AuthID’s PrivacyKey addresses privacy, compliance concerns over biometrics

An announcement from AuthID says the identity verification and authentication provider has launched PrivacyKey, a tool that enables identity verification without the need to store biometric data, thereby meeting compliance with strict regulations on the storage of biometrics.

PrivacyKey targets customers who have shied away from biometric systems because of concerns about liability and user apprehension over privacy – still the top barriers to adoption.

To alleviate those concerns, AuthID is offering a variant on their standard onboarding process, which captures identity documents and biometrics, performs a liveness check and completes facial matching.

The release explains that historically, authID’s identity verification process has retained an encrypted hash of the calculus of each face for subsequent authentication through its Verified product.

“With PrivacyKey, available with authID’s Proof and Verified platform Version 4.0, authID stores no biometric data whatsoever, thereby ensuring user privacy and regulatory compliance while providing authID customers absolute confidence in the security measures they implement.”

According to Chief Product Officer Erick Soto, “at time of identity proofing and onboarding, we utilize the facial biometric to create a public and private key pair. We immediately destroy the private key, and store only the public key. Each time that an onboarded user authenticates with their face, we recreate the private key, which is then matched to the public key with an encrypted message for verification. And during a search, even the keys are only matched within their organization’s ecosystem, not the universe.”

Rhon Daguro, CEO of authID, says that while the company has never stored any biometric data that could be reverse-engineered into a face, PrivacyKey addresses even the most stringent compliance concerns. “By leveraging technology that retains no biometric artifact whatsoever, authID provides secure verification that enterprises can trust, all at 700ms processing speeds and with one-in-one billion false-match accuracy. Users don’t have to worry about their facial biometrics being at risk in our cloud, and our customers avoid compliance risks, since there’s nothing to steal.”

PrivacyKey also includes key-management capabilities that allow enterprises to rotate and revoke keys with ease, ensuring they are accessible only to those with authorization.

Article Topics

authID  |  biometric matching  |  biometric template  |  data privacy  |  identity verification  |  PrivacyKey