Simula UiB to develop privacy-secured biometric ID proofs
Published:
The Research Council of Norway has granted funding for a new innovation project titled User-Controlled Shareable Biometrics. The project is led by Mobai, with Simula UiB leading the research on applied cryptography. It will run for 3 years.
The project is funded through the Innovation Project for the Industrial Sector scheme.
The goal of the project is to develop a fully privacy-secure method for sharing and reusing biometric identity proofs from national ID documents. Biometrics are the automated recognition of individuals by unique physical characteristics, such as fingerprints, iris scans and facial features.
Today, biometric identity data stored in national ID cards and passports is used for many digital services, like electronic IDs and online banking. When people use smartphone apps to access this data, it can be exposed in unencrypted form. Leaving users dependent on the app providers to handle it securely. The current systems are built for physical trust, rather than digital.
This project aims to change that by developing technology that allows biometric data to be stored and used and shared securely, even in the cloud, without ever exposing personal information. The result will be a way to verify a person’s identity digitally while protecting their privacy and giving them control over how their data is used.
The research will build on Mobai’s technology for facial authentication and be based on fully homomorphic encryption (FHE) and multiparty computations (MPC). FHE enables data processing without decryption, meaning a system in the cloud can do meaningful computations on personal data, but without ever being able to see or expose it. MPC allows different parties to jointly compute on their collective data, but without sharing their individual data inputs with each other.
Håvard Raddum at Simula UiB will lead the research on applied cryptography, ensuring the system’s security and verifiability.
In addition to Partisia and KU Leuven’s Centre for IT and LP Law (CiTiP), the project also involves several use case partners. Including the Norwegian Directorate of Immigration (UDI), Buypass, and the Nordic-Baltic eID project (NOBID), which will contribute with real-world scenarios and evaluate the demonstrators.
By enabling secure and user-controlled sharing of biometric identity proofs, the project aims to strengthen trust in digital identity systems, support regulatory compliance, and contribute to the UN Sustainable Development Goal 16.9 — providing legal identities for all by 2030.