Microsoft has added facial matching to its Entra Verified ID service, which lets organizations create and issue verifiable credentials to validate claims such as employment, education, certifications, and residence.
The new Face Check feature is available as a free public preview release, with a yet-unpriced commercial release slated for later this year.
Microsoft Authenticator's Verified ID feature generates a confidence score and sends only that to the party who requested a Face Check.
Early preview customers are using Face Check with Verified ID to reduce the risks of account takeover and impersonation for employees, vendors, and business guests.
Help desk and cybersecurity operations provider BEMO, an early Face Check tester, uses the feature to verify the identity of an employee issuing a request, according to Microsoft.
Originally described by Patel as a standards-based decentralized identity system, Verified ID is intended to address the limitations of Azure AD services by enabling the use of credentials beyond the organization.
Gartner forecasts that integration with identity verification and access management platforms will become standard by 2027 for onboarding, credentialing, and recovery.
Further, IDV could reduce account takeover attacks by 75%, according to Gartner.
Facial Recognition Raises Privacy Concerns While Microsoft promises a more user-friendly and secure approach to digital identity verification with Face Check and Verified ID, critics of facial recognition have long decried the potential for misusing the technology.
For one, the company emphasized that neither Microsoft Authenticator, Verified ID, nor the Azure AI services store or retain any of the data or images.
He adds that statistically, there was a one in a billion chance that a match could be an impersonation attack within a 5-minute time window.
Gartner's Teixeira predicts that preventing risks of attacks overshadows privacy issues.
The addition of Face Check to Verified ID aims to boost confidence in the credentials users present.
Patel says that Microsoft will soon reveal plans to extend its Face API pattern to verify a broader array of identity attributes, such as verified work history and legal entity verification, through partnerships with Dun & Bradstreet and LexisNexis.
Lots of Interest in Facial Recognition Despite calls for regulation, facial recognition is one of the more popular forms of authentication.
When the Biometrics Institute asked which form of biometrics organizations are likely to implement, its 2023 Industry Survey found that 45% of those surveyed plan to increase their use of facial recognition.
Kuppinger says mass adoption won't happen in the short term.
This Cyber News was published on www.darkreading.com. Publication date: Wed, 07 Feb 2024 01:10:09 +0000