Friday, 23rd August 2019
Logo

Biometric verification solution couples identity proofing with ongoing 3D face authentication

Jumio Authentication enables users to verify themselves during high-risk transactions and unlock everything from online accounts to rental cars, replacing passwords on any device.

Jumio has launchedJumio Authentication, a video-selfie authentication tool for businesses to prove user identity of online transactions by unlocking their users’ digital identities in seconds. The new solution is the first in the market to leverage biometrics for initial identity proofing and ongoing user authentication — creating an online experience that is fast, secure, accurate and easy to use.

This secure and rapid authentication method is ideal for account logins and high-risk scenarios (e.g., logging in from a foreign IP address or authorising high-risk transactions such as wire transfers and online purchases). Secure selfie authentication can also be used to unlock doors (rental cars), self check-in (hotels), e-learning (online test taking) and continuous security (e.g., re-verifying the identity of ride-sharing drivers on a frequent basis).

“As more of our important interactions move online, establishing trust digitally has become critical,” said Stephen Stuut, CEO of Jumio. “Jumio is pioneering selfie-based authentication to allow businesses to leverage biometric user data captured during enrolment and re-verify that data in the future. With our new selfie-based authentication, users are not required to repeat the identity proofing process again — they just take a quick selfie — and as the digital chain of trust grows, so does the security level.”

Biometric authentication is the verification of enough unique human traits to physically prove a user is actually who they claim to be. It offers far greater security than previous step-up methods, such as knowledge-based authentication and multi-factor authentication, which remain vulnerable to imposters, credential phishing, large-scale data breaches, dark web user data dumps and man-in-the middle attacks.

But past attempts at biometric authentication have had their own vulnerabilities, as fraudsters have quickly learned to fool online identity verification solutions with spoofing attacks (e.g. using a photo, video or mask of the authorised person’s face). This is why it’s increasingly imperative to check whether the correct user is physically present during the account set-up (enrolment) process.

To combat this emerging threat, Jumio integrated the world’s first and only iBeta Level 1 and Level 2 Certified anti-spoofing technology,ZoOm® 3D Face Login with TrueLiveness Detection from FaceTec, into its online identity verification suite to capture and process the user’s face images taken from any 2D mobile device camera or webcam. These face frames are then reconstituted to create a 3D face map which contains over 100 times more liveness data than a 2D photo.

With Jumio Authentication, the digital chain of trust starts at enrolment when an online user takes a photo of their government-issued ID (driver’s license, passport or ID card) and then takes a video-selfie, which is instantly analysed via AI to determine that they are living human and not a spoof. The selfie is compared to the picture on the ID document to reliably establish the digital identity of the new user.

Later when the user wants to log into their account or whenever a high-risk transaction occurs, Jumio Authentication allows the user to take another video-selfie (where a new 3D face map is created), which is then compared to the original face map, verifying the user and unlocking the account in seconds.

“Data breaches have put hundreds of millions of personal records and passwords into the hands of fraudsters, but biometric technology, especially face authentication, holds universal promise for solving our user access security challenges,” said Kevin Alan Tussy, CEO of FaceTec. “ZoOm provides Jumio’s customers with 3D face authentication featuring iBeta/NIST Level 1&2 Certified Liveness Detection based on the ISO 30107 standard, making it secure enough to replace passwords, knowledge-based authentication, and even SMS-based two-factor authentication on over 10 billion supported devices.”
Thycotic has expanded its PAM solution to address the risks associated with service account sprawl.
Two thirds are now checking SMEs’ security training credentials, over one third make them part of th...
Collaborations with ISARA Corporation and ID Quantique will make quantum-safe crypto more widely ava...
Wipro has released its 2019 State of Cybersecurity Report that highlights the rising importance of c...
Ping Identity has released PingCloud Private Tenant, a private cloud identity solution for the enter...
Respondents identify people as biggest source of cyber threats, with Facebook and BA as most notable...
Research reveals that companies investing in the latest cyber security products and services are ris...
RiskIQ has released its annual “Evil Internet Minute” report today. The company tapped proprietary g...