August 2018

jmacinnis's picture

California Governor Jerry Brown signed into law the California Consumer Privacy Act (CCPA) of 2018 on June 28, 2018. The law pertains to businesses that collect personally identifiable information (PII) in the State of California. Businesses found violating CCPA including security breaches, may be charged with statutory damages as well as civil penalties of up to $7,500 per violation.

The intent of CCPA is to protect the privacy of California consumers and requires businesses to safeguard CA consumers’ PII and holds them accountable if such information is compromised as a result of a security breach.

As the cost of data breach grows, businesses are reevaluating their security practice including authentication strategies. According to Verizon’s 2017 Data Breach Investigations Report, in 2016 81% of confirmed data breaches involved weak, default or stolen passwords. The problem with password authentication lies in the fact that passwords are simply static information that can be easily stolen and used by anyone from anywhere.

In today’s threat landscape, passwords alone are insufficient. Multi-factor authentication combining passwords with physical devices adds a layer of strong security to help protect organizations from password theft.

Security experts are now of the opinion that certificate-based authentication using PKI is the best way to provide strong multi-factor authentication. In the past certificate-based authentication, which relies on PKI was considered to be complex and hard to manage. It turns out that a well-designed and modern implementation of certificate-based authentication can be easy to use, provide a higher degree of security, deliver flexibility in enabling a role-based security policy and can be very cost effective.

At HID Global, we have technical experts on hand to walk you through our industry-leading secure identity solutions and preview some newer solutions that are still under wraps. You can also find out how HID SAFE Physical Identity Access Management software can help you improve both physical and digital access across many sites and provide continuous diagnostic and mitigation with security intelligence.  

For more information on our multi-factor authentication solutions including mobile authenticators, visit our Identity Management Solutions portfolio page.

amallet's picture

Fed by science fiction best-sellers and urban legend, Artificial Intelligence (A.I.) has been one of the hottest topics of the last 5 years. Now the identity solution market is starting to explore its potential to sort, analyse and process the overload of data and information that governments must handle. Cutting through the myths, I provide a view on its potential applications in government projects.

A.I., also called cognitive technologies, applications include machine learning, computer vision, speech recognition, natural language processing, automation and many others. Unusually, AI can increase speed, enhance quality and reduce cost at the same time; whereas most other technologies only realize one of these benefits, to the detriment of the other two.

A.I is the ability to imitate human behaviour

Cognitive technologies have surrounded us for many years. But what does A.I. really mean? Artificial Intelligence is the capability of a machine to imitate intelligent human behaviour. This definition is quite wide and is open to many interpretations. Initially, A.I. found its roots in automated solutions replacing the human workforce, but nowadays many solution providers tend to misuse the term A.I. for many applications. Therefore, we must make a distinction between what we call weak and strong cognitive technologies.

To clarify the various use cases, I propose market segmentation as follows:

  1. Low level A.I. Automation, where machines replace labour;
  2. Weak level A.I. Workflow processing, where a solution replaces clerical and administrative work and
  3. Strong level A.I. Deep/Machine learning, where machines improve their decisions by learning from past experiences.

Three possible A.I. scenarios for government projects

  1. A.I. inside an Automated Biometric Identification System:

A simple biometric engine that compares two biometrics e.g., a submitted biometric against a database, would not be considered as AI. However, once the machine starts to run comparisons against other aspects of a database, such as enrolment information, it can be considered as weak AI. When a system seeks biometrics in a wider environment using various detection media (cameras, scanners etc…) and identifies them against a database, it can be considered as a more complex cognitive technology.

Whether it uses each of its research to refine each person identified in the database with the biometrics that are used for each identification, then the system would be an even stronger A.I.. It will learn from its own experience and provide output that would not have been anticipated.

  1. A.I. reduces cost and frees resource

Administration and clerical processes are governed by strict rules that are often defined by laws. These rules define how an individual will make decisions, based on available information. As the rules become more and more complex, administrative tasks and workload increase, moving the focus away from the citizen towards the process itself.

A study from Deloitte reveals that imbalance. Administrations spend more than 4 billion working hours on automated tasks that cognitive technologies could carry out. Eventually, A.I. could increase the amount of time administrations should focus on citizens by up to 25%. Not only that, administrations can save up to $US 41 billion by shedding the bureaucracy and associated processing hours. Still, this means that a significant amount of time continues to be wasted on document processing. Therefore, such cognitive solution could provide further benefit by automating the remaining processes, reporting or search functions.

  1. A.I. can secure borders

As air traffic will increase from 3.3 billion in 2017 to 4.2 billion travellers by 2021 the implementation of A.I. solutions will be of significant added value for border control. To cope with the traveller flow at the border, the development of Automated Border Control has already seen a swift increase in the past 5 years with companies such as Vision-Box.

Today, a new generation of border control solutions is emerging, using non-disruptive solutions that engage cognitive technology solutions to create a seamless border control experience. The cognitive solution collects biometrics as the traveller passes through the airport. Processes it prior to arrival at border control it reduces bottlenecks and waiting times.

 A.I. can improve identity security by eliminating human error 

We have seen that cognitive technology is already used by governments. However, governments need to use A.I. in the right environment and with adequate purpose. If not, it could become a costly experiment. A.I. applications can have significant impact when they are well designed and tailored to a specific process. But, the goal of cognitive technologies is to have a system, which can solve problems and continually develop in changing circumstances. Most importantly, do all of this without direct human interaction. Various reports highlight that human error is one of the major security liabilities at borders. By short-circuiting this factor, cognitive technologies can significantly enhance security and accuracy while potentially improving the user experience.  All of this can be achieved with a lower cost, or with redeployment of resources in other areas where human interaction cannot be replaced.