Carey O’Connor Kolaja, CEO, AU10TIX

Carey O’Connor Kolaja, CEO, AU10TIX

Standard Chartered partnership introduces digital banks in Singapore and Indonesia

Standard Chartered partnership introduces digital banks in Singapore and Indonesia

A partnership between Standard Chartered Bank and FairPrice Group has launched new digital bank, Trust Bank, in Singapore with an investment of £400 million going towards a range of news products for customers including credit cards, savings account and personal accident insurance cover.

The investment has been provided by Standard Chartered Bank, FairPrice Group and NTUC Enterprise in a bid to further expand financial inclusion and digital economic prosperity in the APAC region.

Consumer rewards and security are some of the incentivising qualities of the business model. Consumers of the Trust Bank can access their account through the digital interface only, an app which incorporated with a robust technology platform provides a secure banking user experience.

Users can also have constant 24-hour communication with the Trust with integrated voice and messaging customer service bots.

Announced in January 2021, Standard Chartered also established a strategic partnership with commerce platform, Bukalapak to strengthen Indonesia’s digital banking landscape, since launching the a digibank-ing platform called BukaTabungan.

Victor Lesmana, President, Commerce & Fintech at Bukalapak commented: “BukaTabungan will be an interesting product because now, everyone in Indonesia within all levels of society will be able to access world-class digital banking services seamlessly and securely”.

BukaTabungan uses automation and security technologies leveraging AI, biometric facial recognition and E-KTP (Indonesia’s biometrics ID programme) validation.

Celebrus Releases World’s First No-Party Data Technology

Celebrus Releases World’s First No-Party Data Technology

Celebrus has released the world’s first no-party data technology. Celebrus CX Vault will allow customers to keep their information private and brands to deliver the relevant messages that customers expect in real-time.  

No-party data is defined as information gathering that does not use tracking, sharing, or cookies of any kind. It allows users to remain anonymous. Celebrus’ patent-pending no-party data solution is unlike anything on the market. The user stays anonymous throughout an entire session and no information is ever shared or sent to a server. 

“Many vendors talk about ‘cookieless solutions,’ but don’t have an answer for it. In studies around the globe, there are two competing forces: consumers demand privacy, but they also demand a personalised experience. Brands up until this moment have struggled with how to balance an approach to that, particularly with the increasing rate of opt-outs on devices. Celebrus CX Vault provides the industry’s only solution for putting the consumer back in control while ensuring brands can help build positive experiences along the way,” says Bill Bruno, CEO of D4t4 Solutions, the parent company of Celebrus. 

Celebrus CX Vault solves a challenge both consumers and businesses face in trying to find common ground in their expectations. Celebrus CX Vault recognises the context of a browsing session in real time and then applies machine learning to further determine and interpret user interest. It is an ethical innovation that meets privacy regulations and respects consumers who opt-out of cookie usage. A Pew report found 79% of Americans are concerned about the way companies use their data, while McKinsey research shows that 71% of consumers expect companies to deliver personalised interactions. This solution satisfies both and is a win-win for businesses and consumers. 

Pangiam Appoints Steven Greenway as President, Commercial

Pangiam Appoints Steven Greenway as President, Commercial

Greenway’s appointment to lead the Commercial division adds executive airline experience as Pangiam continues rapid growth

Pangiam today announced the appointment of Steven Greenway as President, Pangiam Commercial. In this role, Greenway will focus his more than two decades of commercial airline leadership experience on continuing Pangiam’s expansive growth in the secure movement of people and goods.

“Steven is among the world leaders in solving the unique business challenges in global commercial aviation and digital customer experiences,” said Kevin McAleenan, Pangiam’s Chief Executive Officer. “Pangiam is thrilled to bring the insight he has gained making airlines successful around the world to our customers and clients.”

Founded by a team of global trade, travel, aviation, and homeland security leaders, Pangiam is driving change across the aviation sector by applying innovation, emerging technologies, and the power of data to solve operational, facilitation and security challenges facing airlines and airports today.

Greenway has more than 20 years of global experience as an airline executive. His focus was often on digital leadership, loyalty, and rapid sustainable growth, with emphasis on guiding Low Coast Carriers (LCC). Steven was a founding member and Chief Commercial Officer for Peach, All Nippon Airways successful LCC; and Scoot, Singapore Airlines’ mid to long-haul LCC; plus, CEO of reward-U, the pioneering LCC loyalty/everyday program of HK Express. Most recently, he was President of Swoop, Canada’s first Ultra Low-Cost Carrier, and a subsidiary of the WestJet Group.

“Throughout my career, I have often focused on building ‘something from nothing,’ which is much like Pangiam’s mission to innovate around the art of what’s possible. I’m excited to be an integral part of guiding visionary solutions that promise to not only transform aviation and global travel, but many other industries as well,” said Greenway.

EU: ETIAS system pushed back to November 2023

EU: ETIAS system pushed back to November 2023

The EU’s European Travel Information and Authorisation System which was due to be introduced in May 2013 for non-EU visitors will now be delayed by an extra six months.

Once launched, non-European visitors with visa-waiver status between the ages of 18-70 will be required to submit an application for the ETIAS in order to travel to 26 countries in the Schengen Zone for up to 90 days.

The ETIAS is not a visa but an essential travel document which will be enforced on those applicable.

Back in 2016, tightened measures to pre-screen non-EU visitors and collect advanced data were approved by the European Parliament.

The Schengen zone is mostly comprised of European countries as well as Iceland, Norway, Switzerland and Liechtenstein. The UK’s departure from the EU means that Britons are now subject to the new rules.

Applicants must pay a $7 dollar fee for a 3-year permit and can expect a response to be returned to them within 4 weeks.

