OCR Labs denies breach report details, patches vulnerability

Chris Burt reports:

A vulnerability allegedly exposing sensitive credentials of Australian financial institutions has been closed by OCR Labs, after being discovered and disclosed by Cybernews researchers. The biometric liveness detection API used by OCR Labs is among the exposed data, according to the report.

OCR Labs takes issue with details in the report, however, telling Biometric Update that the API is used to create Liveness sessions, which are ephemeral and cannot be recalled once complete. No personally identifiable information was accessible, therefore.

“There was never a data leak or breach in any of our systems,” says Paul Warren-Tape, GM of APAC for OCR Labs, in a response statement shared with Biometric Update.

Read more at Biometric Update.

About the author: Dissent

Comments are closed.