Cover Letter — RFI-15434

On Anuna Research Cooperative letterhead. ~1 page; signposts the five forms; commits to a concrete next step.

To: Alison Buchanan, Procurement Officer Email: RFI15434@ato.gov.au Re: Anuna Research Cooperative response to RFI-15434 — Biometric Verification Capability Date: 4 June 2026

Dear Alison,

Anuna Research Cooperative is pleased to respond to RFI-15434 for a Biometric Liveness Detection Solution to support the strategic objectives of the myID app. Our response covers all five required forms (Parts 3, 3a, 4, 4a, and Attachment A) submitted via the AusTender Lodgement Page.

Anuna is an Australian cooperative working on trustworthy AI systems. Prior and current engagements include Microsoft, Autodesk, CSIRO Data61, Telus, Suncorp, IAG, the UK Government Digital Service (GovUK), Kellogg, and Telefónica. The most directly relevant delivery-capability reference is Anuna’s current eGov programme for the Bangsamoro Autonomous Region in Muslim Mindanao (BARMM), Philippines — digital identity, citizen-facing services, and transformation advisory; production go-live July 2026. BARMM does not currently deploy SABLE; SABLE deployment there is a candidate natural extension. We respond with SABLE — Secure Attested Biometric Library for Edge, our open-source (Apache 2.0) library for privacy-preserving biometric verification. SABLE captures, performs presentation-attack detection, and proves a match entirely on the user’s device. The zero-knowledge proof — not the biometric — traverses the network. (See Part 3 §3 for the concrete walkthrough.)

Four properties make SABLE distinctive for the ATO’s stated needs:

1. Privacy by construction — biometric data never leaves the user’s device. This is a cryptographic guarantee, not a policy promise; structurally fits the Digital ID Act 2024’s data-minimisation provisions. Any system that aggregates biometric or identity-document data into a central store creates a structural risk class — Suprema BioStar 2, US OPM, 23andMe internationally; Optus, Medibank, Latitude domestically. SABLE retires the target class by design.
2. Selective disclosure via BBS+ — users prove credential predicates (“over 18”, “Australian citizen”) without exposing underlying fields.
3. Offline P2P operation — capture / liveness / proof runs entirely on-device with no internet dependency; addresses inclusivity for low-connectivity users and the offshore-verification gap.
4. Open-source public good — Apache 2.0; investment in maturing SABLE for myID becomes freely available to any other government adopter at zero marginal cost. Candidate future deployment contexts include the BARMM engagement (natural extension), Pacific / SEA governments, and European public-sector identity — Anuna is in early dialogue with Germany’s Bundesamt für Sicherheit in der Informationstechnik (BSI) about the SABLE approach.

To our knowledge, SABLE is the first open-source library to combine all of these properties alongside transparent ZK setup (no trusted-ceremony risk) and no special hardware requirement.

We respond with full honesty about where SABLE is today: a pre-production library with 519 tests passing and a public demo, with no live government deployment yet — an ATO engagement would be SABLE’s first. The certification gaps SABLE acknowledges (ISO/IEC 30107-3 EAL-2 PAD testing, IRAP PROTECTED, MAUI bindings, WCAG 2.1 AA audit, NV1-cleared Australian support) are time-bounded remediation work, sized in Part 3a. The architectural advantages SABLE offers are not retrievable by alternative architectures inside any procurement timeline. We invite the ATO to weigh these properties on a strategic horizon, not only on a present-state readiness checklist.

Proof-of-Concept. We propose a paid 8-week Proof-of-Concept against the ATO’s existing myID IP3 test cohort, evaluating: (i) PAD performance against a curated attack corpus; (ii) FMR / FNMR against a representative diverse Australian sample per the Digital ID Accreditation Data Standards; (iii) end-to-end UX of the spatial-flash liveness flow; (iv) PrivateLink integration latency to the existing FVS / DVS infrastructure; (v) operational soak at 10× current peak load. This is the most decisive evidence either party can generate inside this RFI’s stated question.

Sovereignty. SABLE is Australian-developed Apache 2.0 IP; cryptographic primitives are open standards; cloud hosting is AWS Sydney with SCP-enforced no-replication-out; IP control sits with Anuna and the open-source community, not any foreign commercial entity. For a national identity capability of myID’s scale, this matters.

We would welcome the opportunity to discuss the proposed PoC and to demonstrate SABLE to the ATO’s identity team.

Yours sincerely,

Hugo O’Connor Trust Engineering — Anuna Research Cooperative hugo@anuna.io · hello@anuna.io +61 [TBC] ABN: [TBC — confirm before lodgement] [address TBC — confirm before lodgement]

Anuna Research Cooperative (“Anuna”) is an Australian cooperative working on trustworthy AI systems, transformation advisory for AI adoption, and practitioner-team assembly for client engagements. SABLE is one of Anuna’s open-source projects, publicly available at codeberg.org/anuna/sable.