The new travel authorisation rules affect 1.4 billion in 40 countries that are naturally excluded from the EU or rejected being part of it. Some countries such as America, Albania, Australia and Canada currently have a visa-free arrangement to travel within the EU. In total, the scheme has been pushed back three times to the end of 2022 and now November 2023.

ETIAS will further streamline borders by increasing verification procedures people travelling from out the European Union, however, the delays to introducing the new requirements allow travellers to enter the Schengen Zone for a while longer.

More updates around the implementation will be given in the months before the ETIAS is now set to be implemented. Passengers will be eased into adapting to the new system while, although not confirmed, an initial 6-month grace period may come into effect. Early registration online is encouraged.

Customs and Border Protection must check credentials of biometrics partners

Customs and Border Protection must check credentials of biometrics partners

In recent months, a biometric entry-exit program led the Customs and Border Protection has got progressively underway using photo-matching technology to verify travellers across various ports of entry in the U.S.

According to reviews by the U.S. Government Accountability Office, more is needed to check and verify the credentials of solution providers that supply biometrics to U.S. border protection agencies in streamlining effective border systems.

The U.S. Government Accountability Office comments that partners, contractors and vendors should expect to prove their trust credentials in the tender process, as well as passengers having to comply with updated airport verification systems.

During a Homeland Security subcommittee hearing, Rebecca Gambler, Director of GAO’s Homeland Security and Justice team, revealed the CBP has conducted out 5 audit assessments of partners to ensure their technology can be approved in line with security and privacy policies. Three more audits are in process.

Gambler noted that while facial recognition technology is being deployed to at least one gate at 32 popular U.S. airports, matching live passenger images against a photographic database, a past GAO report from 2020 presents a juxtaposition with trust systems to audit partners. Only 1 of 27 of its then-partners were audited against the CBP’s privacy and security frameworks despite biometric technology coming onto the market in 2017.

In exchange for trust from travellers, audits must be carried out on biometric suppliers to earn public trust.

In 2019, a data breach involving a CBP contractor exposed the data of 184,000 travellers from a pilot biometric entry-exit scheme.

Sony unlocks in-camera forgery-proof technology

Sony unlocks in-camera forgery-proof technology

Today, Sony has today announced the availability of its in-camera forgery proof photo technology for corporate business users. Using digital signatures processed at capture, Sony technology supports to detect any modification to an image thus protecting it from fraudulent usage.

Following widespread issues with unauthorised editing and misconduct around digital photo data, Sony has developed forgery-proof technology, based on standard cryptography, for corporate users to safeguard images against future misuse.

With Sony’s in-camera signing mode activated, images are immediately cryptographically signed by the camera processor upon capture. Following this, any pixel modification, tampering or potential forgery will cancel the image signature, as the image manipulation will be detected by the customer’s own certificate server during examination.

Available on the Alpha 7 IV camera, with expansion to other models to be considered in sequence, this new functionality streamlines the lengthy process required from image submission through to verification, all with the addition of extra security.

The Alpha 7 IV also combines a 33.0MP full-frame back-illuminated Exmor R™ CMOS image sensor with BIONZ XR™ imaging engine to deliver high-speed processing and outstanding resolution.

Sony’s new forgery-proof signing mode ensures the secure creation and transmission of images based on cryptographic methods, as the fundamental need for certifying unmodified and secure images grows in many applications, across multiple industries.

This technology is particularly applicable for passports and ID verification but goes further in tackling image manipulation in the media, medical and law enforcement fields. For the insurance and construction sectors, this technology will offer a secure foundation for inspection and recording of damage​.

Yasuo Baba, Director of Digital Imaging and European Product Marketing at Sony, commented:

“It is Sony’s missions to strengthen business solutions with cutting-edge imagery technology and our in-camera digital signing is a real game changer for combatting image manipulation and forgery across multiple industries. Whilst appropriate adaptations for each industry need to be made, the digital signature is multilingual and can be used internationally, enabling organisations worldwide to streamline mandatory image signing with Sony technology.”

Currently compatible with the Alpha 7 IV, and subject to receipt of a license to enable Sony’s signing mode, this facility will be available for business users with plans for further model expansion to follow. In tandem, Sony will continue to examine how we can utilise our industry-leading imaging technology to further support enhanced security across multiple industries, with plans to expand the line-up of supported cameras hereafter.

Identity Week Europe: Are you ready for day 2?

Identity Week Europe: Are you ready for day 2?

Who’s ready for Day 2 at Identity Week Europe 2022? It’s your LAST CHANCE TO ATTEND!

All this and more in tommorow’s programme:

Keynotes

Jun 29th | 09:00am – Next Generation Travel Intelligence – The Frontex View

Uku Särekanno, Deputy Executive Director for EBCG Information Management and Processes, FRONTEX, European Border and Coast Guard Agency

Jun 29th | 9:20am – It’s all about the Human in the Loop: What will it take to achieve the Identity Ecosystem?

Kenneth Gantt, Deputy Director, Department of Homeland Security – Office of Biometric Identity Management (OBIM)

Jun 29th | 9:40am – The Future of Onboarding and Identity in Banking

Felimy Greene, Chief Operating Officer & Global Head, Onboarding, Consumer, Private & Business Banking, Standard Chartered Bank

Moderator: Alison McDowell, Co-founder and Director, Beruku Identity

Jun 29th | 10:00am – Transforming the ID&V process for better security using voice

Vijay Balasubramaniyan, Chief Executive Officer and Co Founder, Pindrop

Plus over 80 more sessions across our 6 stages, roundtables and show floor seminars.

