I want to be “me too” when this question is asked.
“Revealed,” Google Lyria, Public Domain.
“Always Be Selling”
As I previously noted, I can provide consulting clients with discussions of privacy, algorithmic bias, and both business-to-government (B2G) and business-to-business (B2B) issues.
If I can help your identity/biometric firm in these and other biometric product marketing areas, including content, proposals, and analysis, schedule a meeting with me.
I talk endlessly about presentation attack detection independent testing, but I occasionally discuss injection attack detection independent testing also, who performs the test (as more entities do so), and who has been tested.
The testing entities perform the test according to the European Committee for Standardization (CEN) standard CEN/TS 18099:2025.
“This document provides an overview of:
– Definitions of biometric data injection attacks;
– Use cases for injection attacks with biometric data on essential hardware components of biometric systems used for enrollment and verification;
– Tools for injection attacks on systems using one or more biometric modalities.
This document provides guidance for:
– Injection Attack Instrument Detection System (defined in 3.12);
– adequate risk mitigation for injection attack tools;
– Creation of a test plan for the evaluation of an injection attack detection system (defined in 3.9).”
And Ingenium and BixeLab have developed their own testing methods.
iBeta and Injection Attack Detection Testing
And if you need a third choice of a testing lab, there is one. Via a sponsored post, iBeta joined the party.
“A new testing solution from iBeta Quality Assurance meets a growing need for evaluations of injection attack detection (IAD) products. The lab’s IAD testing launches today, and will be part of what iBeta showcases at Identity Week 2026 in Amsterdam next week. It includes testing up to Level 3, against the European standard CENS/TS 18099: 2025, across multiple platforms. And it presages the planned 2027 publication of the ISO/IEC standard dedicated to injection attack testing. iBeta will release a IAD testing solution for the ISO standard when it is released.”
Changes
The Biometric Update quote about the forthcoming ISO/IEC standard illustrates the challenge in testing when standards change, and new standards are adopted.
Something the Kantara Initiative recently addressed:
“Kantara Initiative announces the formal publication of the Kantara Initiative International Assurance Program: SP 800-63A-4 Service Assessment Criteria (SAC) & Statement of Criteria Applicability (SoCA), aligned to NIST Special Publication 800-63A Revision 4 – Identity Proofing.
“Following completion of the public review process and consideration of community feedback, the assessment criteria have been finalized and are effective immediately.”
NIST Special Publication 800-63A Revision 4 is the successor to Revision 3. Kantara Initiative previously offered assessments against the older standard, and can now assess against the newer one.
This illustrates the ripple effect of standards revisions…and in the case of injection attack detection, upcoming new standards.
“[T]he technology is easy. The business part is the difficult part.”
But Chris Burt of Biometric Update phrased it more succinctly:
“[P]olicy chases modernization”
As Burt notes, examples of policy chasing modernization include:
Digital sovereignty, a topic of discussion with everyone from ID4Africa to an organization called the World Ethical Data Foundation. (As an aside, a Bredemarket client and I were recently discussing the pros and cons of managing digital identities in the cloud vs. peer-to-peer synchronization.)
Cybersecurity and digital identity, a topic of discussion in government (the White House, NIST) and industry (Jordan Burris of Socure).
Other topics, including police facial recognition policy. (Hmm…I recall that both government and vendor biometric policies were the topic of a Biometric Update guest article last year.)
All of you recall Pandora’s Box. I’ve used the story multiple times, including when discussing my creation of Bredebot and its nearly-instantaneous hallucinations. Yes, I do have “policies” regarding this “modernization,” including full disclosure.
I’ve been playing with the idea of intent (what I call “somewhat you why”) as a factor of identity verification and authentication. And although most people aren’t willing to go that far, intent analysis is becoming more important.
Biometric Update’s Chris Burt quoted RealSense Chief Marketing Officer Mike Nielsen on the company’s ID Pro. In this case, intent detection is used in a non-biometric fashion.
“We now have the ability to detect a person — not just a face — on the module. Meaning, we can classify body parts (legs, arms, hands, feet) and estimate pose in real time, without any additional external software. This includes which direction they are walking, how far away they are, and how quickly they are moving. This opens up an enormous opportunity for next-gen applications where you need to know the intent of a person beyond identifying their identity. And you still get the ability to authenticate faces on the same platform.”
This is definitely NOT identity verification or authentication, but is certainly useful.
If accurate. If a system misreads intent, it can be disastrous.
The facial recognition brouhaha in southeastern Wisconsin has taken an interesting turn.
According to Urban Milwaukee, the Milwaukee County Sheriff’s Office is pursuing an agreement with Biometrica for facial recognition services.
The, um, benefit? No cost to the county.
“However, the contract would not need to be approved by the Milwaukee County Board of Supervisors, because there would be no cost to the county associated with the contract. Biometrica offers its services to law enforcement agencies in exchange for millions of mugshots.”
“Milwaukee Police Department has also attempted to contract Biometrica’s services, prompting pushback, at least some of which reflected confusion about how the system works….
“The mooted agreement between Biometrica and MPD would have added 2.5 million images to the database.
“In theory, if MCSO signs a contract with Biometrica, it could perform facial recognition searches at the request of MPD.”
See Bredemarket’s previous posts on the city efforts that are now on hold.
No guarantee that the County will approve what the City didn’t. And considering the bad press from the City’s efforts, including using software BEFORE adopting a policy on its use, it’s going to be an uphill struggle.
Most technology publications, with the notable exception of IPVM, are at least partially funded by the companies they cover. Therefore there’s an unavoidable tension between keeping the advertisers happy and casting a critical eye on the industry.
