and security in cyberspace, which has led the platform to seek a partner that could assist the company in this regard.
Joining forces with iDenfy, a company offering a safe and reliable identity verification method, proved to be sufficient – both companies share the priority of safety and security for their clients, and the customer onboarding process is now more secure and faster than ever.
Due to the partnership, the clients of Pure M Global can now feel safe in their transactions and enjoy efficient and reliable services. The company prides itself in a new way of trading, outlined by low market spreads and no requotes, real Straight Through Processing (STP) and Direct Market Access (DMA). In addition, the company will also be provided with a reliable method to perform CDD, resulting in enchanted detection and prevention of fraud.
“We are glad to have chosen iDenfy as our partner. Using their system made customer onboarding faster and more reliable. With fraud prevalent as it is, having an extra layer of protection is also crucial. And iDenfy has proven that it can deliver what we seek for and more,” said the CEO of Pure M Global.
“We look forward to working with Pure M Global that is maintaining high internal and external compliance standards, regardless of any outside regulators. Taking an extra step for safety and security is something we share. Thus, working together will be a delightful experience for both of us. We will do our best to keep Pure M Global and their clients satisfied,” said Domantas Ciulde, CEO of iDenfy.
FacePhi is taking the definitive leap towards leadership in digital identity verification with this multi-biometric, single solution recognition platform, which will be presented at Money20/20 Las Vegas, the largest fintech event in the world. The Spanish firm has launched its new modular platform, FacePhi Identity Platform, a flexible solution capable of combining different biometric solutions within the same tool and available in different architectures, with which to offer greater adaptability to needs in terms of regulatory compliance and particular requirements of any country, industry or use case where it is applied.
The development of this customisable, codeless platform represents an important evolution for the company, which moves from providing individual biometric solutions to providing a tool that allows each company or public entity to design, in a customised way and according to their needs, their digital onboarding processes and authentication. This modular solution incorporates control of operations in real time, a dashboard with the most important performance indicators (KPIs), as well as a record of transactions and statistics, among other functions.
The increase in cybersecurity and greater protection for the user in their digital interactions is another of the highlightable aspects of the FacePhi Identity Platform. Thanks to its combination of different biometric solutions, the platform offers authentication through multiple factors, and is more effective against fraud attempts and identity theft. Furthermore, continuing the philosophy of ‘ethical biometrics’ promoted by the company, the recognition performed by the technology will always continue to be consented to by the user and their information will be treated with maximum privacy -and in accordance with the applicable data protection legislation.
“The development of a multibiometric platform is a natural evolution for FacePhi, both because of our experience in designing different biometric solutions for identity verification and because of the change that our society is experiencing in its relationship with the digital environment,” explains Javier Mira, President and CEO of FacePhi. “In an increasingly digitised world, people need to interact with companies and public administrations more quickly, comfortably and safely, with the guarantee that their personal information will always be processed appropriately and with their prior consent. Our modular platform responds to the need to adapt to all types of casuistry and users, offering a flexible model that allows accessibility to various regions, industries and use cases.”
FacePhi is currently in an important moment of expansion, with the consolidation of its presence in South Korea, maintaining a strong leadership in its sector in Latin America and entering new markets such as Chile, Vietnam and Nigeria. In parallel, the company has grown in its structure, doubling its team of professionals in 2020 and currently employing more than 150 people. In the last year, the Spanish firm has also initiated a change in its marketing model through partners of great international relevance, expanding its ability to enter new markets and sectors.
After the presentation of its latest product, the company will remain at Money20/20 until the close of the current edition, which is being held in Las Vegas and will run until October 27th
–Socure, a leading provider of digital identity verification and fraud solutions, today announced that Matt Thompson has joined Socure as General Manager of Public Sector Solutions. In this executive leadership role, Thompson will accelerate Socure’s growth and enormous success by bringing private-sector best practices and industry-leading identity verification solutions to the public sector. Thompson is a recognized thought leader and innovator in the digital identity space, with a proven track record of successfully working with government agencies and leading large-scale digital transformation projects.
Prior to Socure, Thompson led IDEMIA’s Civil and Digital Identity Business in North America, where he led the company’s efforts to drive the industry-wide transition from physical to digital driver’s licenses. He is an innovator in the identity industry, having co-founded ID.me, where he led the company’s entrance into the public sector and healthcare industries. He has also been awarded three patents covering mobile biometric liveness detection, as well as tiered and third-party authentication.
