We realize biometrics is a very worrying subject. Your passwords might get stolen, a very inconvenient thing to happen (if you ever had one stolen and then used, you know the feeling), but there is an upside (if you want to look at it from a positive perspective) – you can set a new password on all accounts you used it and you are ‘safe’ again. But with your biometrics, there is no such thing as changing them in case of theft – they will stick, no reset possible.
That’s why here at sezame we opted for the one path where this does not pose a threat – we do not have access to your fingerprints or face scans, we do not store them and we certainly do not send them over the internet – encrypted or not!
We follow the same pattern led by the industry giants implementing biometric sensors – your data stays within your most personal device, your smartphone. It never leaves the phone and (up to today) there is not one documented incident where the bad guys where able to access these biometrics on a phone – they are safely locked away in a so called TPM (trusted platform module) – a cryptoprocessor on the mainboard with isolated communication capabilities towards the main processor or the internet-connected modules. The implementation of these secure co-processors in today’s smartphones makes it literally impossible to access the raw fingerprint data via the operating system or any applications running on the phone (again, as of today, not a single documented incident). If you want to read more about this (in great detail, here’s a link to how Apple implements this in today’s iPhones: iOS_Security_Guide and Touch ID advanced security technology
So under the (pretty safe) assumption that your fingerprints or face scans are secure on your device, we decided to use an approach leveraging these sensors and their built-in security the way they were designed.