identity
Latest
Facebook is testing a face detection tool to verify your identity (updated)
Facebook isn't entirely shying away from facial recognition, it seems. Code explorer Jane Manchun Wong has discovered a reference to a purported facial recognition system in Facebook's mobile app that would verify your identity. You'd have to take a "video selfie" where you look in different directions to give Facebook a more complete view of your face. It would bit like Apple's Face ID and similar systems, but there's no evidence it would require a depth sensor. Facebook vows that "no one else" will see the video and that it'll delete the clip after 30 days, although that's not quite as secure as systems like Face ID (which doesn't allow data to leave the device, and only captures "mathematical representations" of your face).
Australia wants to verify porn users by scanning their faces
Australia has proposed another in a series of zany attempts to control the internet. This time, the government wants to do facial scans to confirm a user's age before they can watch porn or gamble online, according to the Sydney Morning Herald. Then, the government would verify the user's identity using another proposed scheme called the "Face Verification Service."
Android's digital wallet could eventually hold your driver's license
Governments have been exploring digital driver's licenses for a while, but there are quite a few flaws with existing approaches. You usually have to rely on a proprietary app, sometimes with uncertain security... and what happens if your phone is low on battery when you need to flash your credentials? Google might have a solution. XDA has discovered that Google is working on an IdentityCredential framework that would securely store and display digital IDs, including driver's licenses. It could also display your ID even if there isn't enough power to start Android -- you'd just need the power for a secure chip and a "low-power communication channel."
Signal's new 'Sealed Sender' feature makes conversations anonymous
Messaging service Signal is popular with privacy-minded users. It doesn't store any record of your contacts, social graph, conversation list, location, avatar, profile name or group details. Until recently, though, one important piece of data was still visible: who is messaging whom -- kind of like having the sender's address on a physical piece of mail. The latest beta release, however, includes a feature that blocks that, too: "sealed sender."
Austin test uses blockchain to improve ID for the homeless
Many people take identification for granted, but it's a serious challenge if you're homeless. If you lose what's on your back, you might lose everything -- and recovering that ID is much harder when you have no fixed address or easy transportation to government offices. Austin might have a technological solution. The Texas city is piloting a system that uses blockchain identifiers to safeguard the IDs and vital records of homeless people in a way that's more accessible for service providers.
Bournemouth bars have begun accepting a smartphone app as ID
I went to university in Bournemouth and remember fondly (and not so fondly) queueing for overpriced bars with housemates and other trainee journalists. Every Monday night was the same -- I would stand outside in the freezing cold, slowly shuffling forward until someone in my group uttered the groan-inducing phrase: "I've forgotten my ID." Oh, how times have changed. A bunch of nightclubs including Cameo, Halo, Truth, Yates and Walkabout have started accepting Yoti as an ID and proof of age. The smartphone app is supposed to be fast, secure, and more convenient because you can leave your passport and driving licence at home.
Facebook buys a company that verifies government IDs
Facebook has snapped up a software firm that created tools allowing startups to instantly authenticate driver's licenses and other government IDs. The social network said that Boston-based Confirm's "technology and expertise will support [its] ongoing efforts to keep [its] community safe." According to Reuters, the smaller company's 26-or-so employees are joining Facebook, which makes sense, considering Confirm has already shut down its office and software offerings. However, the acquisition's terms remain unclear, and neither side has revealed how the social network will use the ID verification technology.
Grindr adds more transgender-inclusive features
Grindr is rolling out new features to be more inclusive of transgender members. User profiles now include a new "identity" feature that includes options for listing gender and preferred pronouns. Members can pick from a list of common gender identities such as "trans man", "woman", "cis man", "non-binary, "non-conforming" and "queer", or specify their own identity if it doesn't appear on the list. Pronouns such as "he/him/his", "she/her/hers" and "they/them/theirs" can also be chosen, or specific pronouns written if not listed. Writing throughout the website has also been updated to include gender neutral terms.
Facebook will require political advertisers to disclose their identities
Facebook has had a rough few months since the election. At least 10 million people saw Russian-placed political ads on the platform, which may have helped widen the rift between political sides during the 2016 US presidential election. In reaction, the social network has pledged to hand-review any new ads that target politics and race. Further, Facebook has just announced that it will be rolling out new transparency features for all ads, including political ones, starting next month in Canada. The US will get the new tools by next summer, in time for the US midterm elections next November.
Microsoft and the UN to provide digital IDs for undocumented people
It's difficult to live without identification. In many cases, you're shut out of banking, health care, voting rights and other basics. Microsoft and partners might just give those many undocumented people (1.1 billion of them, in fact) a shot at the identity they need, though. It's working with Accenture and Avanade on a United Nations-backed digital ID effort that would offer legal recognition to those who'd otherwise be lost to recordkeepers. The prototype uses blockchain technology to give people a trustworthy ID that can follow them anywhere, but still respects privacy and security.
Major identity manager breach exposes sensitive user info
Identity and password management services are, in theory, supposed to improve your security by promoting tough-to-guess passwords and otherwise keeping logins under lock and key. However, the concentration of high-value data also makes them a juicy target for hackers -- and OneLogin is finding that out the hard way. The business-centric identity management provider has warned users of a US server breach that compromised sensitive info. While OneLogin initially provided only a handful of details in a blog post, Motherboard learned that an email warned customers their info had been taken. Moreover, the attackers compromised the "ability to decrypt" data -- don't count on your login being safe just because there was encryption involved.
