Tag: BIOMETRICS
The role of identity in solving gaming’s accountability crisis
By Andrew Wailes, Founder and CEO, PlaySafe ID
Social contracts are everywhere. They’re the guardrails that enable the world to function. We drive on the correct side of the road, we trust that our surgeon is qualified before they operate, and we play football knowing other players will keep the ball between the lines.
Simply put, we live our lives assuming that rules will be followed, or consequences will be dealt to those who break them.
I genuinely love that my life and career has revolved around games, gaming, and the relationships I’ve developed from this shared hobby. Despite the decades of technical upgrades and changing business models, the basic social contract of gaming is the same:
You don’t cheat and you don’t abuse your opponent.
These seem like fair rules, but relying on a social contract isn’t working for gaming’s 3.6 billion players. The games industry now faces a point where there are so many people playing, across so many demographics, that online play can often be an unfair and even dangerous place. One where players can even face death threats and racial slurs for simply playing online games.
Likewise, cheating is all too common, and hackers and bots appear in every game. More extremely, child abuse and child grooming has become increasingly common across many titles and technologies. The majority of players play by the rules, but those who don’t are ruining the experience for everyone.
These are serious and genuinely life-threatening issues which the industry has not yet found a solution to put an end to.
This poses a really critical question for games, gamers, and the industry as a whole: why is the social contract not working, and what role can identification play in fixing it?
Unaccountability is killing gaming
The core issue of gaming’s cheating problem is a lack of accountability.
Studios, moderation and anti-cheat companies invest huge resources into tools designed to detect cheaters and dangerous language in games. This work is vital and I’m proud to call many pros in this area personal friends.
The challenge is that while these tools are highly effective in detecting cheaters and predators, they’re not designed to stop them from returning. The growing value of the £140 billion gaming market has created a parallel black market for cheat software, ensuring that the workarounds to anti-cheat tools always keep pace with the protections. After getting caught, offenders simply create a new email address, perhaps change their IP or spoof their HWID, start a new account and return straight back to the game.
And the cycle repeats.
Again, again, and again.
No parent expects their child to play with child predators; and no player chooses to invest time and money into an experience where their opponents are cheaters. There’s a huge commercial impact on studios too: 55% of players have either reduced or stopped spending on in-game purchases because of cheating.
When the social contract in a game is broken, there’s no enforcement solution. Unlike other social constructs in life, if a player cheats or commits abuse, they don’t face a driving ban or a ban from a sport.
Punishments need to have a meaningful consequence that can’t be circumvented in 30 seconds, and that requires an anchor point of identity that cannot be changed, spoofed, or tampered with.
Finding the anchor point
To no surprise, given that you’re reading this in Biometric Update, I believe that biometrics are this anchor point.
A person cannot be truly spoofed. The use of biometrics and KYC checks are the only reliable anchor point because the structure of every player’s face is unique, and verifiable by matching it to an official government ID. This is not easily worked around; attempting to break this system escalates the act from a violation of game rules to identity fraud.
This solution allows the industry to break the cycle of unaccountability and to create a social contract with consequence. When a player’s unique biometrics are verified and connected to their gaming identity, they can no longer create new, disposable accounts to hide behind. Consequences are tied to the human being, not the easily replaced username.
However we need to remember two perfectly reasonable asks from players: privacy and optionality. Passport details and facial biometrics are hugely sensitive pieces of data. Data which games studios do not need to store to create a safe environment.
Know your players?
As an industry, we need to shift the conversation from requiring a player’s identity to confirming a reliable identifier. The goal is for studios not to know a player’s passport information, but to know three things:
Has this player’s identity been verified? Is this a player facing a penalty for cheating? And has this player been inappropriate to children children?
If the answer to the last two is “yes,” they shouldn’t be able to join verified matchmaking in games where everyone else has signed this social contract.
Creating this reliable identifier is made possible through zero-knowledge verification.
In our own approach at PlaySafe ID, we partner with Onfido, an Entrust company. This approach to verification is crucial because their ID and biometric check happens on their secure platform under stringent privacy rules. We – and games studios – do not store any data, documents, or biometrics from the verification. Instead, we are simply notified of a successful check, at which point the source ID document is hashed and immediately deleted. The only info generated and passed back to games studios is the identifier: a random, anonymised token. This token confirms the player is a real, unique human without revealing who they are. It’s a system built on the principle of minimal data retention and ensures a truly private digital identity.
