4 minute read
HID AND IPASSPORT TO BRING NEW IDENTITY VERIFICATION SOLUTION TO THE TRANSPORTATION SECTOR
AI-POWERED PASSENGER IDENTITY VERIFICATION TECHNOLOGY ENHANCES TRAVEL EXPERIENCE, OPTIMIZES AIRPORT EFFICIENCIES
HID, a worldwide leader in trusted identity and physical security solutions, and iPassport, a provider of solutions that enable organizations to implement digital identity technologies, recently signed a memorandum of understanding to collaborate on a new identity verification solution for the transportation industry. This solution will make its debut at the Passenger Terminal EXPO 2023, March 14-16 at HID Booth #1244.
Advertisement
Navigating through the airport requires a sequence of touchpoints and processes— from check-in to baggage drop, security checkpoint, all the way to retail/duty-free shopping, lounge access and boarding.
And with millions of travelers experiencing delays, cancellations, baggage mix-ups and the continued strain on airport staff, the passenger journey has become more complex than ever.
Airlines need reliable and swift identity verification to provide passengers with a secure, seamless journey that’s long overdue.
“Today, moving through an airport securely requires an ongoing and seamless identity verification system that not only enhances the passenger experience, but also optimizes efficiencies for everyone.
HID is excited to collaborate with iPassport to bring this new solution to market,” says Vito Fabbrizio, Managing Director of Biometrics, Extended Access Technologies at HID.
With HID’s modular approach, airlines and airport operators are now able to add identity verification capabilities quickly and easily to existing systems without having to “rip-and-replace" or perform expensive migrations to a new platform altogether.
This modular solution includes the following components:
• Facial Recognition Camera Hardware
• Fingerprint, ID Document & Ticket Readers
• Software Development Kits (SDKs)
• ID Proofing & Biometric Server
• Device Management
• Biometric Professional Services
With HID-patented multispectral imaging (MSI) technology and ethically trained artificial intelligence (AI) built within the HID® U.ARE.U® Camera Identification System, significant performance and matching accuracy are achieved.
Use of facial recognition technology throughout the airport will depend on the passeger’s prior consent during booking or check-in. Additionally, the biometric information is only stored and used during the time the passenger is in transit within the airport to help address compliance with applicable with data privacy laws.
Beyond airlines and airports, other segments of the travel industry, such as cruise ships and hospitality, can also benefit from:
• Ethically trained and built AI to eliminate matching bias
• Industry-leading presentation attack detection (PAD) to thwart spoof attempts
• Superior performance amid challenging lighting
• Automatic face detection, capture and image quality checks—even when wearing masks
• On-device biometric processing with endpoint security for maximum protection
SOPHOS INVESTIGATES TWO ACTIVE CYBERFRAUD OPERATIONS, INDICATING SCAMMERS ARE EXPANDING THEIR CRYPTO-ROMANCE CONS
Scammers Use a Fake Gold Trading Marketplace in One Operation and Have Already Scammed $500,000 in Cryptocurrency in Another
Scammers are Moving Beyond Dating Apps and Increasingly Targeting Global Twitter and Text Users
Sophos, a global leader in innovating and delivering cybersecurity as a service, today released details of two expansive, still operational, pig butchering or sha zhu pan rings (elaborate and lengthy financial fraud scams that can cost victims thousands of dollars) that scammers are operating from Asia.
One of the rings, based in Hong Kong, involves a fake gold trading marketplace, while the other, based in Cambodia and with ties to Chinese organized crime, netted the scammers $500,000 in cryptocurrency in just one month. In both schemes, the scammers targeted Sophos’ principal threat researcher, Sean Gallagher, directly via Twitter and text message, respectively, rather than dating apps, the traditional method used to find and target victims.
Part one of a two-part series, “Fool’s Gold: Dissecting a Fake Gold Market Pig Butchering Scam,” released today, focuses on the inner workings of the ring based out of Hong Kong, which demonstrates how these scammers are upping their technical sophistication to lure in and con targets.
“For two years, we’ve been following and reporting on a subset of these pig butchering schemes called CryptoRom. This is a particular flavor of pig butchering that relies on romance-based lures with scammers approaching potential victims on dating apps and then asking them to invest in fraudulent crypto trading apps. But CryptoRom is really just the tip of the iceberg.
Since the start of the pandemic, this type of cyberfraud has massively expanded. These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog,” said Sean Gallagher, principal threat researcher, Sophos.
In the first scam Gallagher investigated, he spent three months interacting with one of the scammers after they approached him directly on Twitter. The scammer posed as a 40-year-old woman from Hong Kong who quickly attempted to move the conversation to WhatsApp.
From there, the scammer tried to convince Gallagher to invest in a fake gold trading marketplace, touting her connections with her “Uncle Martin”—supposedly a former Goldman Sachs analyst.
She then directed him to a site that copied the branding of a legitimate Japanese banking company called Mebuki Financial, where the foreign exchange and commodity trading services were to be conducted.
While the social engineering of this scam was less polished than other cases Sophos has investigated, it showed a marked increase in technical sophistication for these types of groups. The scammers used an elaborate combination of highly effective SEO, polished scam pages to “register” new clients on their fake Mebuki website, and a pirated version of a legitimate trading app (MetaTrader 4) with additional malicious code to steal money from their victims. They are also actively updating their operation’s scam infrastructure to avoid being shut down.
"Both scam rings are still operational and will be difficult to shut down. While we marked the domains and IP addresses being used by the attackers in the Hong Kong ring as malicious, their scam operations have already shifted to new domains. They already have a new download infrastructure in place for their pirated version of the MetaTrader app, so, at this point, we’re essentially playing ‘whack-a-mole'.
Unfortunately, that’s the reality as these operations become broader in scope, targeting more regions and across different platforms. The move from crypto to gold also shows how easily these groups can find a new niche to exploit. That means the best defense is public awareness of these types of scams.
People should be wary of any SMS, dating app, or social media direct message from a stranger who strikes up a conversation and then suggests moving it to WhatsApp or Telegram—especially if they make claims about wealth obtained from crypto or other trading,” said Gallagher.
