In my last blog post, I started discussing the implications of identity verification and facial recognition where organizations didn’t consider components of a zero trust architecture. Specifically, I covered the importance of preserving user privacy and facilitating secure access. Both of these previous fundamentals lead me to user experience and identity decisioning bias. These final two elements will move a facial recognition implementation from an add-on to and nice to have, to a trusted secure access environment providing high identity assurance that users want to use. Let’s investigate further.
Let’s face it, biometrics are way more convenient than passwords and one time codes. In surveys, 79% of users preferred 1Kosmos to passwords for logging into the corporate VPN, and 86% preferred it for accessing applications. Why? Because it takes 1Kosmos users little more than a blink and a smile to log in. But, to deliver this level of satisfaction the biometrics need to recognize the user and resist spoofing. Here another certification body called iBeta provides this assurance via their Biometric PAD-2 Liveness certification. In tests, the 1Kosmos BlockID platform achieved a false match rate (FMR) of less than 0.1% at 95% confidence interval (in iBeta’s 21 CFR 1311.116 test). Lesser solutions will frustrate users and produce drastically inferior results leading to manual processes and delays.
Finally, let’s discuss Identity Decisioning Bias. This thorny issue arises when a user’s biometric is evaluated by AI algorithms trained on a population that does not properly accommodate diversity. Depending on the identities in the data, the database can be skewed one way or the other. Meaning some users might not be recognized and denied access to services.
First off, let me be clear. At 1Kosmos we don’t do this! At no point in the company’s history have we ever needed to pool data to build so-called “intelligence” into decisioning. The technology available in mobile phone cameras (depth of field) can, with high accuracy, determine if the face in front of it is real. This eliminates the possibility of Identity Decisioning Bias in the 1Kosmos BlockID platform. The iBeta tests produced zero false matches in 200 live biometric attempts on iOS and Android devices, validating the reliability of the BlockID platform for accurately performing live biometrics for identity proofing. As a result, when it comes to guarding against algorithmic bias, our solutions set the standard.
With 1Kosmos BlockID, citizens can conveniently self-verify their identity using physical documents such as a government-issued driver’s license or passport. The captured data during the verification process is stored in a digital wallet which enables a portable identity and allows citizens to manage and choose when and how they share their PII data.
From a government agency point of view, with a digital wallet, agencies can support citizens as they move through and require access to new or additional services. Placing all data in the 1Kosmos decentralized identity platform secures the PII data and the data is now a user-controlled wallet that is updated as the citizen needs new services or updates existing credentials.The data is never stored in a central location and is always controlled by the citizen. After the citizen identity is verified, 1Kosmos BlockID binds it to the citizen account to deliver highly secure and low friction online engagement. This way, citizens can easily and securely access critical government services such as Medicare or Social Security. With 1Kosmos, government organizations can verify citizen identities, increase citizen engagement, protect logins and reduce friction while maintaining the highest level of security with a frictionless user experience.
I began this post talking about biometrics and passwordless access, and clearly these are capabilities 1Kosmos has brought to market, but they are simply two capabilities of a solution designed for much more. We set out over five years ago to provide users with a private digital identity they could control and allow service providers to authenticate that identity and then know with certainty who has logged onto their network.
In doing this, the architects of our BlockID platform anticipated and addressed the security, privacy, usability, and efficacy challenges to deliver a new form of identity proofing and multi-factor authentication where the user is the authenticator and not some artifact of information such as a one time code. They then accommodated the need for flexible levels of identity assurance so that organizations could tailor controls to the needs of their business.
Are you interested in learning more? Join us for an interactive webinar on May 24th where we will be diving deeper into fighting fraud in government services with citizen IDs.