Start-up Pitches

Hear the ‘elevator pitches‘ from our start-ups and discover the next identity unicorn 🦄

Kaizen Secure Voiz 12:00pm | MineSec 12:05pm | Optomel 12:10pm | PayBox 12:15pm | Premier Fintech 12:20pm | PureID 12:25pm | Quantum Dice 12:30pm | Schwartzthal Tech 12:35 | SelfyID 12:40 | Identy 12:45 | Spades 12:50pm | Syntric 12:55pm | Togggle 13:00pm | Gataca 13:05pm | Trovalo 13:10pm | Trustmatic 13:15pm | Umazi 13:20pm | Unissey 13:25 | Validient 13:30pm | Vipaso 13:35pm

Exhibitors

All of our exhibitors and sponsors are ready for day 2! There are over 250 identity solution providers, associations and press to meet. Tomorrow will be your LAST opportunity to make those valuable connections.

GET YOUR FREE PASS HERE

See you tomorrow!

Unlocking simple, safe, secure access control with biometric access cards

Unlocking simple, safe, secure access control with biometric access cards

Author: Maria Pihlström, Director, Global Marketing and Comms at Fingerprints

In mid-May Fingerprints was jointly exhibiting alongside Freevolt Technologies at IFSEC 2022, in London, one of the leading security events in Europe. Attendees at the show learnt how the two companies are combining their innovative tech to develop S-Key, Freevolt’s flagship biometric access card. To learn more, Fingerprints’ Marketing Director, Maria Pihlström sat down with Gonzalo de Gisbert, Freevolt’s Head of Product and Business Development.

  1. Please can you provide a brief overview of Freevolt and its flagship product, S-Key?

Innovation and R&D are a core part of Freevolt’s fabric thanks to its academic roots. It was first established as a spin-off from research completed at one of the world’s leading universities, Imperial College London, that was investigating technologies that can harvest radiofrequency (RF) energy from common networks (NFC, cellular, Wi-Fi). We are taking this ground-breaking research and using it to develop the next generation of biometric smartcards, which is seen in our flagship product: S-Key.

S-Key is a battery-less biometric smartcard providing stronger authentication for the access control industry. Because it is battery-less, drawing its power using Freevolt’s RF harvesting system, it requires no special software or changes of existing smartcard infrastructure, enabling it to work seamlessly with 3rd party systems e.g., HID, Salto etc. Another benefit of it being battery-less is that it comes with significantly lower costs. Once a card is deployed, it requires no charging or battery swaps. It also means no costly disposal processes or cell recycling.

Using Fingerprints’ solution, it offers all the benefits of biometrics from one of the world’s leading experts: enhanced security without sacrificing convenience, supporting worryless access.

Having built a smart card from the ground up, using our Freevolt energy harvesting technology, our company now has the opportunity to build on this platform for other use cases such as cryptocurrency, healthcare, payments etc.

  1. What do you think are the key issues facing the access control industry today?

Over the past couple of years, physical and logical access control strategies have had to respond to many new challenges. Flexible and distributed workplaces mean businesses have had to extend their enterprise cybersecurity settings to protect digital estates wherever and whenever employees are working. But it’s not just with cybersecurity where organizations need to rethink access control, as there are new physical security threats to tackle.

Lower footfall in offices means that it’s harder to know if someone you see should or shouldn’t be there. Pre-COVID if you saw an unfamiliar face in the office, you would be inclined to challenge that individual. After two years of remote and flexible working patterns, and with no sign that they will go away, new faces might be more common, and people may become more complacent. What’s preventing this ‘new face in the office’ from using a lost/stolen/borrowed/skimmed non-biometric access card or compromised credentials such as PINs and passwords?

Furthermore, access control strategies now must respond to hygiene worries around shared surfaces such as PINs and touchpads, urging the need for touchless solutions. Granting access through fingerprint verification on your card is a great way to unlock contactless 2-factor security measures without sacrificing convenience or hygiene.

  1. As a solution provider, what drove you to consider integrating biometric tech in S-Key?

We turned towards biometric tech as it is becoming increasingly common in our daily lives as consumers are attracted to the convenience and security embedded in their smartphones, PCs, and even smart locks. Also, given today’s security challenges, many are using biometrics to avoid relying solely on PINs, passwords and traditional access cards, which can be cumbersome and vulnerable, not to mention that they can also be stolen/hacked.

  1. What key criteria were on your list when you were searching for a biometric partner?

When we were searching for a biometric partner, we were looking not just at expertise, but also those that can also help us meet the unique objectives with S-Key.

We wanted a partner that was not only a general expert in sensors and biometric solutions, but someone who had experience in being a market leader across other verticals. We landed on Fingerprint Cards as they are exactly that, having a market leading position in the mobile phone market with a rich history in biometrics since the tech first started coming onto the scene. As such, we are able to channel Fingerprints’ expertise and innovative skills directly into our product, and also work closely with them taking into account the unique design challenges when integrating biometric sensors.

Traditionally, biometric solutions present a challenge with data protection, especially for regulations such as the UK and European GDPR. Yet with the S-Key, this is not an issue as we use the on-device approach championed by Fingerprints, where the biometric data is enrolled, securely stored, matched and authenticated on the card itself. That means no databases of data in the cloud. This supports S-Key’s ability to work seamlessly with existing infrastructure without the need for costly retrofits or software updates to handle biometric data. It also reflects our belief in privacy and that individuals should retain full control of their data. Being able to leverage Fingerprints’ software libraries alongside its sensors was key to developing a secure, privacy-first product that we would be happy to trust our own biometric data with.

  1. Beyond access control, what other potential use cases are possible with biometric cards and what’s on the horizon for Freevolt and the S-Key?

Our vision for S-Key is to bridge the gap between physical and logical access. You might come to work, using your card to get into the building, log onto your machine, release a secure printing job, etc. etc. We really see this unified solution as a key value proposition for widespread adoption.

