Praetorian Security attests to the protocol’s secure-by-design architecture
FaceTec announced that its digitally-signed biometric barcode UR Code protocol successfully passed Praetorian Security Inc’s rigorous reverse engineering testing process and its risk-informed security assessment as the company continues to expand its industry-leading position in global 3D Face Verification and digital identity software.
Praetorian completed reverse engineering analysis of the UR Code’s SDK focused on identifying internal hashing mechanisms, encryption keys, and customer PII. During the analysis, Praetorian identified the following:
- 0 Critical Risk Issues
- 0 High Risk Issues
- 0 Medium Risk Issues
- 0 Low Risk Issues
- 0 Informational Risk Issues
Praetorian also tested security controls related to robust code obfuscation, like dead code insertion, control flow flattening, and variable, class, and function renaming.
Cyber Technology Insights : OpenAI Startup Fund-Backed Adaptive Security Unveils Latest GenAI Release
UR Codes enable legal identity-issuing authorities to provide machine-readable codes that bind together the legal identity data and biometric face data of a code holder. UR Codes provide similar privacy-protecting biometric security to e-passports, but without the usability and durability problems, or the exorbitant costs of scannable NFC chips.
UR Codes are generated by issuing authorities using secure UR Encoder software that runs behind their own firewall. The issuing authority encodes the identity information and feature vector data from the face photo of the person who is being issued the UR Code. A digital signature is then derived and also encoded, verifying that the identity data was truly issued – as encoded – by the listed issuing authority. Using each issuer’s unique public/private encryption key pair, the software cryptographically signs each UR Code, making them provably immutable. The face data encoded cannot be reconstituted back into a human-viewable face photo, preserving the privacy of the stored face data.
Cyber Technology Insights : Jericho Unveils a Self-Service AI-Powered Phishing Defense Experience at Scale
UR Codes, in universal QR format, can be scanned with any smart device or webcam. Any organization, government, private sector, for-profit or nonprofit, and even any individual, can scan and match any 2D face photo UR Code with a 3D face photo. All required software is included in the UR Code Scanner/Matcher SDK and is free for unlimited use for not-for profits, law enforcement, and government agencies.
FaceTec also recently announced the release of the Scan+Match Apps for its revolutionary UR Code identity verification protocol. The apps scan, validate, and match a face to the biometric data encoded in a UR Code, with no biometric data or personally identifiable data leaving the user’s device.
Cyber Technology Insights : TekStream Partners with Cloudflare to Bolster Cybersecurity and Digital Resilience Offerings
To participate in our interviews, please write to our CyberTech Media Room at sudipto@intentamplify.com
Source – prnewswire
