SenseCrypt eID v3.0.7
  • Introduction
    • Privacy Preserving Biometric Verifiability
    • Principles of Privacy Preserving Face Verification
  • SenseCrypt Server
    • Licensing and Authorization
    • Starting the server
    • Using the Swagger Docs page
      • Authorization
      • Generating your first SensePrint eID QR
      • Generating a raw SensePrint
      • Decrypting a raw SensePrint
    • Accessing the server for testing
    • Liveness Image Requirements
  • SenseCrypt Mobile SDKs
    • Licensing and Authorization
    • Android SDKs
    • iOS SDKs
  • Conclusion
Powered by GitBook
On this page
  1. Introduction

Principles of Privacy Preserving Face Verification

Privacy by Design principles for systems

PreviousPrivacy Preserving Biometric VerifiabilityNextSenseCrypt Server

Last updated 1 year ago

In the previous section we have seen how SensePrints are data structures that are privacy preserving (it cannot be determined that two SensePrints, when compared to each other, were generated from the same person's face).

We have also seen how SensePrints have the property of Biometric Verifiability (given a person's face and a SensePrint, it is possible to verify that it was the same person for whom the SensePrint was generated earlier).

In this section, we highlight the Privacy by Design principles that should underscore any good system.

  • Unlinkability - Given two data structures (SensePrints) alone, it should be impossible to tell if they were generated from the same data (face + metadata) or from different data.

  • Irreversability - Given a SensePrint, it should be impossible to obtain the original face that was used to generate the SensePrint. This property is typically not satisfied by traditional Face Verification systems as they offer a similarity score between two templates. This similarity score makes traditional technology susceptible to .

  • Revocability and Renewability - In traditional systems, it is possible to generate only one feature vector / template from a single image. This means that your face acts as a password that can never be changed. To be revocable and renewable, your face must act as a password that can change. The ability of SenseCrypt to generate multiple SensePrints from the exact same data is what makes it revocable and renewable. If a SensePrint needs to be replaced, a new one can be generated from exactly the same image and data and such a SensePrint would be entirely different from the one being revoked.

Hill Climbing Attacks