Cases of fraud caused by identity theft continue to grow worldwide. In the US alone, detected cases of identity theft increased by 148% between April 2024 and March 2025, according to the “2025 Trends in Identity Report” published by the Identity Theft Resource Center (ITRC). This study also reveals that in 53% of cases involving identity theft, control was taken directly over existing accounts, both bank and social media, while in 36% of attacks, the stolen information was used to create new accounts, for example, by issuing new credit cards linked to the victims.
In a context where technological advancement has become both an opportunity for growth and a threat, AI has become one of the tools of choice for criminals to carry out their attacks, biometrics has become a new security standard that helps both users and entities prevent the theft of identities and personal information of all kinds, email addresses, passwords, even Social Security numbers.
Biometrics as a shield to reduce the impact of cyberattacks
Biometrics has proven to be one of the main allies in protecting against fraud, offering an additional layer of security against personal information theft. By being able to unequivocally validate that the user attempting to access a particular service is who they say they are and not, for example, a digital twin created by artificial intelligence, the chances of unauthorized intrusion are reduced exponentially. By including fingerprint detection in verification systems, this risk is reduced to virtually zero.
But for these identity verification systems to be truly effective and secure, they must meet a series of minimum security requirements. There is no point in having a biometric validation system if it is not particularly accurate, if it is not capable of detecting identity theft caused by, for example, artificial intelligence, or if the biometric data used to verify the user’s identity is stored on insecure servers or in the cloud.
NIST certification as a validation tool for biometric solutions
Although fingerprint identity verification is essential for reducing fraud, the truth is that this system must comply with certain industry standards in order to be truly reliable and effective. In the US, the National Institute of Standards and Technology (NIST) is responsible for establishing the necessary standards to verify the reliability of biometric solutions, and periodically conducts specific tests to ensure their quality and reliability, based on the patented fingerprint template (PFTIII). This test has been in place since October 2019 and is considered the most important benchmark for evaluating the performance and accuracy of fingerprint templates used for 1:1 matching (i.e., to confirm that the user is who they say they are).
Identy.io received its first validation from this entity in April. Although the tests carried out are specifically designed to evaluate fingerprint comparison engines using images captured on physical (tactile) scanners, Identy.io’s technology demonstrated its accuracy in both tactile and non-tactile environments, offering greater versatility.
In these initial tests, the NIST PFT III evaluation revealed Identy.io’s leadership in its sector by enabling the user identity verification process on their own mobile phone, using only its camera and flash, without the need for physical scanners, which is especially important in places or situations where using these expensive devices is unfeasible or of little use.
In a new edition of the tests carried out by NIST, Identy.io’s solutions have improved significantly in all the indicators evaluated, once again demonstrating the company’s leadership in US biometrics. As the PFT III tests only take into account fingerprints captured by scanners, the NIST results confirm that the hybrid design of Identy.io’s solutions, that is, using both physical scanners and users’ mobile phones to capture their biometric credentials, positions the company as a global leader in interoperability, something that is increasingly important as private and government institutions continue to modernize their systems.
How NIST testing works, the benchmark for biometric quality in the US
To evaluate the accuracy of the tests that have confirmed Identy.io as one of the most reliable biometric providers in the US, PFT III tests are used, which mainly take into account fingerprint comparison algorithms. These tests evaluate the software used to determine whether fingerprints belong to the same person, i.e., they perform a 1:1 verification. To do this, they follow a standardized methodology to ensure that the results obtained remain objective and comparable.
In order to measure accuracy, NIST uses government database sets, to which companies such as Identy.io do not have access, so that the rigor of the tests can be guaranteed. Similarly, the algorithms cannot have been trained in advance.
With this second consecutive recognition, NIST certifies that Identy.io offers a complete biometric solution, combining both secure mobile capture with its functionality using fingerprints captured by a scanner. The company’s matcher works not only in 1:1 tests, but also in 1:N tests, that is, it can determine who the user is by comparing their biometric features within a database, and is fully usable on mobile devices, allowing for integration into digital identification applications in offline environments, on the device itself, or in the field.
References
- National Institute of Standards and Technology (NIST) – NIST Biometric Evaluations
- Identity Theft Resource Center – Identity Theft Resource Center (2025). 2025 Trends in Identity Report.
- Federal Bureau of Investigation – FBI Criminal Justice Information Services Division. Biometric Specifications for Fingerprint Systems.