Identifier tokens, or tokens that represent a person, are also important because they can be used across games. When a studio accurately detects an instance of cheating, a penalty can be applied to the token; and this means the player is blocked across all games using this token check system. It creates accountability throughout the entire gaming ecosystem; without exposing any personal or sensitive data to the games studios.
Throughout all of this, optionality is vital. Having to verify your identity shouldn’t be a barrier to play, but it should be an option for those desiring an improved experience. When players are given the opportunity to verify their identity and join multiplayer lobbies where their fellow players are accountable, they engage in a social contract where cheating once again matters; and this leads to fewer instances of bad play.
Conclusion
The crisis facing the games industry is an accountability crisis. Every other major social construct is underpinned by guardrails that ensure consequences are real and meaningful. In gaming, the punishment has to finally matter. By leveraging biometric identifiers and zero-knowledge data handling, the industry can secure the one anchor point that cannot be spoofed: the human. This system is the most viable way forward to restore the social contract, protect billions of players, and guarantee that gaming remains the fun, fair, and thriving culture it deserves to be.
About the author
Andrew Wailes is the CEO and founder of PlaySafe ID, the platform dedicated to keeping cheaters, bots, and predators out of video games.
Frustrated after repeatedly encountering cheaters in games, Andrew founded PlaySafe ID to champion player accountability and reduce the amount of revenue lost by game studios because of cheaters. Drawing on senior career experience at tech start-ups Nefta and Metanomic, he mobilised a team to build a system that issues penalties across games.
He soon realized this approach could also prevent predators from returning as well as cheaters. Spurred by a motive to keep his child safe in digital spaces for years to come, Andrew has since raised $1.12 million to tackle gaming’s biggest safety and cheating challenges head-on.
Thailand brings in stronger ID verification measures
Thailand has mandated a series of stricter identity verification measures across online platforms and mobile networks aimed at closing loopholes exploited by scam networks.
Thailand’s Minister of Digital Economy and Society, Chaichanok Chidchob, gathered together government agencies, private sector and platform providers including Google, LINE and TikTok for talks aimed at strengthening Thailand’s digital identity verification system.
The National Broadcasting and Telecommunications Commission (NBTC) has adopted a cap: cutting down SIM card ownership to no more than five mobile numbers per individual for all mobile operators. The NBTC Board will review and approve the final guidelines.
The rules are part of a wider effort to eliminate “ghost SIMs” and SIM box systems that are often exploited by fraud rings, which are especially rampant along Thailand’s border regions. The ministry also ordered tighter controls on SIM registration. All registrations carried out by authorised distributors must use Dip Chip identity verification or an equivalent secure digital platform, and users in identified high‑risk areas will face enhanced monitoring to prevent misuse.
A proposed “Survival SIM” policy would restrict SIM access for individuals identified as mule account operators by permitting their registrations only through the Department of Provincial Administration at the Ministry of Interior, ensuring direct identity checks and improved traceability. In August, Thailand’s telecoms regulator ordered all mobile operators to implement biometric liveness detection technology for SIM card registration in a bid to curb identity theft and fraud. The NBTC requires mobile operators such as True and AIS to verify users in real time using new photo and video authentication methods.
The eighth meeting of the Committee on the Prevention and Suppression of Technology Crime, convened under Section 13 of the Emergency Decree on Cybercrime, also saw discussions with representatives from Google, LINE and TikTok. Chaichanok urged the operators to increase their sense of responsibility as scam networks make use of their platforms.
“Global platforms must play a stronger role in protecting Thai users — not just by providing services, but by sharing responsibility for preventing cybercrime,” the Digital Economy and Society minister said, as reported by The Nation.
Talks with the platforms focused on upgrading user identity verification to include real-name checks and face biometrics alongside phone or email confirmation to prevent fake accounts from being created. The companies will also need to verify the identity of advertisers, whether they’re businesses or individuals.
The ministry is also fast‑tracking amendments to Section 32 of the Electronic Transactions Act to broaden regulatory oversight of platform operations and ensure security and accountability are enforced effectively. Officials said parallel measures include accelerating legal action against those operating mule accounts and preparing guidelines for compensating scam victims to be submitted to the National Policy Committee.
Chaichanok emphasised that combating cybercrime requires coordinated domestic and international cooperation and noted Thailand’s preparations to join the UN Convention against Cybercrime (UNCC). The UNCC was signed by 72 countries last month with the legal framework aimed at combating online crime.
However, it has not gone without contention as tech companies raised concerns about legally sensitive data requests, including those in the identity verification industry. Following the signing ceremony in October, identity verification provider Jumio said the treaty could bring new challenges around compliance for organizations.
