Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Posted By Gbaf News

Posted on May 14, 2016

NEW WHITE PAPER FROM PWC LEGAL POINTS TO BEST PRIVACY PRACTICES WHEN USING BIOMETRIC MATCHING FOR AUTHENTICATION

Commissioned by Nok Nok Labs, the white paper evaluates key privacy implications of processing biometric data; comparing the benefits and risks of on-device and on-server matching for biometric authentication.

Nok Nok Labs, an innovator in modern authentication and a founding member of the FIDO (Fast IDentity Online) Alliance, today published a white paper from PwC Legal comparing key privacy implications of on-device and on-server matching of biometric data.

For organisations considering biometrics as they move away from reliance on usernames and passwords, the report highlights why device-side matching of biometric data is a compelling approach to satisfy key privacy requirements on cross-border personal data transfers, as well as providing the benefits of individual choice and control around such personal data.

Biometric data is considered to be sensitive personal data and some jurisdictions have already specifically referenced it in privacy guidance and legislation. This paper emphasises key privacy considerations, sets out the implications of processing biometric data in the EU, Switzerland, Canada, USA and the Asia-Pacific region, and touches on best practice recommendations in these jurisdictions.

“Biometric authentication and verification can be one of the most secure ways to control access to restricted systems and information,” said Stewart Room, partner at PwC Legal. “Unlike authentication based on traditional passwords, authentication through biometric data is easier to use in practice, and can be far more secure.

“However, this is a double-edged sword, because biometric data is extremely sensitive due to its uniqueness and how intrinsic it is to a specific individual. Additional efforts must be made to keep this data secure including choosing a proper compliance system and infrastructure, training staff how to handle it and protecting it from unauthorised access or disclosure.”

Other key findings in the white paper include:

  • Freely given, informed user consent is required before processing biometric data in almost every jurisdiction covered in the white paper
  • With centralised storage of biometric data, the potential for large-scale loss of data is significantly increased
  • On-device authentication will generally avoid international cross-border biometric data transfer implications. Conversely, on-server authentication for a global network of biometric users results in international transfers of data; transfer of personal data, including biometric data, out of a jurisdiction is generally restricted

“Biometrics are a compelling way to improve mobile application usability and avoid the security pitfalls of username/passwords, but significant privacy concerns come into play,” said Phillip Dunkelberger, President & CEO of Nok Nok Labs.  “With biometrics, it is crucial to understand the difference between on-device and on-server matching, as the difference between the two approaches significantly affects the risk and exposure of data in a breach.  The on-device approach, as used by Nok Nok Labs technology, ensures optimal privacy for biometric information.”

The full report can be found here: https://go.noknok.com/PwCLegal-Biometric-WP.html

About PwC Legal
At PwC Legal we combine legal advice with the expertise of professionals in Tax, Accounting and HRS to provide our clients with commercial solutions to the most complex business issues. We’re a network of 2,500 legal experts in over 85 countries committed to delivering an exceptional service to clients and experience for our people.

The white paper has been prepared by PwC Legal LLP upon request by Nok Nok Labs, Inc, and does not constitute legal advice.

Recommended for you

  • The Future of Asset Management: Technology-Driven Innovations and Client Expectations

  • How can we ensure privacy in the digitization of healthcare?

  • Quantum Computing: Unleashing Disruptive Potential and Strategic Industry Implications