Thales TrUE Technology: responsible biometrics
Thales TrUE Technology
The Thales TrUE Technology approach aims to deliver responsible products and services that build trust for both users and service providers.
TrUE stands for:
• Transparent – Thales undertakes to explain the rules by which its technology is deployed and designed, to the extent possible under the rules governing data confidentiality and protection of sensitive information,
• Understandable – Thales can explain and justify the use of the technology and the results, in such a way that users can understand the data used to arrive at a conclusion,
• Ethical, meaning it follows objective standards protocols, complies with applicable laws, and promotes non-discrimination and equality
This approach permeates the Group’s technologies – also harnessing artificial intelligence (AI) that puts real intelligence back in control - and follows Thales's Digital Ethics Charter and its ten commitments for digital responsibility. Today, the Group considers it very important to establish a set of guidelines on digital trust and responsibility as a way to better combine its innovation priorities with its commitments to build a safer, greener and more inclusive world.
Responsible Biometrics
Thales has been helping to shape the biometrics field for the last 30 years, making it one of its core technologies. It is increasingly used as a secure and convenient way to identify people, replacing passwords (physical characteristics acting as passwords) and ID badges, while meeting the challenge of how to prove each person's identity in an online context.
Biometric technologies use different scientific methods to identify and authenticate individuals through the analysis of their specific physical characteristics. Common biometric attributes include facial recognition, fingerprints, and the iris. Each of these attributes is used appropriately for specific services, e.g. fingerprint for payments or facial / iris authentication at border control.
What are biometrics used for?
Increasingly, companies and government bodies are driving our societies’ digital transformation by offering easily accessible online services. However, to be adopted by end-users, they need to be trusted. Biometrics already fill this requirement by providing both high security and convenience in several applications such as:
• Validating payment – using face or fingerprint recognition to authenticate the owner and validate the transaction.
• Travelling by plane - reducing waiting time at checkpoints in an airport such as check-in, security, boarding, etc. Your face becomes your ID and your ticket.
• Accessing a building – allowing access to offices or sensitive locations.
• Signing up to online services – people can prove who they are in a virtual context via their mobile device.
• Opening new accounts online – for sensitive services that require the validation of a new subscriber’s identity.
• Driver authentication and behavioural monitoring to detect fatigue, thus improving safety.
• Investigating crimes and identifying victims – quick and reliable identification of a person.
• Accessing a logical system or health monitoring – using biometric brain computer interfaces.
Thales TrUE Biometrics
Biometric technology has made great progress over the last few years: it is reliable, meets many security needs and is much safer and more convenient than other authentication methods such as passwords, PINs and tokens. While many of us are more than happy to use it to unlock our mobile phone or pass through an ePassport gate at the airport, Thales commits to apply three criteria to all of its biometric solutions, to ensure they are developed and used responsibly:
Transparent
Thales strives to apply the national and international laws and standards in effect in the countries where the Group operates. We pay a lot of attention to the way our technologies are to be used by third parties prior to any deployment.
For service-oriented use cases, we take into account individuals’ awareness, as they need to know when and how their biometric data is used.
The right level of transparency ensures that people can give their consent to the use of this personal data. They also need to know the purpose of the service; if any personal data is stored, who can consult it and the ways that they can access their data or request its update or deletion.
We also strive for the highest level of interoperability, so that service providers or government bodies can collaborate across entities to provide a seamless user authentication experience, or to integrate new technology or vendors and ensure the service's long-term availability. The Group deploys its technologies with partners, suppliers and customers who share the same transparency rules.
Understandable
For service-oriented use cases, Thales makes sure that the use of biometrics is justifiable for the specific service, and that the benefits for both the end-user and service provider are clear. While this links back to the issue of transparency, it goes beyond that to explain the purpose of the solution.
The technology is ‘understandable’ if users can get access to how it works, so they can trust that their individual freedoms are respected.
All this is done to make sure people understand the use of the personal data, as well as the process for accessing it or how they can ask the service provider to delete it. This creates a framework favourable to the deployment of biometrics solutions and to their acceptability.
Ethical
As a socially responsible company, Thales manages its biometrics services in compliance with the laws in force regarding data privacy regulations and trade compliance regulations. This means that, prior to the issue of any proposal, Thales ensures full compliance with all applicable export control rules and economic sanctions, for the execution of the contract and throughout the life-cycle of the project.
Thales also undertakes to promote non-discrimination and equality.
As a trusted supplier, we look for the best accuracy and equality across ethnicity, age, and gender; also by ensuring our solutions are built on a robust, diverse dataset. That is why we guarantee the highest standards of biometrics by harnessing the latest AI technology and liveness detection, as well as testing them with standards bodies such as the US National Institute of Standards and Technology (NIST).
There are no universal data regulations; however, GDPR in Europe sets a harmonised legal framework across 27 states, requires the explicit consent of users and establishes heavy penalties for offenders. Data privacy is a global concern for Thales, and the Group promotes its GDPR-compliant solutions worldwide, as many other states are implementing similar regulations.
A reliable and responsible partner
For years, Thales has developed highly secure solutions, and biometrics has fully proved its capacity to offer both security and convenience.
Whilst the technology serves a wide range of new needs triggered by our societies' digital transformation, Thales also supports initiatives that raise awareness of the benefits and risks of adopting biometric identification technologies.
By providing transparent, understandable, and ethical biometrics, Thales has positioned itself as a reliable and responsible technology partner.
Affiliations and Memberships
As a testament to our commitment to a TrUE biometric approach, Thales is a proud member of the following industry associations and groups.
The Biometrics Institute, promoting the responsible, ethical and effective use of biometrics technology since 2001.