Biometrics

TrustGrid wallet application leverages biometric authentication to enhance security and user experience for several key functionalities:

1. Secure Mobile Wallet Access:

• Initial Setup: During initial app setup, a user undergoes a biometric enrollment process (e.g., facial recognition or fingerprint scan).

• Subsequent Logins: After successful enrollment, users can utilize their enrolled biometrics (fingerprint, face) for convenient and secure access to the mobile wallet application instead of passwords or PINs. This eliminates the risk of forgotten passwords or unauthorized access through compromised login credentials.

2. Secure Issuance of PhotoID-based Verifiable Credentials (VCs):

Beyond convenient access, biometric authentication plays a crucial role in securing the issuance process for PhotoID-based VCs:

• Liveness Detection: When a user applies for a VC that requires a photo ID (e.g., driver's license), the app initiates a biometric scan along with the photo capture.

• Direct Continuous Monitoring (DCM): The app employs DCM algorithms to verify the liveness of the biometric scan. This ensures the user is physically present and not attempting to submit a spoofed image (e.g., a picture of someone else's ID).

Advantages of Biometric Authentication for Secure VC Issuance:

• Prevents Identity Theft: By verifying liveness during the biometric scan, the solution mitigates the risk of someone else applying for a VC in the user's name using a stolen or fake ID.

• Strengthens Trust in VCs: Issuers can be more confident in the legitimacy of the identity associated with the VC request when liveness checks are successfully completed.

• Future-Proof Security: Biometric authentication offers a more robust security measure compared to traditional methods like passwords & OTPs, which are more susceptible to hacking or social engineering attacks.

Overall, integrating biometric authentication strengthens the security and integrity of the TrustGrid's Identity solution. By ensuring the user's physical presence during both wallet access and PhotoID-based VC issuance, our solution fosters trust within the SSI ecosystem and paves the way for secure and future-proof identity management.