The problem with stored biometrics
Every conventional biometric system reduces a capture to a reference template and stores it. That stored template is, from an information standpoint, close to the biometric itself. A breach of the template store is therefore close to a breach of the biometric — and a biometric, unlike a password, cannot be changed.
The Biofy approach
Instead of storing a copy of the biometric, Biofy derives a revocable credential from the capture. What is stored cannot be reversed to reconstruct the original. If the credential is ever compromised, it is cancelled and reissued — from the same biometric, without re-enrollment.
One-way
No path from stored data back to the original biometric, under any efficient attack the academic community has found.
Reliable
Biometric captures vary between sessions. The platform handles that variation without affecting accuracy or requiring re-enrollment.
Renewable
Different services produce unlinkable, pseudonymous credentials from the same biometric. No service can correlate a user across tenants, and compromise in one context doesn't affect others.
The platform exposes standard protocols so teams don't have to rewrite applications around it. Connect via API or hosted endpoint.
Replace platform authenticator with a Biofy biometric credential.
Standard OpenID Connect provider with biometric assurance level.
Enterprise federation for existing SSO tenants.
Recognition within the European trust framework.
External authenticator profile for regulated workstations.
User lifecycle sync with identity providers and HR systems.
GDPR Article 9
Special-category data treated as such — minimised, protected, and lawful under healthcare and employment bases.
ISO/IEC 27001
Information security management aligned to international standard; certification in progress.
ISO/IEC 24745
Biometric information protection requirements — irreversibility, unlinkability, renewability.
NSM grunnprinsipper
Aligned with the Norwegian National Security Authority's basic principles for ICT security.