We also have several other projects in the healthcare and cryptocurrency spaces whereby Freevolt really provides an edge, thanks to its ability to work with just about any RF power source using NFC. Think powering a card with your mobile phone to validate a transaction, or clocking in and out of work, etc.

It’s an exciting time for us here at Freevolt as we continue to invest in our core technology to keep it ahead of the market competition and explore new opportunities in the access control space. We’re glad to be working with Fingerprints as part of our journey.

IDW Europe 2022: Important updates to the Conference Agenda

IDW Europe 2022: Important updates to the Conference Agenda

We’re excited to announce the next wave of speakers that will take to the Conference stage this June:

👉 Duncan Faulkner, Fellow – Security Documents, Bundesdruckerei GmbH, Document Security Innovations

👉 Guido Brockmann, Head Of Product Management Sector, EU-Lisa, Biometrics in Travel

👉 Martin Ingram, Product Owner IAM, NatWest Group, Digital ID in Financial Services

👉 Martin Sandren, Manager, IAM Engineering, Ahold Delhaize, IAM in Supply Chains

👉 Claudio Kavrecic, Head of Centre of Excellence for Combatting Document Fraud, Frontex, Fighting Document Fraud

👉 Krzysztof Rusajczyk, Head of Onboarding, Vodeno, Digital Onboarding in Financial Services

👉 Benoit Poletti, Chief Executive Officer, Luxembourg delegate to ICAO TAG/TRIP and IATA CAWG, INCERT, Digital ID in Travel

👉 John Barnett, Senior Forensic Document Examiner, Homeland Security Investigations, United States, Security Document Manufacture

👉 Rafael Sanchez Gomez, Director, BBVA next technologies, Voice Biometrics

👉 Tim Speelman, Coordinating Policy Officer, Digital Identity, Ministry of the Interior and Kingdom Relations, Netherlands, Digital ID and Government

To learn more and book the event, click here.

.

.

INTERESTED?
Grab your Identity Week Europe Conference Pass for just £795 now before prices go up! Or bring a team of 3+ to get a further discount with our Group ticket option.

Iris secures $39.7 million contract add-on with Tanzania

Iris secures $39.7 million contract add-on with Tanzania

IRIS Corporation, an MSC-status technology innovator and leading provider of Trusted Identification (ID) products and solutions announced today that it has successfully inked a contract addendum worth US$39.70 million or approximately  RM167.61 million from Tanzania’s National Identification Authority (“NIDA”).  

The contract addendum signed between IRIS and NIDA entails the delivery of Tanzania e Identification (“eID”) cards and services for a period of 18 months, which is expected to provide  IRIS with earnings visibility over the contract delivery period.  

“I am very delighted with the contract to continue our services of delivering reliable and secure  national eID cards and services for the Tanzanian citizens. IRIS was first awarded with a contract by  NIDA to supply Tanzanian national eID cards and services in April 2011. Essentially, this addendum reflects highly on IRIS’ capabilities within the global Trusted Identification industry and is a  testament of confidence from international governments towards our expertise. Moving forward,  we will continue to make a conscious effort to grow our business both locally and internationally  while working towards delivering on our existing projects at hand. These projects will drive our  continued growth as we continue to pursue new opportunities in our targeted regions to help IRIS  maximize shareholders’ value,” said Shaiful Subhan, the Group Chief Executive Officer of IRIS. 

  

  

Celebrating the Women of Identity Week Europe

Celebrating the Women of Identity Week Europe

Identity Week Asia in call for speakers

Identity Week Asia in call for speakers

Identity Week Asia is back in person at the Suntec Convention Centre this year with 2,500 senior Identity professionals over two exciting days, under one roof.

The organisers said “Every day our industry is rapidly evolving and expanding into new verticals, new sectors, developing new threats and opportunities… NOW is the time to share your insights, experience and ideas with the wider Identity community and firmly establish your brand at the forefront of innovation”.  

 

 

 

Photo: Identity Week Asia 2019 – Pam Dixon, Executive Director, World Privacy ForumSPEAK AT IDENTITY WEEK ASIAWith panel discussions, round-tables and keynote slots still available, share YOUR knowledge with the industry this September. Call for speakers applications close 25 February 2022, submit an enquiry now.

 

 

KEY THEMES THIS YEAR:Document Security InnovationsID in Financial ServicesFighting Document FraudIdentity and Access ManagementSecurity Document Manufacture ​​​​​Digital OnboardingNational Identity InitiativesDecentralised ID and BlockchainDigital ID and Biometrics in TravelID in Payments and EcommerceID for CitizensContactless BiometricsTo enquire about speaking or find out more information, you can submit your details here or contact the Conference Director, Hassan.

INTERESTED IN BEING INVOLVED, BUT NOT AS A SPEAKER? Alongside our world-renowned conference is our exhibition, where you’ll be able to exhibit your products and solutions to an audience of highly engaged Identity buyers. Why not go further and truly maximise your return by sponsoring the event? ​​​​​Download the event prospectus here or make an enquiry below.

Guest post: Vaccine Passport App Vulnerabilities: an Overview

Guest post: Vaccine Passport App Vulnerabilities: an Overview

Due to high demand, digital vaccine passports are rushed out worldwide. However, they often have serious data security and validity issues. Let’s see what some of these vulnerabilities are and how ID readers can help in spotting criminals exploiting vaccine passport apps with fake COVID certificates.

As countries are reopening their borders, there is a justifiable demand for digital versions of our vaccine passports. And states are answering that demand as fast as they can. But due to rushing out these apps, many of them come with severe vulnerability issues.

