The objective of this document is to verify if the EN 17640 evaluation methodology can be used for performing an Ethereum Nodes evaluation under the French C.S.P.N certification scheme.
This initiative has been initiated within the Crypto Asset Working Group of the French CAMPUS CYBER. CLR Labs is the editor of this evaluation Security Target and the Crypto Asset Working Group members have already provided their comments on this version of the document.
This document is put under public consultation in order to get some extra feedback from the Web 3.0 and Cybersecurity ecosystems.
You can provide your comment using the commenting table associated to this document and send them to: info@cabinet-louis-reynaud.fr
Interested in getting a copy of our Biometrics Attack Catalog :
please send us a request @
info@clrlabs.eu
The digitization of services has been booming and affects all areas, even the most sensitive such as e-government services, financial services, health services. This trend knows a huge acceleration since the COVID 19 pandemic, making remote electronic interactions a by default scenario in the daily life of billions of citizens.
Recent regulations, such as the European eIDAS and AML5 regulations, have therefore established security frameworks for these sensitive remote services, notably with the need for establishing trusted digital identities of the users. These digital identities are provided only if there are generated by solutions commonly called “remote identity proofing”. These solutions, based on mobile application or web application, confirm the digital identity of their users by two proof factors: the user’s official identity document and face recognition between the user’s face and the one present on their official identity document. In summary, biometrics technology bridges the physical and digital worlds.
Biometrics being already vulnerable by default, its remote use opens a new vulnerability to fraudsters, too often confused with the famous deepfakes: biometric data injection attacks.
This white paper on biometric data injection attacks written by the independent European laboratory CLR Labs, providing evaluation and certification services for biometric, digital identity products/services, presents what are injection attacks and why this threat must be quickly taken seriously by the ecosystem.
CLR Labs, a European laboratory dedicated to the evaluation of biometric and security technologies, and LSTI, a conformity assessment body (CAB) specializing in cybersecurity and data protection, are pleased to officially launch
their ISO/IEC 30107 conformity assessment scheme, which enables them to evaluate any product or service using biometric technologies.
IDnow, one of the leading European identity proofing platform providers, obtains the first LSTI ISO/IEC 30107 certificate for its VideoIdent solution.