Thompson joins Socure at an opportune time, as government online systems are heavily reliant on the ability to remotely and accurately verify the identities of citizens. But, as the pandemic drove citizens online, those systems failed on a massive scale with 2020 identity fraud losses in unemployment alone totaling $400B.
“I believe that identity is the driver of government digital transformation. The public sector continues to move more interactions online, while the proportion of those interactions that are risky is increasing and has been exacerbated by the pandemic. This isn’t a cresting wave — it is a rising flood of interactions, and the legacy ways of determining who is on the other end of an interaction for fraud prevention and inclusion aren’t sufficient,” said Thompson. “My goal is to replicate the success Socure has had in the commercial space into the public sector, because we have the industry’s most accurate and inclusive identity verification and fraud detection platform in the market to answer that need.”
Thompson also currently serves as President of the Board of Directors for the Kantara Initiative. The Kantara Initiative is the leading global community commons improving the trustworthy use of identity and personal data through innovation, standardization and good practice. He formerly served as the Chair of the Management Counsel for The Identity Ecosystem Steering Group in support of the Obama administration’s National Strategy for Trusted Identities in Cyberspace.
“The entire Socure team is excited to partner with Matt to build the deep and long-lasting government partnerships that are required to solve the identity verification and fraud challenges that are rampant in the public sector today,” said Johnny Ayers, founder and CEO of Socure. “He brings a tremendous wealth of experience and market credibility to this role, and shares a personal vision that it’s our civic responsibility to be the first to equitably verify 100% of good identities in real-time, while completely eliminating identity fraud for every transaction on the internet.”
U.S. Customs and Border Protection (CBP) announced today the expansion of biometric facial comparison technology to the pedestrian border crossings at Sweetgrass and Eastport, Idaho, as part of CBP’s land border innovation efforts.
“I am pleased to announce the deployment of biometric facial comparison technology to these additional border crossings along the Northern Border,” said Seattle Director of Field Operations Brian Humphrey. “This enhanced technology will further secure and streamline travel while providing a safe, touchless identification process for travelers.”
Simplified Arrival is an enhanced international arrival process that uses facial biometrics to automate the manual document checks that are already required for admission into the United States. This process provides travelers with a secure, touchless travel experience while fulfilling a longstanding Congressional mandate to verify the entry and exit of non-U.S. citizens.
The biometric facial comparison process occurs only at a time and place where travelers are already required by law to verify their identity by presenting a travel document. When a traveler arrives at one of the pedestrian lanes or undergoes I-94 processing, he or she will pause for a photo at the primary inspection point. A CBP officer will review and query the travel document, which will retrieve the traveler’s passport or visa photo from government holdings and compare it to the new photo.
This enhanced process using facial biometrics only takes a few seconds and is more than 98 percent accurate. In addition, foreign travelers who have traveled to the United States previously may no longer need to provide fingerprints, as their identity will be confirmed through the touchless facial biometric process.
CBP is committed to its privacy obligations and has taken steps to safeguard the privacy of all travelers. CBP has employed strong technical security safeguards and has limited the amount of personally identifiable information used in the facial biometric process. New photos of U.S. citizens will be deleted within 12 hours. Photos of most foreign nationals will be stored in a secure U.S. Department of Homeland Security database.
U.S. travelers and select foreign nationals who are not required to provide biometrics and wish to opt out of the new facial biometric process may simply notify a CBP officer as they approach the primary inspection point and request a manual inspection. These travelers will be required to present a valid travel document for inspection by a CBP officer and will be processed consistent with long established processes for admission into the United States.
Simplified Arrival pairs one of the industry’s highest ranked facial comparison algorithms (as assessed by the National Institute of Standards and Technology) with trained CBP officers who are skilled at verifying the authenticity of travel documents. If a traveler cannot be matched to a photo on record using the Simplified Arrival process, the traveler will proceed through the traditional inspection process consistent with existing requirements for admission into the United States.
To date, more than 100 million travelers have participated in the biometric facial comparison process at air, land, and seaports of entry. Since September 2018, CBP has leveraged facial biometrics to prevent more than 950 imposters from illegally entering the United States by using genuine travel documents that were issued to other people.
Yinda Infocomm announced during its Extraordinary General Meeting on 30 September 2021 that it will be changing its name to Totm Technologies Limited (“Totm Technologies”) while the stock trading code “42F” on the SGX-ST will remain unchanged. Along with the rebrand, comes a fresh focus for the business.
