Liveness proof of concept – privacy notice



The Australian Taxation Office (ATO) is conducting a proof of concept (POC) to test the usability of the ATO’s liveness providers, and each provider’s biometric presentation attack detection.

This privacy notice sets out what information will be collected and how it will be managed.

Collection, storage and disclosure

To participate in the proof of concept and use this app, your device camera will be used for the purpose of conducting a liveness test.

The images captured on the camera will be:

  • collected, used and stored by the ATO, and
  • disclosed to and used and stored by our providers iProov Limited and FaceTec, Inc.

The images will be deleted by all parties at the end of the POC and won’t be shared with any other third party at any time without your written permission.

If you choose not to provide or share your personal information, you won’t be able to use the proof of concept app.

Use of your information

Information about you and your device will be recorded for evaluation purposes as part of the POC. This may include:

  • the date and time of the use of the service
  • the information you provided (Biometric image)
  • successful and unsuccessful attempts.

We may use your information to:

  • compile statistics and reports to enhance our systems and services
  • identify and respond to issues that may indicate authentication integrity is at risk
  • detect, investigate and prosecute criminal offences.

We will not use or disclose personal information for the purpose of direct marketing. Your personal information will be stored securely in Australia.

Our privacy policy contains important information about your privacy, including:

  • how you can access and seek correction to information we hold about you
  • how to make a complaint if you think we have breached the Australian Privacy Principles
  • how we will deal with any privacy complaints.

For more information about our privacy policy, you can:

  • phone us on 1300 661 542 including if you wish to report an instance where you suspect your privacy has been compromised
  • write to us at GPO Box 9990 in your capital city.

See also: