We often talk about why 4 Fingers TouchlessID is the most secure mobile biometric available. However, it is also important to highlight why it’s the easiest biometric to keep totally private as well. Biometric data privacy is a critical topic of conversation, especially in light of new regulations like GDPR coming soon. With 4 Fingers and VeridiumID, we can dramatically reduce the risk of biometric data being compromised, even if the biometrics are targeted in a data breach.
The Security of Biometrics
One of the first things we look at for improving the security and privacy of the 4 Fingers biometric data is how the data is captured and stored. With other mobile biometrics, biometric templates are encrypted and stored on the mobile device itself, using standard public/private key-based encryption schemes. Rather than use this method, we’ve approached this problem with a distributed data model, which uses Visual Cryptography to encrypt and store the templates.
Visual Cryptography provides significantly better security than other encryption methods while maintaining simplicity for file management and security auditing. And, we believe it pairs perfectly with biometric data for ensuring end user privacy.
4 Fingers Are Better Than One
Going beyond how we encrypt and store biometric data, we also believe that using four fingerprints as the primary authentication factor for any access management system, rather than a single print – or even worse, a password – truly optimizes security. For each print that is captured, the complexity of the biometric template increases. This adds additional strength to the authentication process as a whole, making it harder to attack and bypass by a hacker.
Whenever you increase the complexity of a biometric template, you’re adding more data to confirm the identity of the authorized user. When applying this to the login process for data in the first place (and combining it with a more secure encryption model like Visual Cryptography), you amplify the privacy of said data. By improving privacy we also enhance security, placing the two hand-in-hand, rather than at odds with each other.