The leader of the business at the helm of Totm Technologies’ big ambitions is Mr Pierre Prunier, Chief Executive Officer & Executive Director. Mr Prunier was an early investor in InterBIO and since 2019 took on the role of Chief Strategy Officer. He is currently also a Director of InterBIO. Going forward, Mr Prunier will lead the Board in sourcing and assessing technology related investments.
“To support our vision to become a leading expert in Identity Management Solutions, especially in the space of Digital On-boarding and Digital ID, we selected the name Totm Technologies, which captures how a strong identity can inspire individuals and groups. This is a defining moment for the Group and this name change will better reflect our transformation into an identity management technology solutions provider. We look
forward to the future possibilities of growth and expansion for Totm Technologies, and to the contribution we can make across Asia Pacific and beyond with digital ID identity solutions for individuals, businesses and economies,” said Mr Prunier.
Alcatraz AI, a leader in physical security technologies, will showcase its state-of-the-art product, the Rock, at Connect:ID (Booth 309). This will be Alcatraz AI’s first time attending the conference, which is taking place at the Walter E. Washington Convention Center in Washington, D.C. on October 5-6.
Powered by machine learning, Alcatraz AI’s Rock operates autonomously to recognize your face as your credential, creating a seamless interaction between the individual and the Rock. The innovative technology solves the challenge of securing buildings and minimizing friction without impeding the movement of people because of its precise and fast authentication. The Rock also minimizes touchpoints and provides facemask verification to ensure COVID safety. The Rock’s technology is built to work anywhere – in data centers, healthcare facilities, schools and universities, financial institutions, stadiums, and more.
Alcatraz AI’s Rock, which combines advanced AI and 3D sensing technologies that provide facilities with enterprise-grade identity verification, is compliant with ONVIF standards. ONVIF certification allows Alcatraz AI to bridge the gap between access control and video management with a single device. Alcatraz AI’s Rock can function as an ONVIF camera and is certified with Profile S and Profile T to provide IP-based video streaming.
The Rock has the unique ability to effectively mitigate tailgating by detecting breaches in real-time and then preventing them. The solution can be configured to send an alert to the access control system (ACS) when an unauthorized user follows an authenticated user through a door. Alcatraz provides data on tailgating hotspots to support employers’ policy and stop breaches to ultimately modify physical security and access control.
“Our technologies provide a seamless solution to the most pressing security issues companies and organizations are facing today,” said Tina D’Agostin, CEO of Alcatraz AI. “As this is our first time participating in Connect:ID, we are looking forward to showcasing the unique capabilities of the Alcatraz AI’s access control technology to Connect:ID attendees.”
ForgeRock a global identity leader, today announced the pricing of its initial public offering of 11,000,000 shares of its Class A common stock at a price to the public of $25.00 per share. In addition, ForgeRock has granted the underwriters a 30-day option to purchase up to an additional 1,650,000 shares of Class A common stock at the initial public offering price, less underwriting discounts and commissions.
The shares are expected to begin trading on the New York Stock Exchange on September 16, 2021 under the ticker symbol “FORG”. The offering is expected to close on September 20, 2021, subject to customary closing conditions.
Morgan Stanley and J.P. Morgan are acting as lead book-running managers for the offering. Deutsche Bank Securities, Mizuho Securities, and HSBC are acting as joint book-running managers for the offering. BTIG, Cowen, Piper Sandler, Truist Securities, and William Blair are acting as co-managers for the offering.
Imageware, a leader in biometric identification and authentication, today announced a global partnership with TECH5, an innovator in the field of identity management solutions, to become a value-added reseller (“VAR”) for its solutions. Through this agreement, all TECH5 offerings will be available through integration with the existing Imageware product portfolio. In connection with this partnership, Imageware also announced today that it will be providing Security Identification Systems Corporation (“SISCO”), a leader in visitor management systems, with the Imageware Identity Platform, powered by TECH5 technologies, to enhance its product portfolio for the marine and visitor management industries.
TECH5 provides biometric algorithms and matching platforms for face, iris, and fingerprint recognition for use in both government and commercial enterprise solutions. TECH5 also provides innovative technology such as contactless fingerprint capture and Digital ID solutions protected by biometrics. As a VAR, Imageware will be integrating TECH5’s biometric technology across its products, which includes Imageware Proof, Imageware Authenticate, Imageware Identify, and the Imageware Biometric Engine and others.
