Say goodbye to usernames, passwords, smartcards, car keys, tokens or ID cards.
93% of consumers want to replace usernames and passwords with biometric identity verification.
Our mission is to satisfy this demand with the Biocryptology Universal Identity Platform, which offers a complete, universal identity verification ecosystem for online and offline access.
No more usernames and passwords, smartcards, car keys, tokens and ID cards. Just one universal “key” for secure access to an event, gym, car, property, cloud storage, websites, emails, online bank environments, and much more. One single platform for all kinds of uses.
Find out more about Biocryptology’s ultra-secure Swipe ID device and app.
Biocryptology® is a disruptive biometric-based authentication technology. The name references this platform’s high-quality encryption algorithm, which is combined with unique biometric identification and (in the case of the Swipe ID device) anti-tampering mechanisms to keep all ID verification and electronic transactions completely secure. Biocryptology offers a complete ecosystem, including an app (free), N3 terminal and hardware device, the Swipe ID (optional). Users can identify themselves in one of two ways; with the app or a Swipe ID device. In either case, authentication takes place through a biometric verification or identification. Biocryptology will then ‘match’ the user in a central location: the Universal Matching Base. For offline access, this match takes place in the N3 receiver. This system gives users highly secure access to online and offline areas using one universal ‘key’.
Important: There is no risk of your clients’ biometric information being replicated by hackers. Our system does not store any biometric information – neither in the device, nor anywhere else on our platform. Only templates are stored: these are simplified and vectorised representations of a fingerprint, not containing information of interest to criminals/hackers.
A closed system The Biocryptology platform consists of a closed system where only “known” types of hardware and software can communicate with each other. In fact, no third-party involvement in our technology is permitted. All hardware, firmware, software, server communications, etc. are developed in-house to guarantee the highest security standards and the lowest cost. The main differentiators of Biocryptology are as follows:
- It offers a complete ecosystem with an app (free), N3 terminal and hardware device (both optional). Just one universal “key” for many kinds of online and offline access.
- There are two ways for users to identify themselves: with the app or the Swipe ID hardware device. The latter offers the highest security level.
- The app, when compared to other apps that offer online and offline access control, offers three main advantages:
• It is far more versatile, with many possible uses.
• It can provide a higher security level, as demonstrated by its certification according to the U.S. Government Approved Protection Profile for mobile apps, and compliance with EAL1+.
• It is more convenient, since it eliminates the need for tokens, SMS codes, etc. that many online banking and other apps still depend upon.
- At a higher security level, the Swipe ID device and the app enable a user’s identity to be verified by an external party.
Biocryptology is effortlessly scalable, giving companies, organisations and their clients a complete access control solution. The security and convenience of Biocryptology makes it the only platform capable of becoming the global standard for secure access control.
View the full list of security features
Swipe ID Security Features
• 3D Radio Frequency Sensor
In our aim to make the Swipe ID spoof-proof, we have studied many different models of fingerprint readers. We chose the one that offers the highest quality, as well as being convenient. Our 3D radio frequency sensor captures a 3D image of the fingerprint instead of a 2D picture, which provides additional information to the matching system and protects against spoofing.
• Life Detection Mechanism
Every Swipe ID incorporates a life detection mechanism to prevent criminals from gaining access. The user must swipe their own living finger by the sensor each time they require access: yet another spoof-proof feature of the Swipe ID device.
• Anti-Tampering Mechanisms
Swipe ID offers an active electronic tamper protection (which is the highest form of tamper protection), making the Swipe ID resistant to hardware attacks.
Mobile App Security Features
The app is developed under strict protocols defined by the ISO/IEC 15408 EAL1+ and the US Protection Profile of software applications.
In this way, the app can offer the following protections:
• Data protection
All stored data is encrypted and certificates are stored in the safe area of the mobile phone.
• iTouch and Android fingerprint identification
We rely on the security provided by the mobile phone’s manufacturer to identify the user when using the integrated fingerprint sensor.
