The Hessian company iCOGNIZE applies for a patent for its new split template process for securing biometric data. With the new process, biometric data are split up immediately after they have been recorded in order to make them unrecognizable.
Since biometric data contain the mathematical description of certain properties of body features such as fingerprints, iris or facial features and vein patterns, they are considered highly critical and must be protected in a special way - not only to prevent data protection breaches, but above all to prevent that complete biometric data sets cannot be stolen in cyberattacks.
More protection for biometric data
The process can be used wherever sensitive data needs to be protected more strongly - even outside of biometric systems. For example, tokens with split templates can be protected even better against unauthorized access. In order to clarify the process and the advantages of the split template process, a detailed look at the previous processes is necessary:
Possible security gaps in biometric access controls
In the case of biometric access controls in the high-security area, biometric properties such as fingerprints, veins or iris features are recorded by a corresponding sensor system and compared with biometric features stored in the system. If there is sufficient similarity, a so-called “match” is assumed. Because the biometric data used for comparison belong to the person who presented the corresponding biometric feature. Since the system knows which person previously generated the biometric data set used for comparison, the person is thereby identified.
Cyber criminals can steal or manipulate these biometric features. If, for example, fingerprint data is published on the Internet, any person with the appropriate knowledge can create a dummy for a so-called “presentation attack” and thus fool biometric security systems.
There is only one fingerprint data
For the person to whom the fingerprint data belongs, this means that their fingerprint can never be used in the biometric system again. Because the biometric feature is now known in its pure form, a replica can be created at any time. In addition, digital fingerprints are sensitive, personal data that must be specially protected according to the EU GDPR.
They may also be completely excluded from permanent storage. For this reason, data protection prohibits the central storage of sensitive biometric data. This in turn can mean that biometric systems may not be used in various applications.
Difficulties in previous approaches
There is already a possible way around the above problem: The biometric data is stored on servers that are part of a highly secure and non-vulnerable IT infrastructure for later comparison. This procedure also works quite well in practice. However, as IT processes are becoming more and more complex, it is becoming more and more difficult and costly to maintain such a highly secure infrastructure. In addition, and as already mentioned above, the central data storage of personal data, such as biometric data, is a fundamental problem in data protection.
Is mobile data storage a GDPR-friendly alternative?
In order to act in accordance with the GDPR, biometric data may only be stored on mobile media such as RFID cards or mobile devices. In this way, users can access their personal data at any time and delete them in case of doubt.
The data is recorded by holding the card or mobile device in front of an appropriate reader. The system now compares the data and then immediately deletes the data used. The biometric data is only in the system at the time of use and is not stored there persistently. In order to comply with the EU GDPR with this method, the requirements of the GDPR (Article 9) must also be met:
What makes the split template process better?
The split template process uses the best of the processes described above and takes further steps to make biometric data unrecognizable and at the same time solves problems with the EU GDPR:
- First, critical data blocks are split into two or more data parts.
- The individual shares are then saved on different media and / or in different locations.
- Storage locations can be data carriers such as the RFID card AND the server within the IT infrastructure.
As a result of the split, the collected biometric data is no longer personal data within the meaning of the EU GDPR. This is because the split data can no longer be used for their actual purpose, as no conclusions can be drawn about the actual data set. Furthermore, if a storage location is compromised, cyber criminals do not gain possession of all of the biometric data. This effectively prevents the creation of a dummy with the captured data.
More at iCOGNIZE.de
iCOGNIZE GmbH
iCOGNIZE specializes in biometric security solutions. Since 2007 the company has been developing and producing biometric hand vein scanners for identification and authentication, which can be integrated into other security technology systems via a wide variety of interfaces. Technologies such as RFID and Bluetooth are an integral part of the product portfolio.
The company is based in Dietzenbach - near Frankfurt am Main. The biometric system developer also has its own research department here and works closely with universities and other research institutes to drive innovations in the field of biometric security technology.