Biometrics and identity management company TECH5 has launched its biometric-derived keys (BDK) technology called T5-AirKey.
The T5-AirKey is an innovative BDK technology that uses biometrics to derive keys that can be used to perform cryptographic operations like digital signing and encryption.
This technology provides significant advantages by addressing the vulnerabilities inherent in the conventional and most widely used approach of storing and using static biometric templates for matching, whether on devices or in databases.
The BDK functionality is achieved by generating a unique, random irreversible ephemeral key from a fresh biometric capture of face, fingerprints, or any other biometric modality. This revocable real-time key is based on the user’s biometrics enables encryption and signing of sensitive data, eradicates the need for biometric template databases (honey pots), and eliminates man-in-the-middle attacks and diverse security vulnerabilities.
It can not only be used to securely authenticate the user but also used for encrypting sensitive data that can only be unlocked by the owner with their biometrics. It can also replace the need for seed phrases required by many digital wallets – one of the biggest reasons for people to lose crypto assets. It will also enable better biometric approaches in IAM systems and passkey-like solutions.
T5-AirKey is designed to address the most pressing challenges of legacy biometric systems associated with using static biometric templates for matching, either stored in databases, devices, or alternatively stored and presented in traditional 2D barcodes like QR codes. This technology mitigates risks such as template exposure for replay attacks, reverse engineering templates to generate face images or identifying traits like gender and ethnicity and overriding match results produced by the probabilistic matcher.
Additionally, the technology eliminates the need for additional encryption during storage and transmission or complex distributed template storage and matching computation systems. It can be easily combined with other cryptographic technologies to achieve post-quantum cryptography-proof solutions.
T5-AirKey can be used in verifiable credentials (W3C VC) stored in digital wallets or embedded in codes, not only enabling encryption but also facilitating selective disclosure by encrypting different claims signed using different modalities of the same person.
ISO 30136 guidelines address biometric template protection, requiring revocability, non-reversibility, non-linkability, and protected matching. However, most existing solutions fail to fully mitigate risks associated with stored templates.
“TECH5’s Biometric Template Protection technology meets ISO 30136 compliance by encrypting raw templates,” said TECH5 Chief Technology Officer Rahul Parthe. “T5-AirKey goes a step further by ensuring that no templates are ever stored, eliminating static data vulnerabilities.”
With T5-AirKey, TECH5 completes its technology offering for identity management systems, delivering a comprehensive response to modern identity threats while specifically tackling legacy challenges that continue to affect many biometric systems.
“We are proud to launch this groundbreaking suite of technologies that revolutionises the use of biometrics in cryptographic operations, identity verification, and secure data sharing, offering unparalleled privacy, flexibility, and fraud protection,” said Parthe. “We look forward to seeing companies implement it and achieve a new level of security in identity management. We are also looking forward to the impact it will have on digital ID and digital public infrastructure projects globally.”
