LogoLogo
  • Introduction
  • Getting Started
  • SenseCrypt Server
    • Starting the server
    • Configuration
    • Licensing and Authorization
    • Using the Swagger Docs page
    • Authorization
    • Using a JWT Token for Mobile Authorization
    • Getting information about your license
    • SenseCrypt eID
      • Generating your first SensePrint eID QR
      • Generating a raw SensePrint
      • Decrypting a raw SensePrint
      • Parsing a SensePrint
    • SenseCrypt Face PKI
      • Configuration
      • Accessing your Root Certificate
      • Generate your first Face Certificate
      • Verifying a Face Certificate
      • Encrypting Data/Keys using a Face Certificate
      • Face Decrypting Data/Keys
      • Face Signing
      • Face Signature Verification
    • Accessing the server for testing
    • Liveness Image Requirements
  • SenseCrypt Mobile SDKs
    • Licensing
    • Authorization for Online SDKs
    • Liveness and Face Capture
    • Android SDK
    • iOS SDK
  • Conclusion
  • FAQ & Search
  • Appendix
    • Privacy Preserving Biometric Verifiability
    • Principles of Privacy Preserving Face Verification
    • Foundational vs Functional eID
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Appendix

Principles of Privacy Preserving Face Verification

Privacy by Design principles for systems

PreviousPrivacy Preserving Biometric VerifiabilityNextFoundational vs Functional eID

Was this helpful?

In the previous section we have seen how SensePrints are data structures that are privacy preserving (it cannot be determined that two SensePrints, when compared to each other, were generated from the same person's face).

We have also seen how SensePrints have the property of Biometric Verifiability (given a person's face and a SensePrint, it is possible to verify that it was the same person for whom the SensePrint was generated earlier).

In this section, we highlight the Privacy by Design principles that should underscore any good system.

  • Unlinkability - Given two data structures (SensePrints) alone, it should be impossible to tell if they were generated from the same data (face + metadata) or from different data.

  • Irreversability - Given a SensePrint, it should be impossible to obtain the original face that was used to generate the SensePrint. This property is typically not satisfied by traditional Face Verification systems as they offer a similarity score between two templates. This similarity score makes traditional technology susceptible to .

  • Revocability and Renewability - In traditional systems, it is possible to generate only one feature vector / template from a single image. Multiple SensePrints can be generated from the same person. While you can't change your face, you can change your SensePrint as needed.

If a SensePrint needs to be replaced, a new one can be generated from exactly the same image and data and such a SensePrint would be entirely different from the one being revoked.

Hill Climbing Attacks
Privacy features of a SensePrint