In this article, we collected the most notorious cases. We also propose a viable option for spotting convincing but forged analog and digital vaccine passports.

Why Is Vaccine Passport Vulnerability a Risk?

We all know that there is no such thing as a perfect mobile application. In many cases, a bug is nothing more than a nuisance. However, vulnerability becomes a priority for apps that store sensitive data, such as the vaccine passport.

New York Times correspondent Ceylan Yeğinsu writes that the main problem is that a passport is a government-issued document for certifying personal data. So “many people fear […] handing over personal and sensitive health information that data controllers can easily abuse.” And unlike medical facilities where laws strictly regulate how such information must be handled, businesses outside the health industry can do whatever they want with our health data.

Panda Security, a manufacturer of antivirus solutions conducted non-representative research regarding vaccine passports, It turned out that 56% of the people worry about the security of their data. Unfortunately, they have every reason to fear falling victim to data theft. In the early stages of the COVID-19 pandemic, four U.S. states suffered from cyberattacks targeting unemployment benefits applicants.

The results of Panda Security's study, showing that 56% of people have concerns for their data's safety
Courtesy of Panda Security

As such, digital COVID certificates should be bulletproof from the get-go. However, these apps had to be developed rapidly to lift travel and social restrictions as soon as possible This resulted in flaws of varying degrees of concern.

Examples of Known Digital Vaccine Passport Vulnerabilities

NYC Safe: One Photo to Fool Them All

It’s hard to tell from a printed vaccine passport whether it’s fake or not, let alone from a photo of the document. This was the case with New York’s NYC Safe application. Heavily criticized for being nothing more than photo storage for paper-based COVID passports, the application allowed individuals to upload any document, legitimate or forged. The weakness of the system became all too evident when it accepted a portrait of Mickey Mouse as proof of vaccination.

NYC Excelsior Pass Wallet: Fake Credentials

The infamous case of this U.S. digital vaccine passport for the citizens of New York State highlighted another type of risk. As discovered by the NCC Group, the NYC Excelsior Pass Wallet application allowed individuals to create and store fake vaccine credentials by simply scanning a phony document. Users could easily exploit the fact that the COVID certificate wasn’t appropriately verified.

Australia’s Express Plus Medicare: Replicating the Animated Validator

Ten minutes. This is all it took for Richard Nelson, a software engineer in Sydney, to expose the vulnerability of Australia’s Express Plus Medicare COVID-19 application. He also proved why QR codes are a must for vaccine passports. The main issue with the Australian COVID certificate is that aside from basic data, it features a supposedly unique animation to demonstrate the passport’s validity. Nelson could easily replicate this animation, allowing him to create as many fake digital vaccine passports as he liked.

A Set of Vaccine Passports Showing Their Respective Status Screen

Québec’s VaxiCode Verif: Forged Digital Signatures

Like many COVID certificate apps used worldwide, the digital vaccine passport issued by Québec, Canada, uses QR codes containing the necessary vaccination data combined with digital signatures. The digital signature features asymmetric cryptography, using two keys. Theoretically, this guarantees that the validator app doesn’t identify fake credentials as legit.

A cybersecurity expert still managed to fool VaxiCode Verif relatively easily. He generated a key pair and made the public key available at a given website. Then he created two QR codes. One was posing as a valid digital vaccine passport containing the public key and a plain fake COVID certificate. Then he presented the QR code with the public key to the app. It correctly rejected it as a valid COVID certificate but, simultaneously, forcefully downloaded the public key. After that, the app verified the other fake digital vaccine passport as being valid.

We should add that the app’s developers reacted quickly. Soon after the incident, they released a new version that eliminated the problem.

EU Digital COVID Certificate: Vaccinating the Dead

When it comes to the European vaccine passport, called the EU digital COVID certificate, experts usually praise it for implementing the strict privacy rules of the GDPR, especially from overseas. In fact, allowing member states of the EU to develop their own versions of the COVID certificate was a risk, which eventually paid off. That doesn’t mean there were no flaws, however.

Tim Berghoff of GData, a German computer security company, pointed out many issues with the EU certificate’s German version. We’ll highlight two:

  1. In the case of paper-based COVID certificates issued by a pharmacy or a doctor’s office, the accuracy of the data transferred into the app wasn’t verified if the original. Cybersecurity experts managed to validate an EU vaccine passport even though it showed the same date for the test subject’s first and second vaccination.
  2. Berghoff and his team could create a vaccine passport for Robert Koch, a German microbiologist from the 19th century. The EU COVID certificate had no problem validating the vaccination of a long-gone person.
Example of a Vaccine Passport

Are Paper-Based Vaccine Passports the Answer?

Not quite. Granted, it seems like a logical step to forget digital vaccine passports and have our vaccination certificates in our pockets.

Like their digital counterparts, paper-based certificates were also rushed out. This led to analog vaccine passports being easily forgeable. In the U.S., the Centers for Disease Control and Prevention (CDC) issued a certificate with data written in ink. It isn’t surprising that scammers took their chance and flooded the black market with fake vaccine passports.

Consequentially, these fake certificates could quickly end up in COVID apps with minimal or no authenticity validation features. This allows unvaccinated people to enter places that require individuals to be vaccinated.

Verifying Vaccination Status

Application bugs and issues will always be discovered and eliminated sooner or later. This is what happened in the case the apps of Québec and the State of New York. Furthermore, virtual COVID certificates – at least those implementing digital signatures – are still more resistant to forgery than their paper-based counterparts. In any case, those who trust analog vaccine passports more should make sure they store them in a secure location.

Osmond Smart ID Reader and Scanner Banner

If you are part of a business and have to verify the validity of digital vaccine certificates, there are two things you should consider. First, check, and double-check the document in front of you. Although some national and international vaccine passports do not feature advanced security solutions like digital signature, they are in the minority. The number of states requiring vaccine passports is rising. Many of them are likely not to accept vulnerable certificates as valid travel documents.