The minister said the DE Ministry, working with the NBTC, banks and platform operators, will take firm steps to close the channels scammers use; stop ghost SIMs and mule accounts and build a more secure digital ecosystem for the public.
Bangladesh strengthens data security for data exchange, digital ID
Bangladesh’s Council of Advisers have approved new rules aimed at enhancing the privacy, security, and ownership of citizens’ personal data as the country establishes a new data exchange platform and national digital ID.
The Personal Data Protection Ordinance, 2025, and the National Data Governance Ordinance, 2025, were approved on October 9.
They were notified by the law, justice, and parliamentary affairs ministry, signaling Bangladesh’s commitment to aligning with global data protection norms such as the EU’s GDPR and India’s Digital Personal Data Protection Act while tailoring safeguards to its own socio-legal context.
To enable secure data exchange, a National Responsible Data Exchange (NRDEX) platform will be launched, allowing safe data sharing between government and private entities.
Additionally, a Unified Digital Identity system will allow citizens to access various government services with a single ID.
Across the Bay of Bengal, Sri Lanka has taken a similar path, upgrading its data protection laws as it sets up a national data exchange platform and digital ID system with support from their mutual neighbor India.
Data protection details
Citizens are recognized under the Personal Data Protection Ordinance as the rightful owners of their personal data. As such, it requires explicit consent for any data collection, storage, transfer, or use. The ordinance enables citizens’ rights to access, correct, delete, and limit automated decisions based on their data, emphasizing transparency and accountability in data handling.
For sensitive data, such as financial and health information, special protections are included, and additional safeguards are established for children, requiring parental consent for data processing and prohibiting targeted advertising aimed at minors. Violations of data security will result in administrative penalties and fines.
The National Data Governance Ordinance provides a basis to set up a national data management authority responsible for framing data policies, ensuring compliance, and managing complaints related to personal data. This authority will also maintain a National Source Code Repository to prevent vendor-lock situations and confirm accountability among data custodians and processors.
The approved laws are aimed at promoting investment and human rights while promoting cooperation in online business and technology trade, ultimately strengthening Bangladesh’s digital transformation.
Switzerland starts legal consultations for biometric ID cards
The Swiss government is laying down the legal groundwork for the introduction of biometric identity cards by the end of 2026.
The Federal Council has opened consultation on revising the relevant regulation, with responses due by February 28th. The introduction of the new ID cards will not require a change in the law, but only an adjustment to the identity document ordinance.
The ID documents will be equipped with a microchip containing two fingerprints and a facial image, the same as the current Swiss biometric passport. The blank cards are provided by Thales DIS Schweiz AG.
Obtaining the biometric ID card will be optional. The Identity Documents Act requires the country to guarantee freedom of choice, which is why the Federal Department of Justice and Police (FDJP) will continue offering an identity card without a microchip.
The government, however, warns that only biometric ID cards will allow Swiss citizens to travel freely throughout the EU. Although the country is not an EU member, it is required to introduce a chip-enabled ID card no later than one year after the revised Agreement on the Free Movement of Persons (AFMP) comes into force.
In September, Swiss citizens voted in favor of introducing a digital ID in a referendum. The government-controlled e-ID will be introduced under the Federal Act on Electronic Identification Services.
The electronic identity is expected to be rolled out in 2026, with a budget of over US$200 million planned for its verification infrastructure. Once active, the digital ID will be stored on the mobile wallet application Swiyu, which started public beta testing in March. Owning a digital ID will be optional.
UK completes passport-free border trial with biometric e-gates
The UK has started testing a “contactless” border control system that allows British travelers to enter the country without showing their passports. The system relies on biometric e-gates, which match faces of British passport holders with government databases using facial recognition to confirm their identity.
The trial was held at Manchester Airport in October for three weeks. Phil Douglas, director-general of Border Force, said the technology had “considerably reduced” processing times.
The testing used existing e-gates, which normally require passengers to insert their passports into a reader before having their photo captured. If everything checks out, the gate opens automatically. Travelers who are not recognized or need additional questioning are directed to a Border Force officer.
More than 270 e-gates currently operate at British airports and ports and the UK government is planning to expand their use following trials, The Times reports.
“We’ve got a new contract for gates and we’re going to be expanding them even further,” says Douglas. “It’s our intention that almost everybody will go through an e-gate of one description or another.”
The Manchester trial is part of a wider plan to streamline the UK’s border crossings. The Border Force first announced plans for contactless borders last year, describing its goal of creating an “intelligent border” that would improve the crossing experience while keeping security standards. The system is modeled on facial biometric systems used in Dubai and Australia.
