LogoLogo
  • Introduction
  • Getting Started
  • SenseCrypt Server
    • Starting the server
    • Configuration
    • Licensing and Authorization
    • Using the Swagger Docs page
    • Authorization
    • Using a JWT Token for Mobile Authorization
    • Getting information about your license
    • SenseCrypt eID
      • Generating your first SensePrint eID QR
      • Generating a raw SensePrint
      • Decrypting a raw SensePrint
      • Parsing a SensePrint
    • SenseCrypt Face PKI
      • Configuration
      • Accessing your Root Certificate
      • Generate your first Face Certificate
      • Verifying a Face Certificate
      • Encrypting Data/Keys using a Face Certificate
      • Face Decrypting Data/Keys
      • Face Signing
      • Face Signature Verification
    • Accessing the server for testing
    • Liveness Image Requirements
  • SenseCrypt Mobile SDKs
    • Licensing
    • Authorization for Online SDKs
    • Liveness and Face Capture
    • Android SDK
    • iOS SDK
  • Conclusion
  • FAQ & Search
  • Appendix
    • Privacy Preserving Biometric Verifiability
    • Principles of Privacy Preserving Face Verification
    • Foundational vs Functional eID
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. SenseCrypt Server
  2. SenseCrypt eID

Parsing a SensePrint

Obtaining information about a SensePrint without decrypting it

PreviousDecrypting a raw SensePrintNextSenseCrypt Face PKI

Last updated 9 months ago

Was this helpful?

Sometimes it is necessary to parse a SensePrint without decrypting it with the face.

Such functionality is, for example, useful to know whether the SensePrint was created with an additional password so that the UI can prompt a user to enter the password before attempting to decrypt the SensePrint.

Additionally, a SensePrint may contain information that can be read without decrypting it using the user's face. This information, which we call cleartext_data, is actually still stored encrypted in a SensePrint (it is encrypted with keys associated with your server license) and it cannot be read by another SenseCrypt customer.

However, given a reader has the same license, the cleartext_data can be read without a face scan.

Use cases for cleartext_data include have non-sensitive information such as an eID holder's name as cleartext_data while maintaining sensitive attributes such as postal address in the sensitive, face encrypted metadata portion of a SensePrint.

Also, parsing a SensePrint also reveals whether liveness checks must be performed before their decryption.

To parse raw SensePrint bytes, expand the /parse-raw section and click on Try it out as before:

Upon clicking Try it out, the following JSON text will become editable:

{
  "senseprint_base_64": "senseprint_base_64",
  "verifiers_auth_key": "(optional) verifiers_auth_key"
}

verifiers_auth_key parameter specifies a secret that is shared with a verifier of the eID. It must be the same as the value that was used to generate the SensePrint. If no value was specified when generating a SensePrint, this parameter can be omitted.

senseprint_base_64 is the value obtained by making an API call to the /senseprint-raw in the section.

Generating a raw SensePrint
Trying out the /parse-raw end-point