What you can expect from digital identity in 2024

SMART Access & Identity 2024 Access Control & Identity Management, Security Services & Risk Management

Lance Fanaroff.

As biometric identity becomes a central tenet in secure access to finance, government, telecommunications, healthcare services and more, 2024 is expected to be a year where biometrics evolve and important regulatory conversations occur. Here are some trends we believe will shape the biometric identity market in the coming year.

1. Behavioural biometrics

Cybercriminals are increasingly weaponising generative AI tools to spoof human images and voiceprints used for identification at scale. These tools are growing more accessible, with professional criminals strengthening deepfake and bot attacks, and amateurs sourcing fraud-as-a-service kits on the dark web. Essentially, AI is able to define and replicate one of the strongest defences companies have had against crime in the past; authenticity. How do we get one step ahead in how we discern a genuine human interaction from a fraudulent one?

4D liveness facial biometrics is a safe and foolproof solution to this challenge, but additional, complementary solutions are entering the market. For example, biometric systems that authenticate users with real-time data such as typing patterns, gait analysis or voice recognition could offer enhanced security that does not require consumers to conduct any authentication actions.

Take the case of behavioural biometrics, which analyses a user’s digital, physical, and cognitive behaviour to distinguish whether the person behind the screen is a legitimate customer. A genuine user, for example, enters information in a particular manner. This pattern in human activity is increasingly being identified and analysed through machine learning, aiding in discerning whether an online activity is being driven by a human, or is part of an automated attack.

2. Ethics and privacy in biometrics

As biometric data becomes the dominant form of identification, necessary conversations about the ethics of biometric data collection and usage must occur. Consumers are rightfully concerned about how data is being used and if, for example, their identifying features could be used as part of surveillance. If used unethically, biometric tools could exhibit biases towards certain population groups or misidentify individuals, leading to, for example, wrongful incarceration.

Regulating the biometric space is becoming an issue of national urgency for many governments. The UK government, for example, has recruited new advisors for its Biometrics and Forensic Ethics Group (BFEG), which is responsible for defining how biometric data, forensic material, and large data sets are used in machine learning. In the US, the Department of Justice is creating a board on AI’s ethical and lawful use, including biometrics.

What biometric companies should be doing is to save the biometric data used as part of the face identification process, as a reference template. A reference template refers to a set of ones and zeros that match up to what our system deems a user’s face to look like. This cannot be viewed by the naked eye or used by any technology other than the biometrics company itself and is thoroughly protected.

3. Biometrics in the Internet of Things (IoT)

The Internet of Things refers to interconnected devices with sensors, processing ability, and software that connect and exchange data with other devices and systems within a network. This results in simplified daily processes for consumers. For example, a smart home in which manual tasks are automated, or a telematics device that measures your essential health data and communicates it with your health insurance provider in return for more accurate risk assessment. As more processes are automated, and more data is shared, a wealth of information needs to be protected. This offers a prime opportunity for biometrics to secure access to various IoT systems and devices.

4. Biometrics in healthcare

While banks, telecommunications companies and financial institutions have been exploring the possibilities of biometrics for a long time already, insurance companies, pension funds and employee benefits agencies are investing in biometrics in response to growing threats. A fascinating and essential application of biometrics is in healthcare; from patient identification and access control, to monitoring and managing health data. Biometrics could extend healthcare beyond traditional settings such as hospitals and doctors’ rooms, enabling efficient and secure remote diagnosis and electronic prescriptions. These interventions could revolutionise a sector that is hindered by a maze of logins and fragmented data.

Biometric identity could even improve access to healthcare services. For example, Ethiopia’s Ministry of Health has partnered with its national identity programme to integrate the Fayda digital ID with its healthcare sector. This will serve as a patient registry while supporting national health insurance schemes, employee and professional licensing, and the sharing of health records. Kenya has recently announced a biometric vaccination program pilot for newborns, and Rwanda is considering introducing biometrics to ensure that all children participate in routine immunisation campaigns.

In conclusion, the technology and ethics discussions around biometrics continue to evolve, resulting in biometric systems that consumers can trust. Ultimately, biometric identity can be a tool for empowerment, especially in Africa. As seen in these use cases, the more people use biometrics, the more they will be empowered to use their biometric identity to access and expedite other critical services such as voting and healthcare, or to protect their savings and data. I believe that in South Africa, we have the technology and the skills to catapult our services far beyond the status quo. This could result in greater protection against fraud in our country and serve as a catalyst for unprecedented growth.

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Deception technology crucial to unmasking data theft
Information Security Security Services & Risk Management
The ‘silent theft’ of data is an increasingly prevalent cyber threat to businesses, driving the ongoing leakage of personal information in the public domain through undetected attacks that cannot even be policed by data privacy legislation.

Proactive strategies against payment fraud
Financial (Industry) Security Services & Risk Management
Amid a spate of high-profile payment fraud cases in South Africa, the need for robust fraud payment prevention measures has never been more apparent, says Ryan Mer, CEO of eftsure Africa.

How to prevent and survive fires
Fire & Safety Security Services & Risk Management
Since its launch in August 2023, Fidelity SecureFire, a division of the Fidelity Services Group, has been making significant strides in revolutionising fire response services in South Africa.

A long career in mining security
Technews Publishing Editor's Choice Security Services & Risk Management Mining (Industry)
Nash Lutchman recently retired from a security and law enforcement career, initially as a police officer, and for the past 16 years as a leader of risk and security operations in the mining industry.

Risk management: There's an app for that
Editor's Choice News & Events Security Services & Risk Management
Zulu Consulting has streamlined the corporate risk management process with the launch of Risk-IO, a web-based app designed to consolidate and guide risk managers through the process, monitoring progress as one proceeds.

Integrated information platform for risk management
Editor's Choice News & Events Security Services & Risk Management
Online Intelligence recently launched version 7 of its CiiMS risk and security platform. Speaking to SMART Security Solutions after the launch event, the company’s Arnold van den Bout described the enhancements in version 7.

Global Identity Fraud Report revealing eight-month ‘mega-attack’
Editor's Choice Security Services & Risk Management
AU10TIX recently released its Q4 Global Identity Fraud Report, with the research identifying two never-before-seen attack patterns, with the worst case involving 22 000+ AI-generated variations of a single U.S. passport.

Linking of security officers by security businesses
PSiRA (Private Security Ind. Regulatory Authority) News & Events Security Services & Risk Management
[Sponsored] By law, all security businesses are required to declare their employees to PSiRA so that they can be accounted for administratively. Failure to link employees by security businesses is a contravention of the Code of Conduct and a criminal offence.

Defending against SIM swap fraud
Access Control & Identity Management
Mobile networks must not be complacent about SIM swap fraud, and they need to prioritise the protection of customers, according to Gur Geva, Founder and CEO of iiDENTIFii.

Access Selection Guide 2024
Access Control & Identity Management
The Access Selection Guide 2024 includes a range of devices geared specifically for the access control and identity management market.