With facial recognition and fingerprint technologies being integrated into most modern smartphones, biometric identification has become more commonplace than ever before. Proofing these security features so that they are secured for personal use has presented its own set of challenges, but technology providers have devised new solutions and integrations to mitigate security risks.

This past August, iProov, a London-based biometric authentication technology provider, announced its partnership with Evernym, a self-sovereign identity-focused company. Through the partnership, the two companies hope to streamline onboarding processes and simplify device binding for personal identity management.

About the Partnership

Established in 2012, iProov specializes in facial biometric authentication. Their flagship technology, Genuine Presence Assurance, enables organizations to confirm that the person they are interacting with online is the right person, a real person, and authenticating in live time. The solution includes three main products:

• Enroller, which verifies the identity of new customers during onboarding through a facial biometric scan.
• Face Verifier, which authenticates a remote user’s face against a pre-enrolled biometric template.
• Palm Verifier, a contactless hand biometric technology that requires no specialist technology.

Behind these three products is iProov’s underlying technology that uses facial biometrics and colored illumination to read a user’s face and assure the genuine presence of a human being in an effortless, secure and streamlined way.

“Face biometrics was a winner because mobile devices of today have front-facing cameras,” explained Joe Palmer, President of iProov Inc. “To circumvent the facial secrecy issue, rather than asking the user to do something, we do something to the user. We use the device screen to illuminate the face with a unique sequence of colors as a one-time code, and concurrently stream a short video live back to our servers to process the received image. We’ve built up a huge data set of real-life skin reflectivity versus other materials, and all non-human objects fail to produce realistic 3D illumination and diffusion. After training a deep learning network to recognize light reflecting off skin versus all other objects, we can tell that there is a real life skin-covered human face in front of the camera.”

iProov’s solution helps organizations secure authentication processes, maximize usability, reduce fraud risks, and future-proofs enterprises against machine-driven attacks and deepfakes, all while maintaining compliance with KYC and AML regulations. It is used by the U.S. Department of Homeland Security, the UK National Health Service and more.

In working with Evernym, iProov plans to integrate their Genuine Presence Assurance technology into Evernym’s Verity, a decentralized SSI platform for issuing and verifying digital credentials directly into SSI-based wallets, and Connect.Me, a consumer mobile wallet application for holding and sharing credentials. They aim to provide high assurance during onboarding processes for remote customers and secure the processes of binding a user to their device and stored credentials.

Evolving Biometric Standards

As the use of personal technology has grown, the types of body parts used for biometric security solutions have expanded as well, from thumbprint readers to iris scanners. Determining the best standard biometric for identity verification and authorization has proven to be a challenge for organizations across the technology industry, and with the COVID-19 pandemic shifting lifestyles around the world, biometric standards have shifted in new directions.

One major factor in analyzing different biometric measures involves security. In order to maintain a certain level of security for a biometric system, developers must devise solutions to mitigate those attempting to copy or trick the system. For instance, fingerprint readers boast the benefit of being based on a hard-to-replicate body part, but in the event that someone’s fingerprint is copied, it is impossible for them to reset their identifier. For facial recognition technologies, systems must be able to differentiate between a photo, a deepfake, a recording inserted into a video feed and an actual, present human. Furthermore, as they are designed for consumer use, developers must maintain usability while being as secure as possible.

Recently, another major factor in determining the best biometrics has been the effects of the COVID-19 pandemic. Due to the infectious nature of coronavirus, contactless biometrics and biometrics that allow a user to use their own device are growing in popularity. Furthermore, due to facial covering and mask requirements in many countries, facial recognition technologies have needed to adapt in order to recognize users wearing masks.

Finally, mass identification and verification capabilities have also reshaped the future of identification. Every country has its own de facto forms of identification, such as drivers licenses, passports, government-issued ID cards, and with varying levels of security. Many passports now, for example, have biometric chips embedded in them that can store biometric data and be scanned by NFC readers—such as the ones on NFC-enabled smartphones. This stored data is extractable, and can also be signed by the issuing government, presenting a solution to protecting against falsified identification information while maximizing interoperability between current ID standards and future ones. Given the digital transformation of the world, integrating these physical forms of ID with biometric identification standards will present new opportunities to the future development of digital identity and its integration into society.