Google Lens resurfaces questions about AI and human identity
Today at the company's annual developer conference, Google CEO Sundar Pichai uttered a phrase that will no doubt be repeated in corporate boardrooms across the world for the foreseeable future: "AI first." It wasn't the first we've heard of the formerly "mobile-first" company's focus on artificial intelligence, but Google I/O 2017 marked the first time we saw many of the tools that will back up that new catchphrase.
New York's smarter face recognition catches more ID thieves
Sometimes, behind-the-scenes tech upgrades can make a big difference. New York's Governor Cuomo reports that an overhaul of the state DMV's face recognition software in January has led to more than 100 arrests and 900 open investigations so far. The trick? The new system checks 128 points on a face instead of 64, dramatically increasing the chances that it'll match a photo against the DMV's database. Combine that with new comparison modes (like black-and-white and overlays) and it's easier to catch identity thieves and fraudsters, such as one man who tried to get a license with a stolen identity in order to evade a suspension.
US prosecutes man who hacked identities to help ISIS
Extremism and terrorism are complex things in the internet era, and US federal prosecutors are learning this first hand. The Justice Department recently charged Kosovo citizen Ardit Ferizi with leading a hacking team that swiped the personal data of US military staffers in order to help Islamic State in Iraq and Syria (ISIS) supporters kill as many as 1,000 Americans. That campaign hasn't panned out, as you might have guessed, but it makes the consequences of a typical data breach look timid by comparison.
Birth then kill a virtual baby for fun, but mostly profit
Babies are cute, cuddly and worth a lot of money if you know how to exploit their existence. While the babies being virtually birthed by Kustodian CEO Chris Rock (no, not that Chris Rock) may not inspire the sort of bond found only between a parent and real child, they can be a financial windfall in the wrong (or right) hands. During a presentation at Def Con, Rock demonstrated how easy it was to get doctor and undertaker credentials from publicly available databases and use those credentials to register birth and death certificates. In fact, you don't even need to create a fake baby to kill; you can kill one of your friends (or enemies) thanks to a system that doesn't verify the identity of medical professionals.
New Kickstarter sandbox Identity promises 'complete freedom and a focus on player interaction'
Who's ready for some new Kickstarter MMOs for 2015? How about an ambitious modern-day sandbox? That'd be Identity, an MMO by indie studio Asylum Entertainment, headed up by Mortal Online vet John "Paratus" VanderZwet. The game promises a dynamic, player-run open world, player-driven economy, player housing, minigames like karaoke and paintball, and what sounds like open PvP complete with "player police force, gangs, cartels, [and] businesses." The title's business model isn't discussed in detail, but it appears to be buy-to-play; VanderZwet says it won't have a sub and won't be pay-to-win: "We hate 'pay to win' games as much as anybody, and will always ensure that items and upgrades purchased with real money will not give a notable advantage in-game." A 10 CAD pledge is the cheapest with game access; pledges run all the way up to 5000 CAD. Asylum is seeking 150,000 CAD. Closed beta has not been announced, but pledge awards are scheduled for "delivery" by December 2016.
Tech industry completes its standards for banishing passwords
Hate typing passwords? You might not have to enter them for much longer. The FIDO Alliance (backed by Google, Microsoft, PayPal and Samsung, among others) has just published the completed versions of its password-free standards for both regular and two-factor authentication. Apps and websites using the technology can now rely on a number of easier and typically more secure ways to sign you in, such as fingerprint readers and USB dongles, without having to worry about the exact device you're using. There are already some hardware and software solutions that play nicely with FIDO, but the existence of firm specs should significantly boost your choices in 2015.
This man will experience someone else's life through a VR headset
You've probably had a moment or two where you wanted to live vicariously through a friend, but artist Mark Farid wants to take that concept to its logical extreme. He's planning an art installation, Seeing-I, where he'll experience another man's life through a virtual reality headset for 28 days straight. This other person won't be connected in real time (everything will be recorded six days in advance), but he'll have to share everything he records through a clandestine camera, no matter how private the situation might be. Mark's only direct contact with humans will be an hour with his psychologist each day, and his schedule is chained to that of his "input;" he'll eat, sleep and take bathroom breaks when this distant subject does. Ideally, the project will answer whether or not you lose some of your own identity by taking on someone else's for a long time.
Verizon's changes to mobile web traffic limit your privacy
Do you work hard to maintain privacy on your smartphone through tools like Do Not Track? If you're on Verizon, your efforts might not be doing much good. Researchers have discovered that the carrier has been modifying some of its cellular web traffic to insert a Unique Identifier Header (UIDH) that helps create profiles for targeted ads. You can opt out of the associated ad program to avoid the sales pitches, but that doesn't turn the headers off -- a less-than-scrupulous website could still build a unique profile of your activity, whether it's for simple advertising purposes or customizing phishing attacks.
Windows 10 has new ways to protect you against internet data breaches
There are plenty of online services that use two-factor authentication to reduce the chances of someone hijacking your account after a data breach, but what about the operating system on your PC or phone? You'll get that safeguard if you use Windows 10, according to a Microsoft security brief. The new OS will optionally treat a device (including something nearby, like your phone) as one authentication factor when signing into a local or internet account, and a PIN code or biometric reader as the second. If hackers find your login data sitting on a server, they won't get to use it unless they also have your gear -- and in some cases, they may need a fake fingerprint as well.