Imageware has partnered with SISCO to add biometric identity management capabilities to the latter’s portfolio of visitor management and ship management solutions for the maritime and security industries. More specifically, Imageware will be adding facial recognition to SISCO’s mobile solutions for the cruise line industry through the Identity Platform powered by TECH5’s facial recognition biometric algorithm. As the provider of hardware and software solutions for roughly 40% of the cruise line industry, SISCO will be offering this product as an upgrade to existing customers as well as a differentiator for attracting new ones. Cruise lines using this solution can now leverage facial recognition technology for onboarding passengers and for emergency situations at muster stations, which greatly increases the convenience, security, and speed of both processes.
Imageware and SISCO will be jointly demonstrating this new solution on handheld mobile Android devices at the Annual SeaTrade Cruise Global Conference in the Miami Beach Convention Center on September 27-30 in SISCO’s booth #1910 in the Exhibit Hall. https://www.seatradecruiseglobal.com/en/home.html
“This strategic partnership with TECH5 enables Imageware to include accurate and fast biometric algorithms and technology into our products and augments our offerings for both the private and public sectors,” said AJ Naddell, SVP of Product Management & Sales. “TECH5’s suite of algorithms is highly-rated by NIST in several categories, and we appreciate the opportunity to work with their innovative team. Our strategic partnership with SISCO will serve as a strong calling card to highlight our joint capabilities with TECH5, and it enables us to provide leading biometric identity management solutions to new industries and use cases, including the marine safety and security industries and corporate visitor management solutions. We look forward to increasing our addressable market in the cruise line and marine industry and to further expanding our footprint across different verticals.”
Rahul Parthe, Co-founder, Chairman, and CTO of TECH5 added: “TECH5 focuses on providing leading and innovative biometric technologies, thereby enabling our key strategic partners like Imageware to provide industry specific solutions. We are very excited to work with Imageware as they can apply our technologies to many use cases in federal, state and local governments, as well as a multitude of private sector verticals. Using TECH5’s facial recognition technology as part of the Imageware Identity Platform to provide solutions for the cruise line industry and for enterprise visitor management systems demonstrates how Imageware can extend our solutions to even more markets.”
Anthony Zagami, CEO of SISCO added: “Increasing the speed and efficiency of ship-boarding processes and mandatory safety mustering exercises at the start of cruises is very important for customer satisfaction. These processes require considerable cruise ship staff resources and often delay the customers’ enjoyment of their vacations. This new biometric identification solution will save time and provide customers with more safe, satisfying, and secure onboarding and mustering processes.”
BIO-key International, a provider of identity and access management (IAM) solutions featuring Identity-Bound Biometrics, today announced the start of a Master Agent Referral Partner Program with Intelisys, a ScanSource company, and the nation’s leading provider of technology services and solutions. BIO-key will now be able to offer the first Identity and Access Management (IAM) platform as part of the solutions Intelisys provides to their network of partners. The relationship will help enhance BIO-key’s security practice and expand the company’s Channel Alliance Partner (CAP) program.
Earlier this year BIO-key announced an expanded Channel Alliance Partner (CAP) program designed to significantly broaden its global partner ecosystem and provide substantial new revenue opportunities for BIO-key and their partners. The continued momentum to BIO-key’s channel program with the announcement of the Intelisys partnership is a transformational move. Engaging in this Master Agent Referral Partner Program allows BIO-key to leverage their unique strengths to increase the opportunities with a variety of end customers.
The partnership with Intelisys includes the offering of the BIO-key PortalGuard® Identity-as-a-Service (IDaaS) platform, providing a hosted unified Identity and Access Management (IAM) platform. The platform offers an unmatched variety of choices to support an enterprise’s present and future IAM strategies, while delivering a superior user experience. These include workforce and customer multi-factor authentication (MFA), exclusive Identity-Bound Biometrics options, single sign-on (SSO), and self-service password reset.
“This is a great milestone for BIO-key as we continue to grow our channel program and ensure that we have geographic coverage in the top markets,” states Fred Corsentino, Chief Revenue Officer, BIO-key. “We look forward to working together with Intelisys to help solve security and identity and access management challenges for the enterprise as we look to a safer future.”
The British government has approached the public to consult on revisions to the Surveillance Camera Code of Practice. The code is part of the Protection of Freedoms Act which provides guidance on the appropriate use of CCTV by local authorities and the police. This is the first revision to the code since its introduction in June 2013.
AnyVision has responded to the Biometrics and Surveillance Camera Commissioner, Professor Fraser Sampson in an open letter entitled: “Facial Recognition Apps Should Be Provided to the Police with an Empty Database.”
