Eindhoven, Accra, Chicago
GenKey, a biometric technology company that champions Privacy-by-Design, has announced a new release of its Biometric BioHASH® SDK designed for small and large-scale enrolment and verification. This new release provides support for Biometric Asymmetric Key Creation and the Elliptic Curve Digital Signature Algorithm (ECDSA) – both important functionalities for protecting users’ privacy and boosting information security.
Asymmetric encryption is a cryptographic technique that uses public and private key pairs to, for example, generate a digital signature on a message allowing to verify its origin and authenticity. Only the user or device that has access to the private key can generate a valid signature, which can then be verified using the corresponding public key. With the new functionality embedded in our BioHASH® SDK, our software signs a message using a private key generated from a finger on-the-fly and discards it immediately after use. The private key, therefore, never gets stored anywhere, making it extremely hard for an attacker to steal it. This functionality is a substantial breakthrough that is unique to GenKey and made possible by a new and robust approach to extracting and processing features of a fingerprint and close integration with cryptographic primitives.
ECDSA signatures are used in a wide variety of applications. For example, they are used in Bitcoin to ensure that funds can only be spent by their rightful owners. In the context of the new BioHASH®-D release, it allows a user generating a standardized ECDSA signature on a document using his finger. Moreover, it allows a user to biometrically authenticate himself to a server in a fully private manner.
According to Dr Tom Kevenaar, Director of Technology, “Our latest release truly builds a bridge between robust biometric verification and advanced cryptographic functionality. It can support secure client/server biometric authentication protocols that keep the biometrics safe even when a server is compromised by hackers. Additionally, this enhanced SDK offers a fascinating opportunity to extend Self-Sovereign Identity (SSI) solutions with a biometric proof-of-presence”.
Michiel Loeff, CEO of GenKey, said: “Legislations like Europe’s GDPR have underscored the importance of Privacy-by-Design as an intrinsic mechanism for creating secure biometric solutions. As a pacesetter in the biometric ID market with more than 10 years of experience in applying Privacy-by-Design principles, we are proud to announce a second-generation technology with unique characteristics for safeguarding individuals’ privacy”.
GenKey are experts in biometrics. Together with partners they provide a full range of digital biometric identity products, used by governments, public institutions and businesses. With over 100 million identities verified, GenKey have a proud reputation in supporting developing economies in their need to build sustainable biometric identity solutions. GenKey operate globally, with offices in Europe, Africa and the US.