• Code signature
The application is digitally signed, and the signatures are verified every time a connection is established with our servers. Therefore, any modification to our application can be immediately detected and put under quarantine.
Platform Security Features
• Data Protection
Our firewall evaluates every connection to the system. It detects whether an intruder has gained access to the system, and if so, whether an attempted attack has taken place.
• Secure API
Every system that can access our platform needs a special key to do so. These keys are renewed from time to time to avoid any security compromise.
This verifies every transaction and keeps out any inconsistencies. If someone is trying to access the system in a way that is not allowed, the system detects it and blocks the connection.
Our database is secured with encryption. Furthermore, blocked access is embedded in the infrastructure, so only our back-end can communicate with it. Additionally, all data is protected for editing, so if any external source gains access and changes something, we will detect the change and put the register under quarantine.
• Private networks
All above-mentioned layers are split across different levels of private networks, so there is no direct access from one layer to another. Only our own apps can cross these barriers.
• Code signature
All applications are digitally signed, and every time that a server (re)starts or a new server joins the system, those signatures are verified, so any modification in our applications can be immediately detected and put under quarantine.
• System/Database Integrity Checks
Biocryptology carries out regular system/database integrity checks. An automatic system verifies internal signatures in the software and database to ensure that nothing has been modified in the core system. This allows a system administrator to check if an unauthorised person accessed the system and/or made changes.
• Controlled and Secured Access
Biocryptology has implemented controlled and secured access to system administration. Only through our own Swipe ID device can a system administrator login to the system. Every operation carried out by the system administrators is monitored and saved for future audit. Revocable access exists at all times. This is a far more secure method of server access than logging in with a username and password.
• Only Templates Stored
The Universal Matching Base only stores a fingerprint template. This information cannot be used for impersonation to facilitate identity fraud. So even if a hacker were to gain access to the database, he or she wouldn’t find any data that would enable them to commit identity fraud.
General Security Features
• Random Key Generation
Keys are used to encrypt and decrypt information. Biocryptology secures the biometric data and the communications between our platform, the Swipe ID device and app with Random Key Generation. This makes it much more difficult for an attacker to unravel the information.
• Digital Signatures
Biocryptology also secures the biometric data and the communications between the Swipe ID device or app and the Universal Matching Base (or N3 Receiver) with digital signatures. All transmitted messages are digitally signed, which means that only our own developed device and app can communicate with our server. In case of offline use, digital signatures are applied to the communications between the Swipe ID device or app and the N3 receiver (which would facilitate offline access in locations such as a property, car, stadium, members’ club, etc.).
• Time Stamping and Hashing
Finally, Biocryptology secures the biometric data and the communications between the Swipe ID device or app and our platform with time stamping mechanisms combined with hashing (a function used to map data of arbitrary size to data of fixed size). Each message is time stamped using our platform’s certified time reference and is then hashed with a 256-bit digest algorithm.
This means if there is a time delay in transmitting the message, or the hash code is changed, or there is a “replay back attack”, the platform, Swipe ID device or app will refuse the message. A new message will be requested from the sender. This means that a hacker (“man in the middle”) can’t intercept data during communications without being detected. In the case of offline use with the Swipe ID device, the time stamping task is performed by the internal certified time reference inside the Swipe ID device itself, communicating with the N3 receiver.
Browsers & Operating Systems
View all compatible browsers and operating systems
The Biocryptology platform, Swipe ID device and mobile app work on tablets, laptops, desktop computers and mobile devices.
The Swipe ID device and mobile app are compatible with the following browsers:
• Windows: Internet Explorer 11, Microsoft Edge, Mozilla Firefox (from V.47) and Google Chrome (from V.45)
• Mac OS X: Safari (from V.9), Mozilla Firefox (from V.47), and Google Chrome (from V.45)
Furthermore, the system is compatible with the following operating systems:
• Windows: 7, 8 and 10 (32-bit and 64-bit)
• Mac OS X: 10, 11 and 12 (Yosemite, El Capitan, Sierra)
• Linux: Ubuntu and Debian
Finally, the mobile app works with the following phones:
• iPhone 6 and higher
• Android phone 6.0 and higher
View our list of certifications
Part 1: Biocryptology Certifications
Government – Company – Quality
- ISO 9001:2015: Quality Management Systems (QMS)
- ISO 27001: Information Security Management System (ISMS)
- Organic Law on the Protection of Personal Data (LOPD) 15/1999
- ISO/IEC 15408: Common Criteria for Information Technology Security Evaluation (hardware, software and firmware). EAL3+ (initially), and EAL6+ (finally).
