iCognize applies for patent on biometric template-splitting technique
A patent application has been filed by iCognize for a method of splitting biometric templates for secure storage with protection against data breaches, the company has announced.
The result of the template-splitting technique is a biometric data storage method which complies with the EU’s General Data Protection Regulation (GDPR), the company says.
The method can also be applied to non-biometric data, such as tokens used in access control, iCognize states.
The risk of biometric data being breached and rendered permanently unusable is often considered a downside of biometric systems with centralized databases. Between this risk, and the special categorization of biometrics as sensitive data under GDPR, iCognize suggests traditional methods of biometric template storage are unsuitable for various applications in Europe.
Previously, Germany-based iCognize says, in order to comply with GDPR, biometric systems must store data on a mobile medium like an RFID card or mobile phone, which gives the user control over the data. Additionally, the system must satisfy GDPR requirements for consent, and be limited to use for employment, social security, or social protection law purposes.
The split-template method is superior, according to the company, because it renders the stored biometric data unusable, and therefore removes it from the category of personal data under GDPR. Part of the data can be stored on the processor’s server, and if the database is compromised, the data has no use to cybercriminals.
The technique is reminiscent of that used by Anonybit for biometrics through multiparty computing.