Biometrics is a new and effective trend in the security industry. HYPR deploys biometrics in financial applications, but also adds the benefits of decentralized technology to enable enterprises to eliminate passwords and replace them with biometrics.
HYPR: Biometrics Decentralized
The blockchain biometrics firm, which has worked with Fortune 500 and Global 2000 firms on proof-of-concepts,
Rather than storing fingerprints, facial features, iris images, or voice patterns, an end user’s biometric signature is encrypted and stored on-device in a decentralized manner.
“So while today a large financial institution might warehouse passwords for users of their consumer-facing mobile app, with HYPR our partners do not store passwords or biometrics—this information is distributed across thousands or millions of mobile or desktop devices,” George Avetisov, CEO HYPR Corp, told Bitcoinist. “They are accessed on-device through compliant sensors that safely validate identity in response to a cryptographic challenge. A bank or other enterprise would not hold them.”
The most familiar protocol HYPR supports for working with biometrics are those by Fast ID Online (FIDO) Alliance, a non-profit dedicated to changing the nature of online authentication: “Something that blockchain boosters should learn more about,” Avetisov notes.
Hypr is working to biometrically secure blockchain-centric use cases like cryptocurrencies, digital identities, and private keys through its partnership with BitGo, a Silicon Valley bank.
Besides the underlying Elliptic Curve Cryptography that is common to both HYPR Biometric tokenization and the Bitcoin protocol, another parallel between HYPR decentralized biometrics and the blockchain is the common use of hardware (TPM) to as a private key-store.
“Biometrics and the IoT already play a key role as we see it and as we are deploying it,” Avetisov said. “The IoT will only succeed if the convenience of a connected setting matches that of our analog environment. If there’s a need to present a password on a mobile device to log into IoT systems, we’re already putting a barrier between the user and his or her home or automobile.”
Top security for entry into systems must also be a feature of an IoT lifestyle. “Not only are passwords insecure, or strong passwords a horrible experience on mobile, or two-factor authentication a usability nightmare for IoT,” Avetisov said. “They don’t provide the security required for our connected life to be as safe as our analog. Far from it: IoT systems introduce or exacerbate vulnerabilities because hacking homes, cars, physical access at critical infrastructure and so on can put us in danger on a moment’s notice.”
HYPR expects that by 2017 millions of users in verticals like financial services, healthcare, and the IoT will log into their systems securely with the unequaled user experience that biometrics provides.
“So the real revolution here is in user experience but also the underlying security, and we shouldn’t overlook the fact that it is the secure, privacy-preserving nature of today’s biometrics that provides that usability in the first place,” Avetisov said.
Blockchain technology is widely heralded as being a potential means for proving ownership of IoT devices±and biometric tokenization is coming up as a strong method for securing ownership to those devices.
At HYPR concern would be about where the data are stored because whether health-related, strategic, or just based on privacy we never want a wholesale breach of it simply because it’s stored in an application whose security is insecure due to it being password-based.
What do you think of decentralized biometrics? Let us know in the comments below!
Images courtesy of HYPR.