Face the challenge: Singapore’s solution to digital ID verification

By on 19/11/2020

Facial verification technology is quietly gaining ground for digital identity management and authentication. Device-based face verification, such Apple FaceID or Google Face Unlock, are being used by millions of consumers worldwide.

Governments and businesses, meanwhile, have realised that online face verification offers a double whammy of advantages: high levels of security, allowing even the most sensitive transactions to be completed online; and simplicity, enabling anyone from 16 to 106 to log on easily and access a range of digital services. The NHS, the Department of Homeland Security, the UK Home Office are all using face verification for verifying the identity of citizens online.

The patented system developed by UK biometric tech leaders, iProov, has been adopted as a secure pathway into the wider digital ecosystem of Singapore’s National Digital Identity (NDI) scheme. Revolutionary in itself, the SingPass NDI scheme allows Singaporean residents to seamlessly access a suite of government services, and apps run by third parties – including banks, colleges, professional bodies and insurance companies – that are leveraging the NDI infrastructure.

Singapore’s Government Technology Agency (GovTech) decided to introduce face verification to further increase citizen access to digital services. Working with iProov and systems integrator Toppan Equaria, GovTech has enabled over 2.1 million enrolled SingPass users to choose a face scan as an alternative method of two-step authentication when logging in to services online.

Meanwhile, third party enterprises in Singapore, such as banks, can take advantage of GovTech’s “biometrics as a service” platform to offer secure, password-free access to customers. This is based on a digital architecture where no customer biometric data actually crosses a privacy firewall to the services provider.

Quek Sin Kwok

In a Global Government Forum webinar, representatives of the three organisations discussed how the initiative has broken new ground. Quek Sin Kwok, senior director of National Digital Identity at GovTech, says that iProov’s solution is part of the NDI initiative’s wider principle of “citizen centricity”, ensuring easier interactions with multiple government agencies, and laying the foundations for future expansion beyond Singapore’s borders.

“Services are not siloed. Citizens require services that are offered by different parties,” he argued. “Citizen centricity means you can bundle all the services together, and we believe that a universally accepted digital identity is the key to reach such fragmented systems, allowing the data to be more integrated and to flow across the boundaries of systems, organisations and even countries.”

Andrew Bud CBE

iProov chief executive Andrew Bud stressed the accuracy and security of the system, which has a false positive acceptance rate of less than 1 in 10,000. GovTech’s rigorous attempts to “break the system” as part of its technology selection process demonstrated that iProov’s unique and patented methodology is possibly the most hack-proof available today.

But he also highlighted the system’s role as a digital access leveller. “Our fundamental mission was to create a method of authentication that was simultaneously extremely secure but also incredibly usable – inclusivity is becoming important in most authentication applications. Face is ideal; it is one of the most passive methods [for users], and it is extremely device agnostic, as any device or tablet or laptop has a front facing camera and can be used.”

For Dr Foong Wai Keong, managing director at Toppan Ecquaria, noted that the initiative marked the first use of facial verification on a government cloud. To enable this, the Ecquaria Integration Centre (EIC) created a secure integration channel, mediating data requests between applications calling the SingPass Facial Verification service, iProov, and the SingPass app. “It determines configurable rules to determine whether the request should be accepted and is legitimate. This actively prevents misbehaving applications from sending invalid requests or malicious attempts to exploit through the EIC API gateway to target the end point.”

Dr Foong Wai Keong

And while the trio were careful not to describe the initiative as a “template” for roll outs elsewhere – given the unique cultural and social context of each market and use case – there was certainly a sense that facial verification had passed both security and user acceptance tests in Singapore, and had the potential of being part of one’s everyday life.

To anyone designing a secure digital identity system, facial verification is just one option in a menu of biometric modalities: iris, fingerprint and palm scanning are, as the saying goes, also available. But it offers the advantage that the only “reader” device required is a generic front-facing camera, while most, although not all, national governments already hold citizens’ photos.

“It uses the one biometric that is available in pretty much all government documents worldwide: whether in ICAO 9303 [the specification for machine readable travel documents], passports or ID cards. It is the one way of tying a physical human being to a trusted ID,” Bud noted.

But it only takes a passing familiarity with Hollywood thrillers to realise that an insecure facial verification system might, in theory, be cracked by an imposter with a sophisticated mask. Meanwhile, a replay attack, where a recorded video of a previous authentication is injected into the device, or a deepfake video created from scratch – could “spoof” the system into accepting a false positive.

