Zero-Knowledge Biometrics™

Explore how Keyless delivers privacy, security, and a seamless user experience without compromise, addressing the flaws of traditional systems.
Download WhitepaperRequest Demo

The Biometric Privacy Challenge

Biometric systems have traditionally risked privacy by storing sensitive data, forcing organizations to choose between exposing users to breaches or sacrificing user experience.
The challenge is providing secure authentication without compromising privacy or UX.

The Struggle with Traditional Systems

Traditional biometric solutions face a privacy dilemma:
Local biometrics (e.g., FaceID) store data on the device, enhancing privacy but failing to confirm identity, relying on PINs or passwords as fallbacks instead.
Centralized biometrics store hashed data in the cloud, proving identity but risking privacy breaches as hashing techniques can can be reverse-engineered to reveal the original biometric data.

The Emergence of Decentralized Biometrics

Decentralized biometrics are systems built with the intention of preserving privacy. A successful decentralized system addresses both the privacy issues associated of centralized biometrics and the security and usability drawbacks of local systems.

Zero-Knowledge Biometrics: The Keyless Approach

Zero-Knowledge Biometrics (ZKB) is Keyless' unique, patented approach to decentralized biometrics. Instead of hashing or sharding, we use secure Multi-Party Computation (sMPC), a privacy-preserving cryptographic technique that does not store biometric data anywhere - neither on the device, nor on the cloud.

ZKB involves two steps:

Step 1

During enrollment, a biometric profile is captured, transformed on the user’s device using sMPC, and stored on the cloud. No biometric information can be extracted from this profile, ensuring that neither the cloud service provider nor even the vendor can link it to the user’s face.

Step 2

During authentication, another sample is captured, transformed, and compared with the stored profile using the sMPC protocol. By comparing two encrypted profiles, biometric data is protected in use, at rest, and in transit, offering the privacy benefits of local authentication with the security and portability of server-side biometrics.

Explaining sMPC with the Millionaire’s problem
Consider two millionaires who are interested in knowing who is richer without revealing their actual wealth. SMPC allows them to find this information out without revealing their answers. In Keyless’ context, SMPC allows a user to send and retrieve their biometric data from the Keyless Cloud Service without revealing their data to anyone, including Keyless.
User templates converted using Zero-Knowledge Biometrics™ technology are not classified as biometric data by European regulators. This ensures that biometric profiles processed in this manner are fully compliant with GDPR regulations on data processing and storage.

Learn More About Our Award-Winning Technology

Passwordless is Just the Beginning.
The Future is Keyless.

Request DemoContact Us
Consumer SolutionsWorkforce SolutionsTechnologyIndustriesResourcesCompanySupport Center
PSD2/SCA CompliantPSD2/SCA Compliant
GDPR CompliantGDPR Compliant
CCPA CompliantCCPA Compliant
FIDO2 CertifiedFIDO2 Certified
FIDO Biometrics CertifiedFIDO Biometrics Certified
ISO 27001 CertifiedISO 27001 Certified
ISO 9001 CertifiedISO 9001 Certified
ISO/IEC 30107-3 CertifiedISO/IEC 30107-3 Certified
© 2025 Keyless. All rights reserved.
Cookie Settings