SIA Releases Offers Recommendation For Use Of Biometrics In E-Verify Program

The Security Industry Association recently released recommendations for use of biometrics with the federal government’s E-Verify employment verification program.

Security Industry Association members believe implementation of a biometric component to the E-Verify program should reflect the following principles to protect individual privacy and prevent identity theft:

1. Use biometrics to bind an individual to a credential associated with an identity based on presented biometric data and identity documents, which will be associated with a vetted Social Security Number. This will authenticate E-Verify transactions and create trusted audit trails respecting access to privacy data.

  • Provides high assurance that the individual subsequently authenticating is the same person who enrolled.
  • Provides non-repudiation of E-Verify transaction records, including who accessed specific data by date and time.

2. Use biometric authentication of the applicant, post-enrollment, with each subsequent verification of application for employment.

  • Ensures job applicant is associated with only one Social Security number.
  • Confirms individual presenting a Social Security number for employment or identification is the same person who originally enrolled with the Social Security number.
  • Alerts if the live biometrics submitted don’t match the templates stored on the smart card carrier. This can trigger additional adjudication procedures to investigate why two different individuals are associated with a single Social Security number or other I9 identity documents.
  • Deters identity theft for citizens while providing legal aliens with a means to validate their work status.

3. Avoid unnecessary distribution of biometric data by encoding biometric data to a smart card for possession by the person associated with the data. A terminal that performs a 1-to-1 match of a person’s live sample to the smart card data will be used for real-time authentication.

  • Allows the applicant to authorize how the biometric data is used.
  • Prevents unauthorized access to an applicant’s biometric data.
  • Provides a mechanism for the person to possess their biometric data and limit alternative instances to the enrollment database.
  • Protects citizen against identity theft.

4. Allow solutions including a 1-to-1 match with the smart card as a ‘personal vault,’ where an encrypted fingerprint or template is securely stored.

  • Locks sensitive data stored on the card (example: Social Security number) against access so it is not retrievable except after successful match to the card-holder.
  • Removes the need for biometric data ever to be extracted from the card, thereby allowing the smart card to lock it away from any fraudulent retrieval or copy. This will also ensure that the biometric data cannot be used for forensic investigation purposes.

5. E-Verify-sanctioned functions must include controlled distribution of biometric terminals to enable reporting of lost or stolen cards at easily accessible locations (such as the local U.S. Post Office).

  • Provides a value-add function to the card making it more useful and attractive to card holders.
  • Delivers assurances that the E-Verify data is not used for criminal investigation purposes.

6. Biometric data collected at initial enrollment must be stored in an encrypted database. Strong consideration should be given to establishing separate databases that secure the biometric from other personally identifiable information.

7. Utilize the experience and application expertise of industry and, in particular, the Security Industry Association to guide the implementation of biometrics in E-Verify applications.

Featured

  • Until We Meet Again

    A short three years ago we were all pondering whether to attend any tradeshows all thanks to COVID-19. Sorry to bring that nightmare up again, but it seems that little pandemic is in the rear-view mirror, and it’s time to meet again. Read Now

    • ISC West
  • Cyber Hygiene: What it Looks Like for IoT Devices

    Cyber Hygiene: What it Looks Like for IoT Devices

    For our second pillar about the Industrial Internet of Things (IIoT) Pillars of Security, we are going to discuss what cyber hygiene looks like for IoT devices. Read Now

  • ISC West Announces 2023 Keynote Series Speaker Lineup

    The International Security Conference (ISC), in collaboration with premier sponsor Security Industry Association (SIA), announced five of this year’s ISC West Keynote Series speakers. ISC West will kick off its annual conference on March 28 (SIA Education@ISC: March 28-30 | Exhibit Hall: March 29-31) at the Venetian Expo in Las Vegas, Nevada. Read Now

    • ISC West
  • Accelerating Security Modernization

    In recent years, the term “digital transformation” has been one of the most frequently used buzzwords across industries. On its most basic level, it refers to the reimagining of how an organization leverages its technology systems to improve business processes. Read Now

Featured Cybersecurity

New Products

  • ComNet NW1 Gen 4

    ComNet NW1 Gen 4

    ComNet, Communication Networks, is announcing the introduction of its Generation 4 line of NetWave® wireless products that offer greater performance and increased stability in applications where throughput and increased bandwidth is increasingly important. 3

  • Videoloft Cloud Video Surveillance VSaaS Solution

    Videoloft Cloud Video Surveillance VSaaS Solution

    Videoloft focuses on transforming traditional professional surveillance systems into cloud connected solutions via the Videoloft Cloud Adapter. 3

  • Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls ‘SER” Surface Boxes and Extension Rings

    Camden Door Controls has introduced new ‘SER” surface boxes and extension rings that provide a complete solution for new construction. In addition, they provide a simple and robust solution when replacing round wired and manual push plate switches with either Camden’s wired or wireless SureWave™ no-touch switches or Kinetic™ no-battery wireless switches. 3