One way to verify that an individual isn’t presenting a fake COVID certificate is by cross-checking it with another ID document. An advanced automated ID reader like Osmond can verify a travel passport’s authenticity while also obtaining virtually all data from travel passports via optical character recognition technology, including the traveler’s name, country of origin, and many more.

About the Author

Balázs Molnár

Hungary

As an International Sales Manager at Adaptive Recognition, I am responsible for the business development in several countries all over the world. We are market leaders in the OCR based technologies industry, and my task is to help our partners, customers find the most suitable solution for their needs in the ID reading & verification technology.

View profile

SensoryCloud.ai Launches Cloud-Based Voice and Vision AI Services

SensoryCloud.ai Launches Cloud-Based Voice and Vision AI Services

Sensory Inc., a Silicon Valley innovator of machine learning solutions for speech recognition and biometric identification, announces the beta release of SensoryCloud.ai, a complete AI as a Service platform designed for processing voice and vision AI workloads in the cloud. Leveraging Sensory’s decades of experience with voice and vision AI, the SensoryCloud platform is launched with AI services such as Speech to Text, Sound Identification, Wake Word Verification, Face Verification, and Speaker Identification. Additional services and updates will be offered throughout the year.

With SensoryCloud, customers are offered a cloud AI platform that puts them in full control with a focus on flexibility and accuracy. Customers get complete control of how their AI solutions are deployed and how the data is managed and accessed. SensoryCloud delivers a language- and platform-agnostic AI inference engine wrapped in a highly-developed API. Further, the AI experts at Sensory leverage both open-source and proprietary solutions to ensure best-in-class performance and is delivered in containers through an API or light-weight SDKs.

SensoryCloud AI as a Service Includes:

  • SensoryCloud Speech to Text (STT) – A world-class GPU-accelerated speech recognition engine that can be quickly customized to process application-specific jargon. Ideal for either streaming or batch-mode operations with typical word error rates within trained domains of less than 5%.
  • SensoryCloud Wake Word Revalidation – Leveraging the experience of Sensory’s expertise in wake word detection, the cloud-based verification of custom, branded wake words enable up to a 90% reduction in false alarm events.
  • SensoryCloud Sound Identification – Offers an extensive library of sounds with a multi-stage approach optimized for speed, efficiency, and accuracy. Developers can quickly train and learn custom sounds, in addition to the standard sounds like alarms, sirens, breaking glass, crying babies, coughs, sneezes, doorbells, and more.

Sensory historically focused on AI on the edge. However, many embedded clients indicated a strong desire for cloud solutions with degrees of freedom not available from the typical cloud service providers. “We have a history of building fast and accurate AI models, and we paired this capability with some of the brightest and freshest minds in the cloud industry,” states Todd Mozer, Sensory CEO. “The result is a hybrid cloud platform that uses state-of-the-art AI to address customers unique needs for control, flexibility, cost, accuracy, reliability, features, latency, and privacy.”

 

Why banks are staking their reputation on digital identities

Why banks are staking their reputation on digital identities

Yuelin Li, VP Strategy at Onfido

Identity is at the heart of the financial services industry. Everything from applying for a credit card to closing an account is underpined by the idea of identity; it serves as the conduit to building trust between banks and consumers, while maintaining security of accounts and transactions.

In every financial interaction, banks must be confident that they can correctly establish a customer’s identity without error. Yet, in an increasingly digital world, this is becoming both difficult and expensive to achieve. Managing digital identities in a way that ticks all the boxes requires compliance with regulatory standards, robust fraud prevention, and a smooth end-user experience.

Let’s get digital

To realise the value of digital identities, it’s important to understand the digital backdrop of financial services. Recently, there has been a significant shift towards bringing financial interactions online-first, which for financial services, can be traced to three defining reasons.

Firstly, digitally-led banks have kept traditional institutions on their toes, forcing them to adapt. These industry disruptors have reported over 40% user growth during the pandemic alone, growing to 29 million users in the US alone. Naturally, to maintain the share of the market that legacy banks have, they must look to review, revise, and enhance the experience they provide.

Adding to that, the Covid-19 pandemic has rapidly accelerated the digital banking movement. Recent research shows that in 2020, 82% of all financial deposits were made digitally, largely due to the closure of physical branches and the safety and convenience of online services.

Finally, the vast competition from non-financial actors has made this market incredibly tight. Fintech and payment providers, as well as the entry of big tech, can now offer frictionless self-service, mobile, and 24/7 banking. This is a good indication the digitisation of the financial services industry is here to stay.

Traditional banks are incompatible with modern life

Despite this confidence and interest in digital banking, banks are falling down when it comes to the identity experience. How many leverage customer identities today is unfit for the digital age; the process is often slow, inconvenient, and at times unsecure. Fundamentally, this prevents them from building customer trust and loyalty in the long-term. Critically, Gen Z and millennials are aware of this incompatibility. More than a quarter of millennials have never visited a physical bank branch, and this figure is not set to change. As a primary demographic target, financial services, including banks, cannot afford to lose their

trust by implementing identity checks that could be found in a physical branch over a decade ago.

For instance, those identity checks conducted in person or via a database check with authentication heavily rely on usernames and passwords, KBAs or call centres, which is not synonymous with modern financial services. These ‘all or nothing’ approaches to data comparability is vastly different to the technology available – and expected – in services today. With one in three customers now opting to open bank accounts digitally, banks must reflect these behaviours if they want to remain relevant.