- FIPS 140-2 Level 3, Security Requirements for Cryptographic Modules (initially), and Level 4 Military-grade Security (finally)
- FIPS 180-4, Secure Hash Standard (SHS)
- ISO/IEC 19790 Information Technology – Security Techniques – Security Requirements for Cryptographic Modules
- ISO 14533-1: Advanced Digital Signature CMS (CAdES)
- ISO 14533-2: Advanced Digital Signature XML (XAdES)
- ISO 14533-3: Advanced Digital Signature PDF (PAdES)
- eIDAS Regulation (EU) 910/2014
Software (Back-End Servers)
- OpenID Connect and SAML
- FIPS 140-2 level 1, Security Requirements for Software Applications
- ISO/IEC 15408 Common Criteria for Information Technology EAL4+
- ISO/IEC 27034-1:2011 Security Techniques – Application Security OWASP
- Application Security Controls Project OWASP
Software (Mobile App iOS/Android)
- ISO/IEC 15408: Common Criteria for Information Technology EAL1+
- US Government-Approved Protection Profile
- IPC-A-610: Acceptability of Electronic Assemblies
- IEC 62321:2008: Electrotechnical Products – Determination of levels of six regulated substances (lead, mercury, cadmium, hexavalent chromium, polybrominated biphenyls, and polybrominated diphenyl ethers)
- RoHS Compliant (Restriction of Hazardous Substances). The RoHS directive 2002/95/CE aims to restrict certain dangerous substances commonly used in electronics and electronic equipment.
- IEC Electromagnetic Compatibility (EMC):
- EN 61000-6-1:2007: Electromagnetic Compatibility (EMC) – Part 6-1: Generic standards – Immunity for residential, commercial and light-industrial environments
- EN 61000-6-3:2007: Electromagnetic Compatibility (EMC) – Part 6-3: Generic standards – Emission standard for residential, commercial and light-industrial environments
Software Quality – Process – Testing
- ISTQB (International Software Testing Qualifications Board) Methodology
- ISO/IEC/IEEE 29119 Software Testing:
- ISO/IEC 29119-1: Concepts and Definitions (published September 2013)
- ISO/IEC 29119-2: Test Processes (published September 2013)
- ISO/IEC 33063:2015 Process Assessment Model
- ISO/IEC 33020:2015 Process Measurement Framework for Assessment of Process Capability
- ISO/IEC 29119-3: Test Documentation (published September 2013)
- ISO/IEC 29119-4: Test Techniques
- ISO/IEC 29119-5: Keyword-Driven Testing
- The ISO/IEC/IEEE 29119 standards replace several existing software testing standards:
- IEEE 829: Test Documentation
- IEEE 1008: Unit Testing
- BS 7925-1: Vocabulary of Terms in Software Testing
- BS 7925-2: Software Component Testing Standard
Part 2: Optional Certifications (depending on client)
- ANSI X9.31-1998: Digital Signatures Using Reversible Public Key Cryptography for the Financial Services Industry (rDSA)
- ANSI X9.80: Prime Number Generation, Primality Testing and Primality Certificates
- ISO/IEC 29115:2013: Entity Authentication Assurance Framework
- ISO/IEC 29110: Small Organizations, Life Cycle Profiles and Guidelines
- ISO/IEC 29100: Security Techniques
- ISO/IEC 15504:2003 (uses the process model for ISO/IEC 12207:2002): Software Process Improvement Capability Determination (“SPICE”)
- ISO 20000-1: 2011 and 20000-2: 2007: Information Technology Service Management and Information Security Management
- ISO 28000/28001: Supply Chain Security Management Systems Package
- ISO /IEC JTC 1/SC 37:2007: Harmonized Biometric Vocabulary
- ISO/IEC 24759:2014: Information Technology – Security Techniques – Test Requirements for Cryptographic Modules
- ANSI X9.62-2005: Public Key Cryptography for the Financial Services Industry
- IEEE Std. 1363-2000: Standard Specifications for Public Key Cryptography
- PKCS #13: Elliptic Curve Cryptography Standard
- PCI DSS Compliant (Payment Card Industry Data Security Standard)
- PIV-071006 and FIPS 201 standards. Specifies parameters that devices must meet to guarantee a correct acquisition of the fingerprint image for “Personal Identity Verification” (PIV). The requirements pertaining to those standards are:
- Geometric accuracy
- Spatial frequency response
- Signal-to-noise ratio
- Fingerprint image quality
- NIST – FIPS PUB 186-4: Digital Signature Standard (DSS)
- ISO/IEC 25000:2014: Systems and Software Quality Requirements and Evaluation
The Biocryptology platform can be used for many different purposes. It offers you faster and more convenient access than the process of entering a password and username or using a smartcard, key or access code. But most important of all: it is highly secure.
Biocryptology offers four identification levels. The higher the identification level, the higher the security level, and the greater the number of available uses/applications.
Read about the uses of Biocryptology
When using the Biocryptology platform with the app or your personal Swipe ID device, you can forget about passwords, confirmation codes, login names, boarding passes, credit cards, keys, and many other items that you can leave at home from now on. By performing the “requested action” on the app or device, you get access.
This requested action could be:
- To provide the app with a webcam picture of your ID document and your face
- To swipe your finger across the Swipe ID device
Many of the uses refer to online access situations (e.g. online banking), but you can also facilitate offline access (e.g. to open your car door) by installing a small receiver – the N3 terminal – for access control.
Please note that only ID Level 4 offers all of the uses listed here; certain uses are not available for lower ID Levels. See the ID Levels table.
Make any kind of transaction online and perform payments from your bank account.
When you wish to make a bank transfer, you first login to your bank’s website with your Swipe ID device or app. As soon as you open the bank’s website you choose the preferred login option in the menu that pops up, in this case “Login with Biocryptology”. By performing the requested action on the app or device, you get access to your online banking environment. This requested action for example could be to send a webcam picture of your ID document and your face, or it could be to swipe your finger across your Swipe ID device.
When you wish to make a transaction, you fill in the required fields (amount, account number, etc.) and choose the option “confirm with Biocryptology”. Your app or device instantly receives a message from your bank, you check the display on your app or device to make sure the amount is correct, and confirm the transaction. This means that there is no more need to use signature codes, coordinates cards, token devices and SMS confirmation codes.
For purchasing goods and services online, the procedure is similar: as soon as you go to the website’s shopping cart and proceed to check-out, you choose the option “Pay with Biocryptology” and select the credit card to be used for the payment. Your device or app will instantly receive a message from the online payment operator and you will check that the amount is correct. Then you perform the requested action, and the purchase is confirmed. Here, Biocryptology eliminates the need for a credit card, additional signature confirmation, SMS code confirmation, etc.
Please note that purchasing goods and services online can also be done by authorising a bank transfer.
Online Use and Securing Websites
Biocryptology can secure your access to any website, with no need for a username and password. In case you want a website only to be accessible by you, such as a membership website where you have an account, you can configure it as such by choosing the option “Only allow login through Biocryptology” in your account settings for that website. The same applies to any other online service. The website will then always ask you to use the app or Swipe ID device to login.
Biocryptology also secures access to your cloud storage, preventing unwanted third parties from viewing or modifying the documents and files that you are exchanging with others. To login, the cloud service will then always ask you to use the app or your Swipe ID device.
