Obtaining information about a SensePrint without decrypting it
Sometimes it is necessary to parse a SensePrint without decrypting it with the face.
Such functionality is, for example, useful to know whether the SensePrint was created with an additional password so that the UI can prompt a user to enter the password before attempting to decrypt the SensePrint.
Additionally, a SensePrint may contain information that can be read without decrypting it using the user's face. This information, which we call cleartext_data, is actually still stored encrypted in a SensePrint (it is encrypted with keys associated with your server license) and it cannot be read by another SenseCrypt customer.
However, given a reader has the same license, the cleartext_data can be read without a face scan.
Use cases for cleartext_data include have non-sensitive information such as an eID holder's name as cleartext_data while maintaining sensitive attributes such as postal address in the sensitive, face encrypted metadata portion of a SensePrint.
Also, parsing a SensePrint also reveals whether liveness checks must be performed before their decryption.
To parse raw SensePrint bytes, expand the /parse-raw section and click on Try it out as before:
Upon clicking Try it out, the following JSON text will become editable:
senseprint_base_64 is the value obtained by making an API call to the /senseprint-raw in the Generating a raw SensePrint section.
verifiers_auth_key parameter specifies a secret that is shared with a verifier of the eID. It must be the same as the value that was used to generate the SensePrint. If no value was specified when generating a SensePrint, this parameter can be omitted.