Reshaping the culture around identity in banking

Forward-thinking banks are adopting a digitally-forward approach to identity that allows for a frictionless onboarding experience. Immutably tying identity documents to a real-life human ensures the validity of an individual’s identity and creates a robust and secure onboarding process. Biometrics are one of the key methods to verify customer identities quickly and accurately. It’s also favoured by customers too with as many as 52% of customers suggesting they would rather use biometric checks when opening a bank account.

Ultimately, banks sare staking their reputation on building digital identities into the onboarding process to:

● Improve the experience for the user: digital identity verification is simply faster, safer, and more accurate than traditional means of identification. It is also particularly useful for time-poor and accessibility challenged customers who cannot always reach a physical bank branch before closing time.

 

● Acts as a buffer against fraud: unlike database checks, digital identity verification can ensure users are who they say they are, through a combination of biometrics and artificial intelligence (AI) checks, making them extremely difficult to breach.

● Relieve pressure on manual checks: banks that leverage digital identities can verify customers using rapid automated checks that do not require manual input. This allows organisations to provide certainty to their customers that their personal details are safe and secure.

A digital approach to identity verification is not only scalable, but also secure, intuitive and device-agnostic. For those banks that are looking to build trust with their customers, and appeal to the Gen Z / Millennial segment, it demonstrates a commitment to security and convenience in the digital world, and ultimately a better delivery of financial services.

Security document printing market to reach value of $35 billion

Security document printing market to reach value of $35 billion

Demand for banknotes, personal ID, stamps, payment cards, cheques, and brand protection packaging will continue to grow over the next five years, even as the sector adjusts to a commercial landscape reshaped by the experience of the Covid pandemic.

A dedicated new expert study of the sector from Smithers – The Future of Global Security Printing to 2026 shows total value will increase to $28.89 billion in 2021, up from $28.47 billion in 2020. This positive performance over the worst of the pandemic period was led by increased sales for banknotes, payment cards and brand protection packaging features. Although other segments have seen major falls.

Smithers’ analysis tracks the influence of multiple market drivers that will contribute to pushing total sales in the industry to $35.02 billion in 2026, equivalent to a 3.2% compound annual growth rate.

As the market reorientates to new commercial realities it will create a varied and dynamic situation, which will reward innovation. Smithers’ analysis forecasts the following major changes:

Banknotes, have seen a surge in demand over the pandemic period, this has deflected the broader trend for wider use of electronic payments in the short term. Growth demand will slow over the five-year Smithers forecast period, and central banks and security printers will refocus on alternative payment options, with new contracts largely confined to developing markets

  • The need for contactless payment and ongoing efforts to integrate the world’s large unbanked population into the modern economy will make payment cards one of the fastest expanding market segments over the same period
  • Personal ID sales stalled in 2020, but the imperative to develop integrated electronic IDs to manage Covid-19 and wider use of biometrics will support a return of sales as international travel restrictions are relaxed
  • One segment that has a continuing negative outlook is ticketing. Drops in sales across 2020-2021 will not be recovered. Reduced commuting, more homeworking and the implementation of touchless travel systems, will all lead to further declines in the future
  • A similar negative outlook is forecast for cheques. Already restricted to a few key national markets – US, India, France – investment in remote or automated payments has damaged demand, and further declines are forecast to 2026 as consumers and organisations transition to more modern alternatives
  • A more positive outlook is given for brand protection packaging. The twin drivers of greater e-commerce trade and the implementation of traceability mandates will make this the fastest growing segment over the next five years, creating a major diversification opportunities for established security technology suppliers
  • While mail volumes will continue to decline, new measures to control counterfeiting of goods like cigarettes will see demand for stamp printing increase – with the market refocussed on tax stamps.

This varied outlook – and the need to develop new digital service lines – is driving a reorganisation of many private-sector organisations. It will also be reflected in the outlook for different security components.

Security substrates and print processes will continue to be the two largest components of the market, representing 50.1% by value in 2021. Across 2021-2026 the need for greater supply chain scrutiny and both overt and covert verification technologies will manifest in greater demand for RFID and coding, security inks and taggants. Simultaneously the interest in automated borders, and secure physical and online identity will push a wider use of biometric solutions.

Ready for the Revolution:  Mozambique’s journey from paper documents to eVisa

Ready for the Revolution: Mozambique’s journey from paper documents to eVisa

They started in 2018 with a great undertaking. The Government of the Republic of Mozambique had the plan to equip all borders and airports in the country with state-of-the-art technology. However, modernizing all border posts means not only replacing hardware and software at the 13 airports, 24 land and 7 sea borders, but also ensuring that all Mozambican residents get access to high-tech travel documents such as electronic IDs and eVisas.

German specialist in the security sector Muehlbauer took on this far-reaching assignment. The project’s scope was it to install and ramp-up a cutting-edge solution for the issuance and verification of multiple types of identification documents. At the same time, it was necessary to implement a comprehensive border control system, to identify and verify documents as well as the document holder. Such system need to reliably register and manage all entry and exit data, while interfacing with third parties on a local as well as international level to exchange information. 

Let’s get some idea of the scale of the project. The new management systems were distributed nationwide to 11 provinces and 177 districts, to all 13 airports, to a total of 44 land, river and sea borders and to 45 embassies and consulates worldwide. In order to accomplish this task with the smallest possible time schedule and in cooperation with local companies, Mühlbauer established its own business location in the capital Maputo, staffed with 60 employees, to handle contract delivery, ongoing technical support and training. More than 800 government employees have been trained to be empowered to operate and maintain the highly sophisticated systems. The complete solution was delivered in just 6 months and put into full operation within impressively short 12 months after signing the contract.

