Most identity and biometric marketing leaders know that their products should detect attacks, including injection attacks. But do the products detect attacks? And do prospects know that the products detect attacks? (iProov prospects know. Or should know.)
I’ve mentioned injection attack detection a couple of times on the Bredemarket blog, noting its difference from presentation attack detection. While the latter affects what is shown to the biometric reader, the former bypasses the biometric reader entirely.
But I haven’t mentioned how vendors can secure independent confirmation of their injection attack defenses.
European Committee for Standardization (CEN)
Here’s part of what ID Tech Wire said a year ago.
“A new European technical standard, CEN/TS 18099:2025, has been published to address the growing concern of biometric data injection attacks. The standard provides a framework for evaluating the effectiveness of identity verification (IDV) vendors in detecting and mitigating these attacks, filling a critical gap left by existing regulations.”
Being a baseball hot dogs apple pie guy, I had never heard of CEN. Now I have.
“CEN, the European Committee for Standardization, is an association that brings together the National Standardization Bodies of 34 European countries.
“CEN provides a platform for the development of European Standards and other technical documents in relation to various kinds of products, materials, services and processes.”
And before you say that them furriner Europeans couldn’t possibly understand the nuances of good ol’ Murican injection attacks, look at all the countries that follow biometric interchange guidance from the American National Standards Institute (ANSI) and the National Institute of Standards and Technology (NIST).
So CEN is good.
But let’s get to THIS standard.
More on CEN/TS 18099:2025
The Biometric Data Injection Attack Detection standard can be found at multiple locations, including the aforementioned ANSI. From the current 2025 version:
“This document provides an overview of:
– Definitions of biometric data injection attacks;
– Use cases for injection attacks with biometric data on essential hardware components of biometric systems used for enrollment and verification;
– Tools for injection attacks on systems using one or more biometric modalities.
This document provides guidance for:
– Injection Attack Instrument Detection System (defined in 3.12);
– adequate risk mitigation for injection attack tools;
– Creation of a test plan for the evaluation of an injection attack detection system (defined in 3.9).”
Like (most) good standards, you have to buy it. Current Murican price is $99.
You can see how this parallels the existing standard for presentation attack detection testing.
Which brings us to iProov…and Ingenium
iProov is a company in the United Kingdom. This post does not address whether the United Kingdom is part of Europe; I assigned that thankless task to Bredebot. But iProov does pay attention to European stands, according to this statement:
“[iProov] announced that its Dynamic Liveness technology is the first and only solution to successfully achieve an Ingenium Level 4 evaluation and the CEN/TS 18099 High technical specification for Injection Attack Detection, following an independent evaluation by the ISO/IEC 17025-accredited, Ingenium Biometric Laboratories. Ingenium Level 4 builds on the requirements outlined in CEN/TS 18099, providing an increased level of assurance with an extended period of active testing and inclusion of complex, highly-weighted attack types.”
Ingenium’s injection attack detection testing is arranged in five levels/tiers. The first two correspond to the “substantial” and “high” evaluation levels in CEN/TS 18099:2025. The final three levels exceed the standard.
Level 4:
“Level 4: A 40-day FTE evaluation that further exceeds the CEN TS 18099:2025 standard. Level 4 maintains a high attack weighting while specifically targeting the IAI detection capabilities of your system. Although not a formal PAD (Presentation Attack Detection) assessment, this level offers valuable insights into your system’s PAD subsystem resilience.”
Because while they are technically different, injection attack detection and presentation attack detection are intertwined.
Does your product detect attacks?
And if you adopt a customer focus, the customer doesn’t really care about the TYPE of attack. The customer ONLY cares about the attack itself, and whether or not the vendor detected and prevented it.
Identity/biometric marketing leaders, does your product offer independent confirmation of its attack detection capabilities? If not, do you publicize your own self-assertion of detection?
Because if you DON’T explicitly address attack detection, your prospects are forced to assume that you can’t detect attacks at all. And your prospects will avoid you as dangerous and gravitate to vendors who DO assert attack detection in some way.
And you will lose money.
Regardless of whether you are in the United States, United Kingdom, or the European continent…losing money is not good.
So don’t lose money. Tell your prospects about your attack detection. Or have Bredemarket help you tell them. Talk to me.
Bredemarket 
2 Comments