“The border has really changed over the last few years and that work is picking up pace,” says Douglas. “Public expectations have changed and technology has changed. We now have AI facial recognition, the use of biometric identifiers in parallel with the more traditional forms of identification like visas and passports.”
The biometric e-gates are expected to work with the UK’s Electronic Travel Authorization (ETA) scheme. Meanwhile, the UK government is continuing the phased implementation of the border registration scheme as well as electronic visas, known as eVisas.
UK continues reforming borders with eVisas and ETA
After opening the ETA applications for Qatari nationals in October 2023, the system was expanded for all remaining non-visa nationals, except EU citizens. From March 2025, European nationals are also required to go through the ETA application process, according to guidance released by the Home Office this week.
Applicants must submit a national passport and a facial image to register for ETA.
The UK Visas and Immigration (UKVI) is also implementing a digital immigration system, which will replace physical documents with an eVisa, a digital record of identity and immigration status.
The transition to eVisas officially started in July this year. Millions of people already hold the electronic document, designed to replace biometric residence cards (BRC), passport endorsements and vignette stickers in passports.
From early 2026, successful applicants applying to come to the UK on a visit visa and certain other visa routes will get an eVisa as well as a visa vignette sticker. Later in 2026, UKVI will stop issuing visa vignette stickers and will only issue eVisas.
Digital wallets integrate biometrics in India, Vietnam, Taiwan POCs
India, a digital identity powerhouse thanks to its Aadhaar system, is getting a new national digital wallet with embedded face biometrics. India.com says the Aadhaar App functions as a secure digital wallet for storing, displaying and sharing Aadhaar credentials, enabling users to store up to 5 Aadhaar profiles on a single phone. It is now available for both Android and iOS.
The Unique Identification Authority of India (UIDAI) is promoting it as complementary to the existing mAadhaar app, which remains the portal for downloading a digital Aadhaar card, ordering a PVC card, verifying contact details, or generating a virtual ID.
Use cases for the new app include expedited hotel check-in, SIM activation and KYC for banking. With multiple accounts on one device, it promises to make it easier for families sharing a single registered mobile number.
The app has facial authentication and biometric lock features for security, and facial scanning for sharing ID. It enables selective sharing of information to maximize privacy, supports QR code scanning and sharing for identity verification, and works offline.
Taiwan to launch 3 wallet POCs next month
The global stage is setting up wallets for continued success. Europe’s EUDI Wallet scheme is about a year away from launch. The GOV.UK is live in the UK. And countries in Asia-Pacific continue to express support for wallets.
Taiwan recently reiterated its commitment to promoting digital credential wallets. According to CNA.com, its Ministry of Digital Development is planning to release three proof-of-concept projects for a digital wallet in December. According to government officials, the project involves not only technology but also “persuading the business community to participate, especially hoping that convenience stores will adopt it.”
Taiwan acceded to the World Wide Web Consortium (W3C) in 2023, and Deputy Minister Hou Yi-hsiu says the relationship allows Taiwan to participate in international discussions, make recommendations on technical standards, and factor global developments into domestic policies and industrial development. Public-private partnerships, deeper open-source development and decentralized governance models are all on Taiwan’s priority list.
Meanwhile, the Digital Development Department is busy with information-gathering. It recently hosted an international forum on digital credentials wallets and distributed verification to accrue learning for its Digital Credentials Wallet Project, which invites experts from different fields to assist in general improvements to the technology.
Vietnam makes biometrics mandatory for digital wallet registration
New regulations issued by the State Bank of Vietnam says that biometric verification will be required for digital wallet registration as of 2026. Viet Nam News reports that “under the Circular No 41/2025 on intermediary payment services, e-wallet service providers must meet customers in person to verify their identity documents and verify biometric data before activating e-wallets.”
Foreigners who are not physically present in Vietnam can verify their identity through a third party or a contracted organization.
Per the report, government agencies, public institutions, listed companies and Fortune Global 500 enterprises from the preceding year will be exempt from biometric checks.
The new regulations also prohibit wallet providers from allowing cash deposits or withdrawals at their locations, and from charging users interest on wallet balances.
As of March 31, 2025, 47 institutions were licensed to provide e-wallets in Vietnam, with major players including MoMo, Viettel Money, ZaloPay, ShopeePay and VNPAY.
The country is in the midst of an ambition push for digital transformation, aiming for 100 percent digital ID and government service access by 2026.
