When the Independent Communications Authority of South Africa (ICASA) recently proposed linking biometric data to SIM cards, privacy concerns quickly cropped up. Would this mean constant surveillance or an increased potential for identity theft?
RELATED: Identity confirmation in seconds: How biometrics became lightning fast and accurate
A resounding no, and no, says Gur Geva, Co-Founder and CEO of iiDENTIFii, the leader in remote biometric digital facial authentication and automated onboarding technology. “Because biometric technology only started making its way into the mainstream relatively recently, consumers are still unsure of what the technology entails and how it may be used. This, naturally, leads to some misconceptions and fears. The reality is that opt-in biometrics are the most secure way to identify someone – and keep their information and identity safe from misuse – and these differ a great deal from biometrics used for surveillance.”
Increased privacy and security
“When biometrics are mentioned, many people imagine dystopian scenarios – surveillance cameras on streets, capturing faces to keep track of civilians. But ICASA’s proposal, and the type of biometrics currently becoming more mainstream, is called remote biometric onboarding. It’s opt-in verification and account authentication as opposed to surveillance. Remote biometric onboarding links a person’s biometric data, whether their face or fingerprint, to their account so that they, and only they, can access the account safely and securely,” explains Geva.
Biometrics come in many different forms. While there is a place for biometric surveillance, such as security at airports or building entrances, opt-in biometric onboarding with liveness detection protects institutions and their clients from fraud. “Fraudsters have made face matching on its own almost obsolete by employing spoofs that exhibit human traits, such as photos or puppets. Furthermore, even authentication processes with gesture/motion requirements to overcome this problem can still be spoofed. Leading biometrics AI uses liveness detection to determine that it is interfacing with a genuine, physically present human being,” says Geva.
This makes it far safer than passwords or PIN numbers, which can be hacked or stolen by fraudsters. With stolen passwords, fraudsters can potentially access thousands of accounts in a matter of seconds. Where biometric liveness detection is required, it becomes exponentially harder for thieves to impersonate or hack accounts.
And, from a privacy perspective, it’s not that different from current identification methods. “When someone has a copy of your ID, they already have your biometric data – an image of your face. How biometric data is managed by mobile operators would still be subject to strict privacy laws laid out in the Protection of Personal Information (POPI) Act and the General Data Protection Regulation (GDPR) guidelines,” he adds.
Safety meets convenience
Because biometrics and liveness detection can truly prove that you are really you when logging into an account, it opens a world of convenience and security for consumers.
Says Geva: “The average person has around 80 passwords. Passwords they forget, passwords that are compromised, and passwords that don’t transfer between devices. Biometrics, on the other hand, provide a seamless experience where onboarding no longer requires account details, an ID book, fingerprints, and more. Now, you can add your ID number, hold your phone up to your face for liveness detection, and link your SIM. And yet, it’s safer, because no-one except you will be able to perform a SIM swap or take out an additional line without this direct biometric link.”
This safety and convenience mean the identification method will become much more mainstream, and soon. Two-factor authentication could be replaced by proof of liveness and a fingerprint, for example, and even social media could become more secure.
“Currently, only celebrity social media accounts get verified, and even then, not biometrically. But everyone should have the ability to show that their account is truly theirs. The amount of bot accounts is material– as the due diligence on Elon Musk’s Twitter deal proved. These fake accounts can be used to push the same message, thousands at a time, regardless of accuracy of message. That could be prevented,” says Geva.
And the world is ready for biometrics. A Visa study shows that 86 percent of consumers are interested in using biometrics to verify identity or to make payments, while 70 percent of consumers believe that biometrics are easier.
Geva believes the possibilities will scale significantly. “Technology is not static and evolves all the time. Some laptops, for example, can detect your liveness through infrared and switch on when you sit in front of them. Tying that to biometric facial mapping could log you in to your devices in future in a far more secure manner. Facial biometrics with liveness detection will likely be the dominant biometric authentication method simply because it’s more accurate than voice, easier than fingerprint, requires no contact, and can be compared to an identity document face image. It’s the ultimate in convenience and security.”