Keyless Technologies, the next-generation biometric authentication company, announces that they have been granted a non-provisional patent by the U.S. Patent and Trademark Office, for how they authenticate and preserve the privacy of a user's digital identity.

The technology prevents organisations, third parties and even Keyless from accessing a person's biometric data as it is not stored on a device or any centralised location - a market first. That means the technology exceeds regulation, such as GDPR and CCPA. In the current era where security and privacy concerns are running high, this fundamental shift from the current approach for biometric authentication will have meaningful value for many industries and individuals concerned with privacy for digital identities.

Utilising innovative cryptography

"Our mission at Keyless is to provide people and organisations with a passwordless future, where the user is the key. We want to do it in a way that lets people login to any app or service, from any device, easily and safe in the knowledge that they have the privacy they deserve, and for organisations to maintain security and compliance for their systems and users. This patent demonstrates our commitment to that mission," says Andrea Carmignani, CEO and Co-Founder.

The Keyless privacy-by-design technology utilises innovative cryptography and secure multi-party computing on the edge. When a user enrols with Keyless, their biometric template is encrypted, broken up into ‘shards’ and stored across multiple servers. Even if a server is compromised, the attackers would never have access to the complete dataset.

Personally identifiable information

The way Keyless technology processes and stores data means that it exceeds GDPR

The user's template is also deleted from the device they used to enrol. When next they are asked to authenticate, the user looks into a forward-facing camera and their details are matched against the stored ‘shards;’ at no time is the full template ever restored. The way Keyless technology processes and stores data means that it exceeds GDPR (no personally identifiable information is stored) and in conjunction with partners, adheres to PSD2 SCA requirements.

This is especially useful for highly regulated industries, such as financial services, or for industries that struggle with revenue leakage due to credential sharing, such as streaming media services. Keyless' technology ensures that it is the person and not a device, being authenticated in a private and secure manner.

Subsequent authentication process

The simple enrolment and subsequent authentication process is also designed to be as intuitive for the user as possible, to enhance user experience. "The intersection of user experience, privacy and security is a very hot space, right now," says Paolo Gasti, CTO.

"There are multiple vendors and analysts out there talking about it, but no one has yet solved that conundrum. By investing in the research and developing our technology in a privacy-first way, we believe we've taken a big step in addressing it. And as we look ahead to up-and-coming technologies that will one day 'be the norm,' such as blockchain and services offering Self-Sovereign Identity, where privacy-by-design is a key tenet, Keyless technology will be able to support those too."

Download PDF version Download PDF version

In case you missed it

Alamo enhances security with Alcatel-Lucent solutions
Alamo enhances security with Alcatel-Lucent solutions

Alamo Colleges in San Antonio, Texas supports more than 65,000 students and 7,000 staff. It's five campuses and smaller regional learning centres connect students and staff, expan...

When choosing an access solution, make total cost of ownership a key part of the calculation
When choosing an access solution, make total cost of ownership a key part of the calculation

Digital access control has well-known benefits over traditional security, of course, but also costs attached to each stage of its lifetime. However, these costs are not fixed. Many...

The Camp: Enhance security with ASSA ABLOY Aperio wireless locks
The Camp: Enhance security with ASSA ABLOY Aperio wireless locks

As a provider of future-oriented business education, The Camp sought an access control solution as forward-thinking as their courses. Their campus site near Aix-en-Provence is div...

Quick poll
What's the primary benefit of integrating access control with video surveillance?