Given AnyVision’s expertise in ethical facial recognition and commercial experience identifying persons of interest, including shoplifters, felons, and security threats, the company wanted to lend its perspective to the discussion and share several best practices on the application of ethical facial recognition to law enforcement settings.
AnyVision’s CEO Avi Golan wrote: “The ethical use of facial recognition is a thorny one and requires a nuanced discussion. Part of that discussion must explain how the underlying facial recognition system works, but, just as important, the discussion must also involve how the technology is being used by police departments and what checks and balances are built into their processes. We welcome an honest and objective dialogue involving all stakeholders to draft fair and balanced regulation.”
In recent years, face-based and object recognition systems have been adopted broadly before methods of due diligence have been fully thought through. The company agrees that the use of facial recognition or other biometric-based recognition systems need to be clearly justified and proportionate in meeting the intended purpose and should be appropriately validated.
First, it is important to highlight the unique characteristics and risk factors specific to police use of facial recognition technology. The most common use case for video surveillance is when police and other law enforcement agencies get a picture of a suspect from a crime scene and want to find out: “Who is the person in the picture?” That often requires an extensive database — one that could potentially include every human on planet earth.
This is very different from commercial use cases of facial recognition (e.g., within supermarkets, casinos, or stadiums) which are fundamentally asking a different question: “Is the person in the video a known security threat?” To answer this question doesn’t require a comprehensive database of all people, but rather a defined list of specific people who represent security threats.
In the company’s view, the path to fair and ethical use of facial recognition by police agencies is through adherence to three principles:
Empty Database: We recommend building their watchlists from the ground up based on known felons, persons of interest, and missing persons. Some facial recognition solution providers have scraped billions of photos and identities of people from social networks, usually without their consent. Unfortunately, this method of facial recognition has justifiably angered privacy groups and data protection agencies around the globe and damaged public trust in the accuracy and reliability of facial recognition systems. We believe that lists of suspects should be limited and justified. In this way, unjustified invasion of citizens’ privacy can be prevented, false arrests can be reduced and public confidence in the technology can be increased.
Safeguarding Data & Privacy: Many privacy advocates are justifiably concerned about how video surveillance systems capture and store data of innocent bystanders. At AnyVision, we don’t capture photographic images of people. The watchlists that comprise the reference data for our facial recognition algorithms are created and uploaded by our commercial customers – that is, they are created from scratch and specific to the security needs of that organization. The data that we capture is rendered using mathematical vectors that act as secure cryptography, preventing identity hacking even if data is stolen.
AnyVision goes a step further in safeguarding the privacy of non-watchlist individuals. We offer our customers the ability to activate “GDPR-mode” which effectively blurs all faces of people not explicitly listed on an organization’s watchlist. When this feature is activated, only individuals identified on the watchlist are visible — all other people in the camera’s field of view are blurred. Privacy Mode goes even further as it discards all detections of non-enrolled individuals. This means that police agencies cannot capture any metadata from non-watchlist detections which further protects the identities of bystanders. These advanced privacy features are designed to help organizations capture and collect data on individuals that is strictly necessary for the purposes of video surveillance (i.e., data minimization).
Lack of Operational Due Diligence: Police admit that facial recognition technology has been instrumental in helping crack some tough cases, but in the last year, there have also been claims of wrongful arrests. In many of these cases, the wrongful arrests were the result of a poor investigative process vs. shortcomings of the facial recognition software. Facial recognition is more than just the technology — it’s about having specific rules that helps the software understand how to process potential face-based matches. These rules must operate within established boundaries that protect an individual’s privacy and conform to compliance law.
Facial recognition software is designed to identify a handful of likely suspects based on potential matches to a reference database. However, a potential match does not mean that the police department is absolved from performing a proper investigation. It’s critical that the police use the technology responsibly and determine whether any of the potential matches should be investigated further based on appropriate due diligence procedures and following established protocols. When police take shortcuts and wrongfully arrest innocent people based on a supposed match without the necessary due diligence, it reflects poorly on the underlying facial recognition technology. It’s imperative to highlight the importance of human review and investigation when applying this powerful technology.
“AnyVision is willing to share its industry insights and best practices from our vast research experience with leading global players, including name-brand retailers, global hospitality, financial services and law enforcement agencies,” said AnyVision’s CEO, Avi Golan. “If the regulations set forth by the Surveillance Camera Code of Practice are committed to the principles outlined above, then law enforcement agencies can strike the right balance between solving crime and protecting the privacy of innocent citizens.”