Privacy and security – can we future proof biometrics?
By Alfred Chan, CEO of Infinity Optics
News of privacy and data breaches are capturing headlines every day. Biometric templates are believed to be secured with encryption and they cannot be reverse-engineered to generate the biometric patterns, however, history tells us that all countermeasures fall short at some point of time. Even new technologies that claim to secure biometric data are either not secure or have suboptimal performance. The privacy risks that accompany biometrics databases and repositories are now becoming more extreme and it is expected that more stringent regulations will be enacted to evaluate the data collected and its purpose.
Recent technologies protecting privacy and sensitive biometric information
The surge in biometric applications and their widespread adoption have made it clear that this technology is not going to go away anytime soon. Biometric technology powered identification and authentication is taking over all forms of establishing or verifying a person’s identity. However, it has also raised the privacy and security concerns of the large amount of biometric data amassed on a daily basis. Can we remove or make the biometric data completely obscure to protect any other form of identity authentication tool from potential misuse? Since biometric data is now stored on connected information systems, do modern biometric systems using centralized or decentralized encryption secure the storage and transfer of biometric data? Or can we remove the sensitive biometric data and replace it with a true biometric hash?
True biometric hash as the catalyst
True biometric hash is a technology similar to general cryptographic hashing that is a one-way function to convert biometric codes into a non-reversible cryptographic hash without the need of a template. The True Biometric Hash is generated directly from the biometric scan for verification and there is no template collected nor stored during the registration process. This novel approach ensures absolute privacy and removes any possible risks. There is no sensitive biometric data that can be used by hackers to gain access to your registration if stolen. The True Biometric Hash delivers privacy, security and biometric performance, and it allows unlimited revocation, portability of the registration without risks and other flexibilities for symmetric and asymmetric encryption for PKI. The technology could be a catalyst for a new generation of privacy-by-default biometric applications.
About the author
DISCLAIMER: Biometric Update’s Industry Insights are submitted content. The views expressed in this post are that of the author, and don’t necessarily reflect the views of Biometric Update.