Biometric authentication solutions could open a gateway for governments to drive efficiency and reduce bureaucracy, says Aarti Samani, SVP of product and marketing at iProov.
The process utilises the unique biometric of an individual to verify that they are who they claim to be and are therefore authorised to access products and services.
As the technology has been developed by the likes of iProov, and it has become increasingly more secure and scalable, Samani believes it could help governments move to a truly modern way of working.
“Governments are looking at the opportunities of digital transformation. Citizens expect to be able to engage digitally and there are huge benefits to be had, for example in increasing efficiency. Typically, governments are criticized for being too bureaucratic and digital transformation can cut through that by providing greater access, increased speed, and improved transparency,” Samani says.
“The question for government departments then becomes: 'How do we facilitate digital transformation? How do we move processes online in a way that is quick and doesn't inconvenience our citizens? How do we do it in a way that means the entire population can utilise the systems so it's inclusive, it's accessible? And how do we do it in a way that allows us to know our citizens better?”
A report by EY said governments must “reinvent” themselves in modern society through their use of technology. Governments need to build a public sector that is “fit for the future” and this requires an overhaul of organisational structures, culture and mindsets, not just new technology, the report said.
The most obvious benefit to biometric authentication is its ability to make services more accessible and convenient to citizens by offering remote access, says Samani.
“If processes are moved online, governments can allow citizens to engage from the comfort of their own homes, rather than forcing them to go into physical buildings. Staff can then be deployed to the areas of government where they are most needed, rather than on administrative tasks,” she says.
Trust goes both ways
A fundamental hurdle for governments is trust. A report by the OECD showed that trust in governments is eroding across the developed world, and with the coronavirus pandemic causing unprecedented disruption throughout the globe that element of trust has perhaps never been more important.
Samani believes it is “inevitable” that social distancing measures will increase uptake of biometric authentication solutions as our expectations of government processes changes, but trust must be there at the foundations, underpinning it all.
“Trust is really, really key,” she says. “Trust comes when you know that you are interacting with not only the right person, but a real person and right now. The government needs to know that they are interacting with the right citizen who is supposed to be able to access the service. And as a citizen, I want to be able to know that I'm speaking to a government official, or that this is not a spoofed website or a spin off or my data is not being searched or harvested in any way.
“We will start to see more and more cases where digitisation of public sector services will become important. Remember, millions of us are now used to working remotely, we are used to being in our own comfortable environments and still running our lives efficiently from there. There is now an expectation that services will not only be available online but that they will work seamlessly and be easy to use.” Samani adds.
Security breeds trust
As Samani says, crucial to enabling trust is security – each party knowing they’re communicating with the right person. And it is here that biometric authentication comes into play. iProov’s solutions use face or palm biometrics to authenticate effortlessly by scanning a user’s face or palm through a personal device.
“Our passwords or other credentials are shareable. We can knowingly share them or they can be stolen from us. Our faces are not shareable. Our faces are unique to us. ” Samani says.
While Samani is right – we have only one genuine face; that hasn’t stopped hackers from trying to copy it. Cyber-attacks known as “deepfakes” attempt to duplicate or imitate the authenticating object (in this case, a face) and present a significant threat to biometric security solutions. iProov is at the forefront of anti-spoofing technology, and has developed an enhanced security system to prevent sophisticated digital attacks. The security of iProov’s solution is guaranteed by these extensive measures, which also means it can be trusted. But a biometric solution alone is not enough, says Samani. Firstly, citizens must be convinced, they must be educated that this solution is safe and secure.
“The government needs processes and solutions that are known, that have been endlessly tested, and that are proven to be the most secure, and then they need to convey that message to their citizens. To be able to say, ‘Yes, these are the measures that we've put in place and here is the due diligence that we have gone through in order to make sure that you, the citizen, is protected.”
Then it must be capable of adapting to the changing cybersecurity threats that appear over time.
“The threats are constantly evolving, which means that technology needs to evolve as well. Anyone who claims that their system is completely secure for all time isn’t really living in reality,” Samani says. “Every day, criminals are coming up with new ways to beat the system and technology needs to learn and adapt. That’s where the cloud and machine learning play a huge role.” ”
It’s for this reason that biometric solutions must be cloud-based rather than device-based. Physical devices (phones, tablets, computers) may have biometric security installed, but these devices can be lost, stolen or injected with malware. Any one of these scenarios could undermine the biometric security and see sensitive data compromised.
But if a biometric authentication solution is cloud-based, it can adapt to threats in real-time effectively and can service all regions or markets, allowing companies to have a single control point irrespective of where the users are based.
“Any solution that relies on a device is not good enough in today's era - it has to be a cloud hosted solution, which really empowers the vendor and the government to protect their citizens at all times,” she says.