Keyless Technologies, the next-generation biometric authentication company, announces that they have been granted a non-provisional patent by the U.S. Patent and Trademark Office, for how they authenticate and preserve the privacy of a user's digital identity.

The technology prevents organisations, third parties and even Keyless from accessing a person's biometric data as it is not stored on a device or any centralised location - a market first. That means the technology exceeds regulation, such as GDPR and CCPA. In the current era where security and privacy concerns are running high, this fundamental shift from the current approach for biometric authentication will have meaningful value for many industries and individuals concerned with privacy for digital identities.

Utilising innovative cryptography

"Our mission at Keyless is to provide people and organisations with a passwordless future, where the user is the key. We want to do it in a way that lets people login to any app or service, from any device, easily and safe in the knowledge that they have the privacy they deserve, and for organisations to maintain security and compliance for their systems and users. This patent demonstrates our commitment to that mission," says Andrea Carmignani, CEO and Co-Founder.

The Keyless privacy-by-design technology utilises innovative cryptography and secure multi-party computing on the edge. When a user enrols with Keyless, their biometric template is encrypted, broken up into ‘shards’ and stored across multiple servers. Even if a server is compromised, the attackers would never have access to the complete dataset.

Personally identifiable information

The way Keyless technology processes and stores data means that it exceeds GDPR

The user's template is also deleted from the device they used to enrol. When next they are asked to authenticate, the user looks into a forward-facing camera and their details are matched against the stored ‘shards;’ at no time is the full template ever restored. The way Keyless technology processes and stores data means that it exceeds GDPR (no personally identifiable information is stored) and in conjunction with partners, adheres to PSD2 SCA requirements.

This is especially useful for highly regulated industries, such as financial services, or for industries that struggle with revenue leakage due to credential sharing, such as streaming media services. Keyless' technology ensures that it is the person and not a device, being authenticated in a private and secure manner.

Subsequent authentication process

The simple enrolment and subsequent authentication process is also designed to be as intuitive for the user as possible, to enhance user experience. "The intersection of user experience, privacy and security is a very hot space, right now," says Paolo Gasti, CTO.

"There are multiple vendors and analysts out there talking about it, but no one has yet solved that conundrum. By investing in the research and developing our technology in a privacy-first way, we believe we've taken a big step in addressing it. And as we look ahead to up-and-coming technologies that will one day 'be the norm,' such as blockchain and services offering Self-Sovereign Identity, where privacy-by-design is a key tenet, Keyless technology will be able to support those too."

Download PDF version Download PDF version

In case you missed it

How can the industry do a better job of promoting emerging technologies in physical security environments?
How can the industry do a better job of promoting emerging technologies in physical security environments?

By all accounts, technology development is moving at a rapid pace in today's markets, including the physical security industry. However, market uptake of the newest technologies ma...

Dahua & KITT Engineering's LED screen innovations
Dahua & KITT Engineering's LED screen innovations

About a year and a half ago, Peter de Jong introduced Dahua to Fred Koks, General Manager of KITT Engineering. Since then, Dahua, KITT Engineering, and Ocean Outdoor have complete...

Protect assets with BCD's hybrid cloud NVR solutions
Protect assets with BCD's hybrid cloud NVR solutions

Like any retail franchise, car dealerships that have multiple locations nationwide require comprehensive, reliable, and scalable video surveillance solutions to protect their busin...

Quick poll
What is the most significant challenge facing smart building security today?