ENISA and ETSI joint workshop tackles challenges for European identity proofing

Sophia Antipolis, 3 May 2022

Today ENISA (the European Union Agency for Cybersecurity) and ETSI organized a workshop as part of their joint effort and collaboration to support EU requirements for identity proofing. The event was mainly addressed at EU companies and other public or academic organizations that run or prepare to launch their remote ID solution.

What is Remote Identity Proofing?

Remote identity proofing is the process where an online user proves they are the owner of a claimed digital identity. The proofing process is usually carried out over a webcam or a customer’s mobile phone, where the customers show themselves along with their government issued document – an identity card or passport. It is a crucial element in creating trust into digital services.

Attacks techniques and ID proofing technologies under the looking-glass

Participants peeked behind the technological curve discussing deepfakes, adversarial attacks on machine learning models and other forward-looking topics. The experience of remote identity proofing technology users from telco, banking and other sectors was also analysed and discussed. Crucial topics of testing, audit, standardization and regulation were covered, including Certification requirements for AI based Identification services and possible move towards EU harmonization in this area.

Speakers also discussed latest experiences and likely future directions in remote identity proofing, remote identity proofing techniques, attacks and countermeasures, the technology users’ point of view, and thanks to ETSI they also delved into testing, audit and standardization.

The workshop followed the recent publication of ENISA's report on "Remote Identity Proofing - Attacks & Countermeasures" and the recent ETSI Technical Specification TS 119 461 on "Policy and security requirements for identity proofing".Policy and security requirements for identity proofing".