SECURITY BY DESIGN
Security by design is our promise to you, we have embedded Security directly into the design and architecture of all applications.
In order to keep your security optimally protected, Qafis R&D team designed a biometric system with this in mind:
" if you can make it you can break it, maybe not today, but you can't predict the future"
Our goal is to limit the information a criminal can obtain.
When data is stored (encrypted or not) on the device, like a Passport, ID card, smart cards, phones or tablets, criminals have the possibility to re-create, or replace the biometric data.
Qafis avoids our multi-biometrical identity to be linked back to our data credentials, we created a Biometric system that secure the assets of the provider and their customers in a multifactor way.
Using our own security protocols and don’t rely on the security protocols providers already use to implement the Biometric Secure Socket Layer Server. (penetration testing show flaws in their or a third-party vendors’ security, improper configurations, or risky end-user behavior).
In order to keep your security optimally protected, our system is designed to keep your personal data separated from your biometrical features, this means your data is NOT stored together on the database, server or device.
In addition to providers SSL protection, your biometric session creates a one-time key behind a provider’s certificate. The Biometric Secure Socket Layer connection is using a secure VPN or JSON connection between Provider and the Biometric Server.
Qafis creates a unique encrypted HASH out of your biometric enrolment that, by themselves, have no value and is useless for Criminals. When using a separate Biometric system, criminals needs to hack into 2 systems to obtain all data.
Multi-biometrical identity is not only more secure, but they're more accurate.