Information privacy and security should be every organization's top priority. From maintaining the integrity of its own data networks to securing its employees' personally identifiable information, data security should be top of mind, especially for biometric authentication solutions.
PII & Data Encryption in the Biometric Industry
Utilizing biometrics as a form of access control gives employers superior security; however, there are underlying concerns that come with the utilization of biometrics for access control. These concerns include:
- Storage of personal data
- Accuracy in the mapping of facial points
- Vulnerability for how such data is able to be breached
To be fair, all of these concerns are valid. Storing data in any capacity creates the risk of abuse and theft. In order to properly mitigate this risk and maintain the privacy of sensitive information, organizations must review the solutions they are using and verify it is utilizing data encryption not only during the transfer of information but also while stored.
Access control vendors need to reduce the amount of data they are storing within their network by removing any staff member's PII. Alcatraz AI’s the Rock is addressing privacy issues in a more encompassing way than most alternative solutions.
The Rock Algorithm
The Rock utilizes a method of access control that puts information privacy and security in the foreground. The Rock does not include any form of PII within the employee’s profile. Alternatively, it only needs to authenticate that a user matches their enrollment by verifying their facial template. If the authorization is positive, the corresponding badge number is sent to the Access Control System (ACS) to determine the user’s privileges and unlock the door. This process occurs in a matter of seconds, allowing for frictionless and secure access control.
Enrollment
To enroll members into the Rock’s facial authentication system, the individual scans their badge on the Rock device to put it into “enrollment mode.” During enrollment, the individual is prompted to move their face to show a variety of angles. The Rock collects imagery of these angles to create a binary mathematical representation of the staff member’s face. It is this mathematical representation that creates their facial template, while the actual images are entirely erased from the database. This enhances the information privacy aspect of the Rock.
Creating a Profile
Once the Rock has engineered this facial template, it is then fused with the badge data to form the user’s profile. Profiles kept within the Alcatraz AI system do not possess any PII. It is important to note, that the facial template can not be reverse-engineered by anyone, including Alcatraz, to recreate the image of a person's face.
Data Encryption
All the information stored in the Alcatraz system is encrypted, both in transit and at rest, using military-grade TLS 1.2 / 1.3 and AES-256 respectively. Data Encryption keys are uniquely generated for each Rock in the system as well as for the Web Application used for administering the system. Since the Rock does not possess any personally identifiable information, every user’s privacy is secure.
Data Distribution and Storage
User profiles are stored on both the Rock and within the Alcatraz AI Platform. When a person is enrolled, their profile is created locally on the Rock and is then sent to the ACS to be shared with the other Rocks making up the system. A backup copy of the profile is also kept on the Platform. This process allows each unique Rock and the platform to have a copy of all the profiles stored. The Rock keeps its copies in non-volatile memory so that even if power is lost and restored, all the information still remains privately stored in the Rock, regardless of connectivity status to the platform.
Data Removal
Profile data can be deleted from the system at any time, but only by authorized personnel. To do so, the system administrator simply locates the profile in the admin portal using the badge number associated with that profile and chooses the option to delete the profile. The encrypted data within the profile is immediately deleted from all of the Rocks that are a part of the system as well as from the platform.
Top Performance in Accuracy
The facial authentication algorithm used by the Rock has undergone rigorous testing from the National Institute for Standards and Testing (NIST) to ensure that every user is accurately admitted based on facial mapping points. This testing has verified the accuracy of the Rock’s facial authentication technologies with a false match rate of 1/100,000 resulting in an incredibly low chance of mistaking identities among all demographics.
Conclusion
Employees may be concerned about their PII being captured, used, or stored, and given the number of security breaches that take place, their concerns are quite valid. Employers by nature will have employee data, such as their name, phone number, address, and social security number as part of their employment records. However, with the Rock, this information is no longer necessary for access control.
The Rock utilizes a method of access control that puts information privacy and security in the foreground. The Rock does not include any form of PII within the employee’s profile. Alternatively, it only needs to authenticate that a user matches their enrollment by verifying their facial template. If the authorization is positive, the corresponding badge number is sent to the Access Control System to determine the user’s privileges and unlock the door. This process occurs in a matter of seconds, allowing for frictionless and secure access control.
Book a Demo for the Rock today and experience frictionless security that does not compromise when it comes to protecting your information.
Tag(s):
Press Release
Other posts you might be interested in
View All PostsSubscribe to email updates
Additional content around the benefits of subscribing to this blog feed.