HOW WE SECURE YOUR INFORMATION

Hackers innovate at a pace most of us would be proud of

Known biometric security issues

Physical spoofing

Using plastic/clay to model fingerprints, using pictures, video, and masks to spoof face biometrics even when special hardware is used (for example iPhone X, and Microsoft hello)

Compromised devices

Inserting frames of video into the camera feed coming from the device to fool the face authentication mechanism.

Intercepting communications

Intercepting communications between the device and server and faking the result of the biometric verification, this is referred to as a Man in the Middle attack.

How we secure against issues in biometrics

Liveness Detection

When the picture is taken we use the phone/computer screen to flash a series of coloured lights at the subject. The captured picture and video of the subject with the lights reflecting off them is then securely sent to backend servers.

Deep Learning

A proprietary neural network running on custom hardware then analyses these images and determines whether the subject matches the picture on file, and whether the subject is a real person or a picture/video/mask. This does not require any custom camera hardware or end-user device.

Anomaly Detection

The neural net also determines whether the image that is captured is real or has been inserted digitally into the camera feed.

How we secure against man in the middle attacks

Tokenised Sessions

When starting a biometric verification, our app/webapp firstly contacts the backend server in order to start a secure tokenised session. The token and some other information is then passed to the server along with the biometric data for verification.

Validating Tokens

After the biometric verification is done, the app/webapp then contacts to the server again to ensure that there was a valid biometric authentication that was run for this user and confirms the result. This ensures that the result cannot be faked by intercepting the app communications as its validated by a session token plus secret information.

At SmilePass we apply security best practice to every part of our platform to ensure that you and your customer’s information is protected and authentic. If you want to build a trusted community, you can trust us to help you achieve that.

Contact Details

1 Knightsbridge Green
Knightsbridge
London
SW1X 7QN

Tel: +44 (0) 203 130 0291
Email: info@smile-pass.com

Latest News

Team Series: Grant, CEO

Team Series: Grant, CEO

Aug 14, 2018 | 0 Comments

What is your role at SmilePass? I’m CEO and together with Khalil (our CTO) we’re essentially “re-founders” of SmilePass as we’ve completely changed the product concept and focus, go-to-market strategy, culture and aspirations for the business. As CEO I obviously need...

read more
Passwords are officially dead

Passwords are officially dead

Aug 13, 2018 | 0 Comments

The uses of technology in recent years has grown exponentially and there’s a security measure that deserves to be ditched: the password. Why? Because it sucks. Almost everything we do now has a digital component that requires a password on a login form. The password...

read more

About / Solutions / Product / Pricing / Partners / News / Contact / GDPR

SmilePass © 2018 All Rights Reserved.