As Bud explained, the straightforward aspect of iProov is facial matching: abstracting data points from an individual’s face scan, creating a template and comparing it with an enrolment scan or a passport photo, to calculate an overall “confidence score”. What’s harder is demonstrating that the individual claiming the digital identity is genuinely present at the time of the scan.

With iProov’s patented technology, the screen on the mobile device, computer or at a walk-in kiosk illuminates the user’s face with a cryptographic sequence of colours for a few seconds. Monitoring the pattern of lights on the user’s face confirms that a user is the right person, a real person, and authenticating at that moment.

The webinar offered reassuring detail on just how hard GovTech had tried to “beat the system”. As GovTech’s Kwok explained: “We spent months in the selection process. We set up a lab to test 10 or 15 solutions from different parts of the world.”

As well as “genuine presence”, GovTech tested the systems for matching accuracy and lack of bias across Singapore’s different ethnicities and age groups, usability across different population groups. “The verification can be done in unsupervised remote environments through the users’ own device, so we spent a lot of time testing the solution and trying to spoof the current solution – we didn’t manage to break it, unlike some other solutions,” he reported.    

Bud explained that the genuine threat of criminal or state-sponsored identity theft meant that iProov is committed to watertight security now and in the future. “A security technology like iProov Genuine Presence Assurance is not a static piece of technology. We are in a continual arms race with opponents. So we have to keep moving and we have the advantage of informational asymmetry, in that we learn more from every attack they mount than they learn from us. We have to use that information to ceaselessly enhance our systems.”

In addition, many observers would ask how iProov and GovTech can ensure that private biometric identity data gathered for what Kwok calls “citizen centric” purposes would not later be repurposed, or even leave the SingPass NDI system and flow into a less benign environment.

But as Bud emphasises, data privacy was a key building block in the GovTech system, and in projects with other operating authorities, such as the UK Home Office or the US Department of Homeland Security. “Privacy is the foundation of public trust, and without public trust no such solution can possibly work. All of our solutions worldwide are protected by a privacy firewall,” he says.

The firewalls form an impermeable barrier separating two aspects of an individual’s personal data. On the one side are iProov’s scan and the processed biometric data; on the other – in this case in the SingPass domain – is the user’s full digital identity. “The privacy firewall ensures that SingPass has the identity of the user, their attributes and all their activity, but never sees them in action, while iProov processes the biometrics but never gets any personal information,” Bud explained.

Meanwhile, third party enterprises onboarded into the “biometrics as a service” do not collect, store or process biometric data, or need the system architecture and data compliance protocols this would require. Instead, they receive only a facial matching “confidence score” from SingPass. In Kwok’s words: “There are certain criteria which private sector agencies that want to use our service have to comply with but rather than making it more process compliant, we designed a system such that there is data minimalisation and very little they can do in terms of abusing the system.”

As Kwok explained, GovTech is now “selling” biometrics as a service to other service providers in Singapore, promoting the benefits of removing delay and friction from countless digital interactions. But it is now turning its attention to integrating SingPass with other national systems. “The next step for us is to look for opportunities in which the NDI can interoperate with the rest of the world, and enable cross border use cases. We have started talks with some countries, although obviously it is not going to be easy to navigate the different technologies, policies and standards.”

Bud forecasts a rapid expansion of use cases and opportunities, requiring constant refreshes of its systems. “In digital identity terms, iProov is structurally agnostic. So whether we’re working with centralised identity schemes, or federated schemes such as EIDAS [regulated] schemes, or self-sovereign schemes, digital identity is moving very fast and it’s important that our storage architectures and our APIs keep up with the rapid evolution in digital identity.”

As for sharing the learnings with other national schemes, Kwok highlighted GovTech’s adoption of “agile” implementation, and the initial principles it adopted. “The approach we have taken right from the beginning is on focusing on enabling citizens and business use cases, and to make digital identity useful, secure and easy to use. We are continuing to learn, but we are pretty happy with how things are going. With our partners Toppan Ecquaria and iProov, we set our sights on a common vision, and focused on doing the right thing, for common objectives.”

View the full webinar on-demand by completing the form below.

About Partner Content

This content is brought to you by a Global Government Forum, Knowledge Partner.

Leave a Reply

Your email address will not be published. Required fields are marked *