I accept this tension because it applies to Bredemarket itself. Although my clients are absolutely wonderful, there may emerge a future situation where they may be less than perfect. So naturally I have to watch my tongue.
As does Biometric Update.
Remember when IDloop asserted it offered “the world’s first FBI-certified 3D contactless fingerprint scanner,” and Biometric Update reported the claim with no comment? I said at the time:
“Biometric Update reports news as reported, and I don’t think it’s Biometric Update’s purpose to poke holes in vendor claims.”
But then Biometric Update ran a more recent story.
They said that?
Bear in mind that Biometric Update’s advertisers include vendors who offer identity document validation solutions: either their own, or from a third party.
And Biometric Update’s recent story basically said that these solutions are a toxic dumpster fire.
OK, not in those words. Biometric Update is Canadian owned, and if the publication used the words “toxic dumpster fire” it would never stop apologizing.
Not just ineffective, DISASTROUSLY ineffective. Ouch.
For those not up in their acronyms, the Department of Homeland Security’s (DHS) latest annual round of tests was called the Remote Identity Validation Rally (RIVR).
DHS set performance goals for the submitted entries and publicized the (anonymous) results.
“Four of the seven subsystems tested met the goal for system error rate. Four did not meet the threshold for FRR, and five fell short in FAR. In other words, most systems let too few legitimate IDs through, even more passed too many fraudulent IDs, and six of seven fell short on one or both sides of the assessment.”
Google Gemini.
Biometric Update didn’t reveal the…um…identity of the one vendor that performed acceptably. But that vendor may self-reveal soon enough.
On anonymity
Why do testing entities sometimes allow participants to remain anonymous?
Because they want participants.
Some biometric tests are NOT designed to identify the best algorithms, but are instead designed to view the state of the industry. And that’s what this test performed with document validation.
Presumably a future test—POND, or Performance Of Notable Documents—will measure the future state-of-the-art of identity document validation.
But I could have chosen another title: “Fact: lack of deadlines sinks behavior.” That’s a mixture of two quotes from Tracy “Trace” Wilkins and Chris Burt, as we will see.
Whether Vanilla Ice and Gordon Lightfoot would agree with the sentiment is not known.
That guest post touched on Milwaukee, Wisconsin, but had nothing to do with ICE.
Vanilla Ice.
One of the “responsible uses” questions was one that Biometric Update had raised in the previous month: whether it was proper for the Milwaukee Police Department (MPD) to share information with facial recognition vendor Biometrica.
Milwaukee needed a policy
But the conversation subsequently redirected to another topic, as I noted in August. Before Milwaukee’s “Common Council” could approve any use of facial recognition, with or without Biometrica data sharing, MPD needed to develop a facial recognition policy.
According to a quote from MPD, it agreed.
“Should MPD move forward with acquiring FRT, a policy will be drafted based upon best practices and public input.”
It was clear that the policy would come first, facial recognition use afterward.
“Commissioner Krissie Fung pressed MPD inspector Paul Lao on the department’s past use of facial recognition.
““Just to clarify,” asked Fung, “Is the practice still continuing?”
““As needed right now, we are still using [FRT],” Lao responded.”
It was after 10:00 pm Central time, but the commissioner pressed the issue.
Fung asked Lao if the department was currently still using FRT without an SOP in place.
“As we said that’s correct and we’re trying to work on getting an SOP,” Lao said.
That brought the wolves out, because SOP or no SOP, there are people who hate facial recognition, especially because of other things going on in the city that have nothing to do with MPD. Add the “facial recognition is racist” claims, and MPD was (in Burt’s words) sunk.
Yes, a follow-up meeting will be held, but Burt notes (via WISN) that MPD has imposed its own moratorium on facial recognition technology use.
“Despite our belief that this is useful technology to assist in generating leads for apprehending violent criminals, we recognize that the public trust is far more valuable.”
Milwaukee should have asked, then acted
From Bredemarket’s self-interested perspective this is a content problem.
Back in August 2025, Milwaukee knew that it needed a facial recognition policy.
Several months later, in February 2026, it didn’t have one, and didn’t have a timeframe regarding when a policy would be ready for review.
Now I appreciate that a facial recognition policy is not a short writing job. I’ve worked on policies, and you can’t complete one in a couple of days.
But couldn’t you at least come up with a DRAFT in six months?
I’m jumping ahead in the year-end post ridiculousness to cite Bredemarket’s two most notable accomplishments this year. Not to detract from my other accomplishments this year, but these two were biggies.
The second was my go-to-market effort for a Bredemarket client in September, which I discussed (without mentioning my participation) here. And there’s a video for that effort also.
Recent go-to-market.
I’ve accomplished many other things this year: client analyses, blog posts (both individually and in series), consultations, presentations, press releases, proposals, requirements documents, sales playbooks, and many more.
And I still have three more weeks to accomplish things.
Perhaps I’m industry-embedded, but this seems fine to me. Consent appears to be honored everywhere.
“Under the deal, agencies that use Flock’s Nova or FlockOS investigative platforms will soon be able to post Community Requests through Ring’s Neighbors app, asking nearby residents to share doorbell footage relevant to an investigation.
“Each request includes a case ID, time window, and map of the affected area. Ring says participation is voluntary and that residents can choose whether to respond, and agencies cannot see who declines. Users can also disable the feature entirely in their account settings.”
On the other hand, Senator Ron Wyden doesn’t trust Flock at all and says that “abuse of Flock cameras is inevitable.”
Heck, abuse of citizens by the U.S. Senate is inevitable, but citizens aren’t demanding that the Senate cease operations.
Bredemarket 