High secure storage in Identity Documents

Low-complex, easy to integrate and cost-effective Match-on-Card

Eliminate privacy and security concerns in biometric deployment

Latest news

Arnd Langguth joins GenKey

Eindhoven, the Netherlands (January 5, 2012), Today GenKey announced that Arnd Langguth has joined the company as Director Sales. Before

Finger vein gets privacy makeover

Paris, France (17 November 2011), Hitachi Europe, a supplier of finger vein technology, has announced that it is entering an

More news »

BioHASH Biometric Protection

Why not simply encrypt traditional biometric templates?

Encryption is a great technology to protect valuable or sensitive content, but when encrypting biometric templates they have to be routinely decrypted again, whenever a match needs to be performed. This decryption is required because the “fuzzy” matching that is needed for biometrics can only be done in the plaintext domain. It also introduces a second vulnerability: the need for a cryptographic key that is stored in the biometric system. This leads to protocols and access rights that are limited to trusted operators only.  As these systems scale up, they become vulnerable to “incidents” by sloppy execution, change in regulations or legislation, human mistakes or intentional misuse. In biometrics, you only have two eyes and ten fingers, and in case of a security breach, these biometrics are compromised forever. The answer to this is matching using templates that are intrinsically anonymous, and that is what priv-ID delivers.

BioHASH® makes use of a cryptographic hash to protect biometric information

For the protection of biometric information, BioHASH® is based on identical security techniques that are used to protect PIN codes and passwords. PIN codes are used to authorize payment transactions. The valuable PIN information is protected using a cryptographic one-way hash technique. The PIN itself is never stored in the system, only the hash that acts as a verification code. The “one-way”-ness guarantees that the original PIN cannot be retrieved from the hash, not even by bank IT staff. A “live” PIN entry is hashed again and compared with the verification code, and if these two values are identical, the PIN is accepted as being correct.

BioHASH® works in the same manner. Instead of storing fingerprint images or minutiae templates, like in traditional biometric deployments, the fingerprint image is first processed and then put through a cryptographic hash function (SHA-256). The resulting anonymous template can be stored in a database or on an ID-card. Additional random information (also known as “salting”) is used to produce renewable anonymous templates from the same finger. This makes it impossible to link biometric information across applications.

Worldwide

© 2010 Priv-ID | High Tech Campus 9, 5656 AE Eindhoven
Wordpress implementatie: FLORiZ