Contributions made by members of the DIACC’s Outreach Expert Committee
In 2017 Apple unveiled a new biometric sensor in its flagship iPhone X, and the media couldn’t stop talking about “Face ID.” Fast-forward three years: Face authentication has been well received by users, and face scans are now employed to unlock Google’s Pixel smartphones, as well as devices from many other top-tier manufacturers. And now, Governments and enterprises worldwide are looking to facial biometrics to address their need for trustworthy remote identity verification during and after the global pandemic. And it makes sense, we interact with other humans by seeing, being seen, speaking, and listening, so naturally, our interactions with technology will also evolve toward our most selected for modalities.
In some countries, remote face verification is already being used to prove user identity for many important applications. From remote citizenship verification to pension payments to accessing government services, the face modality can provide a secure way for users to prove their identity without the need to appear in person at a specific location. This tailored biometric technology enables unsupervised users to prove who they are remotely with the devices they already own.
This blog post defines the most common types of facial biometrics and explores the role that face verification and authentication will play in the future of digital identity, in addition to setting the stage for more in-depth posts on topics such as how user data and privacy are managed, the impact of COVID-19 on face verification, new advancements that enable unsupervised remote access and account creation, Liveness Detection, as well as the more technical aspects of this evolving biometric technology.
There are three common uses for facial matching technology:
- Verification answers the question, is this person legally who they claim to be? For example, where a business has a need to confirm your existence, a KYC (Know Your Customer) file can simplify the process to identify you by matching your selfie against the photo which is loaded on your passport chip or to the source ID photo stored in a government database. A digital photo of a user-provided ID Document can also be matched against, but since it is not verified with the issuer of the legal identity and high-quality fake IDs do exist, it provides a lower level of assurance and results in added controls used by companies to compensate for this.
- Authentication leverages the ability to match one’s previously enrolled biometric data to log into a device, a website, or application. Face Authentication offers the balance of security and user convenience long sought by consumers.
- Recognition seeks to match face data from an unknown individual and make their identity known by finding a match in a database of known faces. This has been known to be used in some countries by law enforcement and border patrol where the person may have limited or no awareness that the face scanning is taking place and have not provided their consent.
Regarding the three uses outlined above, the verification process is of high priority to the public and private sectors alike. Verification through facial biometrics is an approved method of the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), enabling Canadians to open a bank account without physically visiting a branch. Additionally, in July 2020, the British Columbia Government launched their Send Video feature within the mobile BC Services Card to meet the increased demand for alternative ways to verify a person’s identity in order to activate a mobile BC Services Card and, in turn, making it easier for provincial residents to access online government services during the COVID-19 pandemic and in the future. In these instances, the individual is aware and has consented for their identity to be verified for a product (i.e., account opening) or service (e.g., applying for a driver’s license, services card, or passport).
Verification also addresses the justified concerns regarding privacy. A GAO’s report, The International Biometrics + Identity Association’s (IBIA)Principles for Biometric Data Security and Privacy, states that technological constraints around some facial biometric technologies drive a need for all commercial and civil government applications, organizations to protect biometric data retained by using biometric one-way template transformation. New practices will likely require a liveness detection layer as well, especially when the biometric data is captured in an unsupervised environment. In addition, the IBIA’s Best Practices state that it is good practice to maintain a separation between biometric and associated non-biometric personal information.
The impact of large data breaches is both a significant privacy intrusion and direct financial impact to society in covering the losses due to crime and controls to prevent it. Facial Biometrics can dramatically reduce the criminal demand for data when used for both verification and authentication as a replacement of Knowledge Based Authentication (KBA) by limiting the ability of this information to be used for account takeovers and identity theft. It also has a beneficial side effects by reducing the need for customers to provide unrelated personal information. Knowledge questions such as requesting your mother’s maiden name to open a bank account is a direct contrast against the privacy principle of only collecting the information needed for the relevant purpose. With no reasonable expectation that Data Breach frequency will decrease in the future until wide-scale Knowledge Based Authentication has been replaced, biometrics have begun to bridge the confidence gap, while reducing the added friction.
Policymakers, privacy advocates, and regulators understand that new technologies are being added to existing facial biometric matching to render leaked personal data useless and ensure that any leaked biometric data is both isolated and encrypted to reduce the impacts on individuals from an identity fraud perspective. Liveness detection technology, for example, prevents malicious users from reusing biometric data by requiring a 1st generation capture of new data every time for verification of an individual. It is also common practice not to store face images in databases unencrypted; instead, photos are converted into data in a string of numeric values commonly referred to as a biometric template.
Face matching and Liveness Detection are powerful technologies that, when combined, enable privacy-preserving biometric use cases like replacing easily guessed or compromised passwords and health-preserving social-distancing use cases like remotely opening a bank account. Many are starting to agree that these security and usability benefits are a tremendous improvement over the previous generation of authentication methods.
In short, for the purposes of allowing a user to positively identify themselves from their own device, only face verification and face authentication are employed. Face verification creates trust, while face authentication maintains it. Both functions are covered in the Pan-Canadian Trust Framework™ that is intended to support a robust digital identity, trust ecosystem that will allow all Canadians to do more online, in a safer, more secure, and confident way.