This post is also available in: עברית (Hebrew)
Biometric check-ins are common in airports worldwide, and now railways are adopting them, which is fuelling ongoing debates on whether the convenience of ticketless travel outweighs the potential cybersecurity risks.
Eurostar is a high-speed international rail service that is launching a contactless facial biometric check-in system called SmartCheck, which was developed by biometric solutions provider iProov.
According to Cybernews, passengers using the SmartCheck system get their tickets, passport, and face checked before they travel using their mobile device. The company believes this system will help save time and avoid queues and increase efficiency overall.
Dominic Forrest, iProov’s Chief Technology Officer, explained the system’s function to Cybernews: “Eurostar’s SmartCheck solution leverages iProov’s Genuine Presence Assurance technology to employ a multi-dimensional biometric face scan in the remote onboarding process that illuminates a passenger’s face with an unpredictable one-time biometric sequence of colors to verify that a remote user is a right person, a real person and that they are authenticating in real-time. That facial verification is then authenticated when the passenger arrives at the station during a brief additional scan,”.
In response to the raised privacy concerns, iProov explained that the personal data will not be shared with third parties, will be encrypted during the operation and deleted within 48 hours of the trip to ensure privacy and compliance with GDPR.
Matthew Corwin from Guidepost Solutions explains the dangers of using biometric systems, which can result in breaches, unconsented tracking or even impersonation. He adds that facial biometric recognition systems typically convert visual facial images into a numerical format, known as a “faceprint,” for storage and future image matching and verification. Malicious actors can then use these credentials to trick biometric computer verification programs.
“Unlike other non-biometric access credentials such as passwords, faces or corresponding faceprints can’t be readily altered if compromised,” said Corwin.
“The risk of identity theft escalates when biometric data is collected alongside other personal identifiers, like full name, date and place of birth, passport number, expiry date, gender, and country of birth – information typically contained in passports and used by biometric border crossing systems.”
This information was provided by Cybernews.