BIOMETRIC enrollment requirements

Skip to first unread message

preethi pravalika

Feb 19, 2024, 1:24:22 AMFeb 19
to FIDO Dev (fido-dev)
Hi, I have queries regarding the biometric enrollment flow requirements imposed by FIDO.

we are working on a solution that targets biometric capture on physical device, but actual identification/authentication is On-cloud. This necessarily means, the biometrics are stored/processed on-cloud.

We have some concerns regarding the enrolment restrictions imposed by FIDO:

  • Does FIDO mandate 1:1 comparison in register/authenticate flows ? ( we can achieve this )
  • is it ok to do 1:N comparison on-cloud for duplicate checks as part of enrollment ?

Questions based on references : 

FIDO Privacy principles state: "Biometric data must never leave the user’s personal computing environment"
  • what is the personal computing environment here ? can it be on cloud ?
The FIDO biometric requirements state : 
  • Speaking of a biometric Reference it states:
    "For example, in a duplicate enrolment check a biometric reference will be used as the subject for comparison against all other biometric references in the database."
    • what does it mean by comparison here, does FIDO allow 1:N comparison in enrollment flow ?
  • "The biometric reference is stored locally on the device" - does FIDO mandate that the biometrics NEVER leave the physical device ?

Reply all
Reply to author
0 new messages