For complete email privacy, Biocryptology gives you full control over your accounts by encrypting your messages. Furthermore, if both persons in an email conversation use Biocryptology, both persons are protected by the “end-to-end” encryption protocol, which makes all communications private. You can also sign your outgoing emails, so the recipient can be certain you have not been impersonated.
In case you need to encrypt secrets or qualified information in a secure way that only you can access, Biocryptology provides the solution. It allows you to encrypt and protect your files from access by others. You can restrict access only to certain folders on your computer or other devices (photos, videos, etc.) and only allow access to those folders by decrypting them, using your app or Swipe ID device.
Device Access Protection
Biocryptology can restrict your laptop, iPad, computer or other device so that only you can access it. All you need to do is confirm your identity via your Swipe ID device or app and configure this with an application to be installed on your device.
Travel: Boarding Passes, Transport Tickets, Crossing Borders
Your Swipe ID device or app is a convenient travel companion, for two reasons:
• It can serve as your train ticket or airline boarding pass. During the ticket purchase process, choose the option “Biocryptology identification” from the travel company’s menu. You will be asked to perform a requested action (for example swiping your finger across your Swipe ID device). When you want to check in and board at the train/bus station or airport, you just perform this requested action on your app or device. Nothing else is needed to provide access (no passport, ID card, boarding ticket, etc.).
• Your Swipe ID device eases the process of passing through airport security checks. When you have been assigned Identification Level 4, it means that your identity has been verified in a profound way. Since your identity is guaranteed, it is expected that these checks will be faster than the regular security checks because you will be able to pass the security checks through a separate lane by using your Swipe ID device.
Official Documents: Digital Signatures and Notary Use
Incase you want to digitally sign a document (for example to buy certain goods or services), you can choose to sign with your Swipe ID device. This provides the counterparty with a guarantee that it was indeed you who signed the document. On the Swipe ID platform, after signing in to your account, you upload the document it concerns and choose the option “Sign with Swipe ID”. After you have swiped your finger across your device, you will receive the document back by email with a Swipe ID seal confirming that your identity has been verified. Alternatively, you can send it straight to the recipient from your account page. When you forward the document to the counterparty (or when it is sent straight from the platform), the recipient has the guarantee that it was signed by the authorised party.
Also for notary documents (for example signing a property title deed) your personal Swipe ID device offers the utmost speed and convenience. Signing these kinds of documents is similar to signing other official documents. On the Swipe ID platform, you choose one of the affiliated notaries that are available at that moment (listed per country), upload your document to be notarised and request a “Swipe ID Notary Seal”. The notary instantly connects to the platform and asks you to swipe your finger across your device, after which the seal will be applied and your document will be instantly delivered by email.
Physical Access: Homes, Vehicles, Yachts, etc.
Your app or device can also be used for opening the door of your private property such as your car, boat or home. For this purpose, a small terminal, the N3 receiver, will be installed in your home, car, or boat. When you want to get access, you just swipe your finger across your device or use the app to communicate with the N3 receiver inside your property. After performing the requested action on your Swipe ID device or app, the N3 receiver sends a signal to the door lock that access can be granted and the door will open.
Third-Party Locations: Stadiums, Member Clubs, etc.
Biocryptology offers the possibility of secure access to all kinds of third-party locations, such as discotheques, member clubs, gyms, football stadiums and big events. With the installation of an NFC reader near the entrances of these locations, access can be granted to individuals who perform the requested action on their Swipe ID device or app.
Corporate Use: Time and Attendance; Remote and Physical Access
Biocryptology is also an ideal tool for secure access control in physical or online corporate environments. Your Swipe ID device or app can provide access to your employer’s office building, IT devices and computer files. In addition, it can be integrated with time and attendance systems providing employers with a watertight system that guarantees the identity of employees checking in and out.
In addition to the above-mentioned uses, Biocryptology can also be deployed in other sectors like border control (immigration services), law enforcement situations, medical environments (hospitals, medical dossiers, blood banks, etc.), schools, hotels, car rental, and many more.
Read about the on-boarding methods
Self-Activation with the Swipe ID (including Self-Onboarding)
After you have received your Swipe ID device, you will need to activate it and enrol yourself as follows:
- Download the desktop app from the Swipe ID website and install the app. During this process, your email address and mobile phone number will be requested.
- After installation, you will receive an email with a confirmation link and an SMS with a code.
- Click on the link in the email and fill in the code.
- The app will now ask you to connect your Swipe ID device to your computer or mobile phone. You can do this via Bluetooth or USB.
- The system asks you to enrol (maximum) six fingers on your Swipe ID device. Place your fingers on the device one by one. After each finger, a confirmation/validation message appears, telling you that it has been enrolled correctly, followed by a request to place the next finger.
- After the last finger is enrolled, a message confirms the completion of the registration process.
Your fingerprint templates are now registered to the serial number of your personal Swipe ID device, and you are free to start using it.
Third-Party Activation with the Swipe ID (could include Self-Onboarding)
Third parties such as banks can activate the Swipe ID device (and possibly enrol you too), either by using their own system or the Swipe ID platform. In the first scenario, the process involves a desktop app that needs to be installed within the third party’s system. In the second scenario, this app is not necessary.
With a third-party activation:
- Your identity will be validated by the third party by checking your passport or other document, as required. This is the biggest difference compared to self-activation.
- Your details are then selected by the third party in the app or entered manually in the Swipe ID platform (whichever procedure has been chosen by the third party).
- After you have been selected by the third party, your Swipe ID is held close to an NFC reader and the device is registered to you.
- An email with a confirmation link is sent to the third party and to you. In addition, a code is sent to your mobile phone.
The actual enrolment (registering the fingerprint templates) can now be done during your visit to the third party’s location or in your own home using an app to be installed on your computer or mobile phone. The process of enrolment is similar to the steps for self-activation, as described above.
Self-Activation through the Mobile App*
Self-activation can also be done through the mobile app. If your mobile phone supports fingerprint identification like iTouch or Android Fingerprint, you can enrol and activate the app by yourself. In case your mobile phone doesn’t support this type of fingerprint identification, you will need a Swipe ID device to connect to your mobile phone via Bluetooth.
To enrol through the mobile app on your phone:
- Visit the app store supported by your phone, and install the Biocryptology mobile app.
- Before opening the app, make sure that you have the fingerprint identification functionality already configured in your phone. If confirmed, the app will request your personal information, your email address and your phone number.
- For verification purposes, an SMS message and an email with a special link will be sent to you (to be used for confirmation).
- The app requests a finger to be placed in the reader. If the finger is recognised by the phone, then a confirmation/validation message appears, telling you that it has been enrolled correctly.
- In your mobile phone, click the button “Connect to PC” (the Bluetooth signal will turn on).
- On your PC, download the desktop app from the Biocryptology website, and install it.
- Next, select the option “Connect to mobile phone” and choose the phone from the list that appears.
You can now login to websites on your PC by using the mobile app on your phone.
* Please note that third-party activation is only possible with the Swipe ID device, not the app.
By performing a “requested action” on the Swipe ID device or app, access is enabled.
If you are using the Swipe ID, this action could consist of swiping your finger across the device.
If you are using the app, the action could be to provide a webcam picture of your face or an ID document.
The difference between using the device and the app is the level of security and to a lesser extent, the functionality. The device offers the highest level of security.
The Biocryptology app and Swipe ID could be used in combination with the N3 terminal. This is a small device for physical access control and for securing material objects and devices (like cars, buildings, safes, and other real world places). It opens, closes and gives access in combination with the Biocryptology app or device. The N3 terminal can work offline and online.
The Swipe ID device has the following key characteristics:
• The most secure and best protected way for online and offline access control, protecting personal data, such as fingerprints, and avoiding unauthorised accesss:
• Based on a closed end-to-end system.A Life Detection Sensor, 3-D Radio Frequency fingerprint scanner, electronic tamper protection, time stamping, hashing and secure communication.
• No fingerprints are stored, neither in the device, nor anywhere else on the platform. Only templates are stored.
• Surpasses the guidelines and technical standards set by the EBA (European Banking Authority) on strong customer authentication.
• The most trustworthy system for online and offline access, circumventing the limitations of false acceptance rates (FAR).
The app has the following key characteristics:
• Highly versatile, with many possible uses.
• A high security level, as demonstrated by its certification according to the U.S. Government Approved Protection Profile for mobile apps, and compliance with EAL1+.
• Convenient, since it eliminates the need for tokens, SMS codes, etc.
Furthermore, the following key elements apply to the app as well as to the Swipe ID:
• No external databases.
• The fastest response time (< 1 second).
• Highly secure storage of personal data.
• Easy integration: OpenID and SAML.
• Highly scalable.
The N3 terminal has the following key characteristics:
• Power source. Fixed power source or battery-powered (LED signal indicates need for battery replacement).
• In an online scenario, the software involved is the Biocryptology mobile app in combination with the Biocryptology platform. When used offline, the only software needed is the Biocryptology mobile app.
• Information Storage. In an online situation, access information is stored on the Biocryptology platform. In an offline situation, access information is stored inside the N3 terminal.
• Configuration & Settings. User access can be reviewed and the configuration and update settings for each terminal can be changed (for example who has access to which areas and when). If the N3 terminal is used online, these settings are managed on the Biocryptology website. If the N3 terminal is used offline, the user can manage the settings through a Bluetooth connection when being close to the terminal (≤ 5 meters).
• Communication. For online use, the N3 terminal communicates through WiFi, GSM or other standards, depending on the use, although it is also possible to create a wired version. For offline use, the N3 terminal communicates through Bluetooth.
You can read the overview here.
Main Features Swipe ID & Mobile App
- No external databases. The platform works with one Universal Matching Base; no third-party databases are involved. This avoids the need to register personal data elsewhere: an action which increases the risk of ID theft and ID fraud. If the platform needs to be installed at a specific location, such as a data centre or appliance, it can be localised and work together with the Universal Matching Base, or it can work independently.
- The fastest response time (matching < 1 second) also in case of a high-volume database (i.e. billions of fingerprint templates). This is a unique differentiator with other systems based on “one to many” matching that need to search the entire In case of the Swipe ID, the Universal Matching Base needs to compare the template that it receives only with a maximum of six other templates.
- Highly secure storage of personal data. The meticulous design of the system, and the rigorous safety tests and protocols, carried out based on ISO 27000, means the identification data is stored in the most secure manner possible.
- Easy integration from a software perspective, stimulating collaboration with many parties. Any partner can easily integrate their existing system with our identification, authentication and authorisation app or device, with any website or identity server.
- The highest scalability. All above-mentioned characteristics make Biocryptology highly scalable unlike other biometric access control systems currently on the market. It is the only platform capable of becoming the global standard for secure access control.
Main Features Swipe ID
- The most secure and best protected way for online and offline access control, protecting one’s personal data, such as fingerprints, and avoiding unauthorised access:
• Based on a closed end-to-end system: only in-house developed components can communicate with each other. Unknown elements can’t access the platform.
• The device offers a Life Detection Sensor, 3-D Radio Frequency fingerprint scanner, electronic tamper protection, time stamping and hashing. A high-level encryption algorithm secures communication between the platform and device.
• No fingerprints are stored (neither in the device, nor anywhere else on the platform). Only templates are stored: these are simplified and vectorised representations of a fingerprint, not containing information of interest to criminals/hackers.
• Surpasses the guidelines and technical standards set by the EBA (European Banking Authority) on strong customer authentication.
- The most trustworthy system for online and offline access, circumventing the limitations of false acceptance rates (FAR, typical downside of most biometric matching systems). The Swipe ID is personal and allows a maximum of six fingerprint templates to be registered (based on the serial number). The FAR is therefore almost non-existent.
Main Features Mobile App
- Highly versatile, with many possible uses.
- A high security level, as demonstrated by its certification according to the U.S. Government Approved Protection Profile for mobile apps, and compliance with EAL1+.
- Convenience, since it eliminates the need for tokens, SMS codes, etc. that many online banking and other apps still depend upon.
- Biocryptology offers a SDK to be integrated into existing apps. This allows third party apps to use the Biocryptology platform right away.
Identification Functionalities Mobile App
- In case the device has a fingerprint sensor (Touch ID or Android), this sensor can be used to unlock the user certificates to identify for the Biocryptology platform. It requires that the device has a secure encryption environment to store keys. If the device doesn’t offer a fingerprint sensor and/or secure encryption, a Swipe ID (hardware device) will be required for identification purposes.
- The app can recognize whether a Swipe ID is connected and, if that is the case, use it for the identification and authorization process.
- The app can show the details of the transaction performed by the user. The user provides authorization by accepting and signing it.
- By using the app in conjunction with the PC, the mobile phone can act as an identification and authorization device.
- The app can connect with any website using QR codes and the phone’s camera.
- The enrolment procedure can include an identity scan and verification, performed by an external Identity Verification Service provider, like ICAR and Trulioo. The identity can be verified against databases of information.
- The app can identify the user through a Selfie, that should correspond with the ID that has been provided.
- The app allows the user to digitally sign transactions, by using advanced signatures through digital certificates.
- The app can detect and connect with a nearby N3 device (a small receiver used for physical access), and can transmit the user’s identification to provide access. If the mobile phone supports NFC, it is also possible to connect to the N3 device with NFC.
- The app allows the user to manage the N3 device, including editing what users can access through the different N3 terminals that are registered.
The Biocryptology platform was developed by Hanscan Spain, a privately-owned authentication technology firm.
Our company develops biometric and authentication management technology, designed to combat the growing global issues of security, privacy and identity theft and fraud.
Our technology makes it easier and safer to gain access to and deal with the growing number of security measures required to protect identities and transactions in the 21st century.
Hanscan Spain was founded by a visionary engineer. After having earned his spurs in the oil industry with the invention of unique technologies and products and the registration of hundreds of patents, he accomplished something that was widely believed to be impossible: the construction of a private, members-only F1 race resort inside a nature reserve near world famous Marbella in Spain.
In search of a new, sophisticated access system for this exclusive resort in 2011, our founder and his team realised that there were no systems available that met the requirement of secure biometric entry and access for members, along with a guarantee of the utmost privacy. Therefore, we set about developing our own solution. The result was an innovative and very secure biometric access system for the resort that is still in use today.
Building on this accomplishment, we set about creating the ultimate biometric solution for online identification, authorisation and authentication. Based upon the knowledge gained with the development of the race resort’s offline access control system, we created Nexus Smart Pay, a payment system offering the highest level of convenience, speed and security for merchants and consumers alike.
We didn’t stop there, however. We continued searching for the ultimate disruptive solution: we were determined to create a new secure access control protocol, capable of being implemented worldwide in all possible sectors, for offline and online use. A true game changer in the access control industry, setting the standard for security in biometric access systems. In other words: The Next Big Thing.
After many years of developing and fine-tuning our cutting-edge technology, we are proud to present the revolutionary Biocryptology platform.
Many organisations choose to partner with Biocryptology because of the combination of a universal ecosystem, military-grade security, versatility, easy integration (OpenID and SAML) and scalability.
Apart from the savings obtained due to the elimination of ID fraud and all fraud-related losses, there are significant financial incentives for collaborating partners.
Your partnership options
Open your website for access using our OpenID structure, or open your physical location using the N3 terminal. Allow your clients access using their personal Swipe ID or app.
We will create an app for your specific online/offline situation, so you can offer a solution to your clients (e.g. give them access to your online portal, or physical location through the N3 terminal).
Offer your clients access to your online/offline environment or platform and access to the online/offline locations of third-party Universal Identity Platform members.
Hanscan Spain S.A.
Parque Empresarial Perez Iglesias
Calle Casas de Miravete 24 A, 2a Planta,
Oficina 1, 28031, Madrid, Spain