The enrollment system can be operated online and offline (depending on network availability). Muehlbauer IT and software products and system observe the highest security standards regarding data transfer and data management. The implemented solution consists of four independently operable databases (citizen data, foreigner data, travel documents and border management), for four designated authorities, which are all interlinked and interoperable for national security and information purposes. The embassies and consulates of Mozambique have been enabled to issue biometric identification cards, electronic travel documents, biometric emergency travel documents for all citizens of Mozambique, as well as Visa to foreign visitors. 

To further improve the services rendered, the Government of Mozambique is now expanding its solution to include an eVisa portal. In close cooperation with Mühlbauer, the paper-based system is to be supplemented and replaced. Until now, a traveler applying for a visa has to fill out the necessary paperwork and then send it by mail or physically take it to the local embassy or consulate. The embassy or consulate would thereupon review the documents, process the request, and issue successive the Visa. This process takes a lot of time and makes it burdensome to create a visa.

The Muehlbauer eVisa Solution uses the latest technologies and allows the applicant to create an account online. The responsive web-based portal is running in various standard browsers (Safari, Firefox, Internet Explorer, Chrome) and on standard operating systems (Windows, Linux, macOS, Android, iOS) and respectively on desktop PCs, tablets and mobile phones. After creating the account, the applicant is asked to enter personal data, upload a face image and supporting documents – including a Passport scan – and perform online payment or register already performed payment based on the receipt. This secured and multi-lingual portal is separated from the main Visa system to reduce its appeal to hackers and thus protect against potential attacks. The application will then be submitted to the Central Visa system for approval. When the application is processed, the applicant will be informed via eMail and receives an approved Preliminary eVisa Document or the Application Rejection Letter in case of a negative decision. The last and only step, which requires physical attendance, is the personalization of the eVisa. On arrival at the airport, land border or at the embassy, the enrollment officer pre-fetches the application from CMS, checks pre-enrolled data and captures additional applicant’s data. During this process, the data on the identification document and the eVisa are checked for authenticity by comparing them with existing databases. After successful verification, the approved Visa or Visa stickers are handed out to the applicant. The customizable and fully responsive system supports all 15 Visa types, such as Business visa, Visit visa, Tourism visa, Residence visa, Student visa and Transit visa, and can be extended if needed. 

With its simplified handling and fast data transfer, the state-of-the-art Visa solution from Muehlbauer ensures user-friendly application and prevents long queues at border crossings and authorities. With the pandemic not yet over, the mainly digital visa issuance is a particular step forward for Mozambique. This not only makes official processes easier for every resident and applicant, but also provides greater health security and one less platform for the virus to spread. The MB eVisa system is scheduled to go live in fall 2021. All the newly implemented solutions make the Southeast African country a pioneer in digital identification.

Op-ed: Simplifying the duty-free purchase in Korea

Op-ed: Simplifying the duty-free purchase in Korea

Ever purchased something in a duty-free shop? Then you know that it is not a simple pay-and-you-go situation: you also have to present your travel document and the cashier submits some of its data to the system. But why is that? Not only you have wondered about this. Many raise questions via forums, someone asks on Tripadvisor:

Why does the duty-free shop at the airport scan my passport? I can understand it when you are purchasing liquor, but to buy a wooden puzzle… I had to go to our gate to find hubby with bags to get mine to buy an $8.50 puzzle.

Duty-free duties

The answer is simple. In order to sell things duty/tax free, there are regulations that vary depending on the local laws about how the shop must confirm that a passenger is indeed departing to an international flight, thus he/she is allowed purchase goods duty/tax free – as opposed to (for example) someone that simply works at the airport and must pay taxes after the purchase. The exact requirements vary per countries and shops, but frequently include data like name and/or travel document number of the customers, and/or the number and date of their flight.

The time, required for submitting this data adds up quickly, as we talk about several seconds but even a minute depending on the local policy. At the end of the day, it turns out that a remarkable part of the day was spent only for this administration task – instead of offering a seamless customer experience.

Automation is our friend

SM Duty Free, located in South Korea, decided to cut back this time and automate the process: using handy ID scanner devices. This way, passports, visas, flight tickets and other travel documents are scanned within a blink of an eye and the data is immediately submitted to the system.

It works with Optical Character Recognition – a software that recognizes text and transform image information to digital characters. It sounds simple – but there is nearly 30 years’ development and expertise behind it.

Combo Scan ID scanning device 3d view

Combo Scan ID & Passport Scanners

Almost the same size as your palm but types guest data ~150x faster

  • Automatic ID data extraction
  • Ultra-compact design
  • No moving parts included
  • Powered via USB

 

Security as well

These devices are favoured not only by duty-free shops, but also convenience stores and liquor / tobacco shops, where the purchase of specific goods is limited by age. The best way to confirm age is the date of birth information from the identity documents – and these processes are also getting automated by ID scanners at more and more locations. The cashier just scans the document and the system immediately confirms the age, while it saves the ID image for future security purposes.

As a local news portal writes:

Han Gi-ji, Gyeonggi GTV

By selling alcohol or cigarettes to minors under current law, the shops will not only stop business, but also get fined and given criminal penalties. Because of these problems, more and more shops are installing ‘ID card discriminators’…

In addition to age verification, these ID scanners are capable of verifying the ID’s authenticity as well, so documents that were altered in any way (or copied) are filtered out via the scanning process. Shop owners realized two important factors:

  • they cannot expect from cashiers to be an expert of ID security
  • transactions with fake IDs will cost them major losses

Such ID scanner turned out to be a remedy for both.

This solution is widely used in the Myeong-dong area in South Korea, in convenience and retail shops, including the popular CU Convenience Store.

Further reading / video

We encourage our Korean readers and speakers of the language to check further materials in the topic:

  • A short video presentation by the company (Dawin) who integrated the solution based on our technology: