Privacy Preserving
Traditional face recognition
As we have seen in the previous section, traditional Face Recognition depends on generating and storing a biometric template during enrollment and then subsequently generating and comparing a new template during verification.
Since two generated feature vectors/templates can be compared, if one is stored in a database operated by company A and the other is stored in a database operated by company B, a comparison can be made between them to determine if it is the same person.
This is despite the fact that company A and company B may be unrelated to each other. This violates the principle of Unlikability in a Privacy by Design framework.
Privacy preservation
The ability to compare feature vectors/templates with one another in traditional biometrics is what makes the stored data biometric in nature.
To enable privacy preservation, a system should be able to generate any number of different data structures (akin to feature vectors/templates) from a single image. If it does so, the data structures generated cannot be compared to one another.
Since there is no way to compare the data structures generated by a privacy-preserving framework, if they were stored in separate databases, there would be no way to determine that the data structures correspond to the same person. This satisfies the principle of Unlikability in a Privacy by Design framework and makes the data structures non-biometric in nature.
Biometric verifiability
We have seen how two privacy-preserving data structures generated from the same data cannot be compared to determine any kind of similarity.
But, given a Biometric Sample (such as a facial image), can it be determined that the privacy-preserving data structure was generated from a similar biometric sample?
This is where the ZelfEncrypt algorithm comes in. It makes possible the verification of privacy-preserving data structures without compromising user privacy.
Even though the data structures, called ZelfProofs, generated by the ZelfEncrypt algorithm are non-biometric in nature, they can still be used for Biometric Verification.
Integration with crypto wallets
In the context of crypto wallets, traditional biometric verification methods often rely on the storage and comparison of biometric templates, which expose users to privacy risks if the data is shared or stored across multiple platforms.
However, with ZelfEncrypt and ZelfProofs, crypto wallets can offer Safeguarding of your assets and encryption/decryption features while preserving user privacy. Each ZelfProof is unique, preventing correlation across different wallets or services. This ensures the privacy of user identity without compromising security.
Users can use their facial image to generate a ZelfProof, which can act as a secure authentication token or an encryption key without storing any biometric data. This enables a secure and decentralized way to manage crypto assets, encrypt sensitive data, and verify user identity without the risk of biometric leakage across platforms.
The ZelfEncrypt system aligns with the principles of Privacy by Design, ensuring users' private information remains unlikable and non-biometric across all wallet interactions.
Principles of privacy-preserving face verification
In the previous section, we explored how ZelfProofs are data structures that are privacy-preserving. It is impossible to determine that two ZelfProofs, when compared to each other, were generated from the same person's face or data.
We also highlighted how ZelfProofs have the property of Biometric Verifiability. Given a person's face and a ZelfProof, it is possible to verify that the ZelfProof was indeed generated from that person's face, without storing or transmitting any biometric information.
In this section, we outline the Privacy by Design principles that should be embedded in any robust system, especially in contexts such as crypto wallets where privacy and security are paramount.
Unlinkable
Definition: Given two data structures (e.g., ZelfProofs), it should be impossible to tell whether they were generated from the same data (face + metadata) or from different data.
Application in Crypto Wallets: In the context of crypto wallets, unlinkability ensures that two ZelfProofs generated for different wallets or services cannot be correlated. Even if a user accesses multiple wallets using the same facial image, each generated ZelfProof is unique. This guarantees that user activity across wallets cannot be tracked or linked together, providing enhanced privacy and security for crypto transactions.
Irreversibility
Definition: Given a ZelfProof, it should be impossible to reconstruct or reverse-engineer the original face used to generate it. Traditional face verification systems do not satisfy this property, as they rely on a similarity score between two biometric templates, which exposes them to Hill Climbing Attacks.
Application in Crypto Wallets: For crypto wallets, irreversibility means that even if an attacker gains access to the ZelfProof, they cannot extract the user's facial data. The facial image is never stored, and no similarity score is exposed, preventing the system from being compromised through biometric leakage or reverse engineering. This ensures that wallet access remains secure, and users are protected from identity theft.
Revocability and Renewability in Zelf
Definition: In traditional biometric systems, only a single template or feature vector can be generated from one image. However, with ZelfEncrypt, multiple unique ZelfProofs can be generated from the same facial image. While a person cannot change their face, they can generate new ZelfProofs as needed.
Application in Crypto Wallets: The ability to generate multiple ZelfProofs from the same face provides an additional layer of security for crypto wallets. If a ZelfProof becomes compromised or a user wishes to update their wallet credentials, a new ZelfProof can be generated from the same face without any loss of functionality or privacy. This revocability ensures that users can update their wallet access keys without the risk of being permanently compromised.
Hill climbing attacks protection
Traditional face verification systems expose users to Hill Climbing Attacks where attackers incrementally modify inputs to reverse-engineer the facial image used in verification. The ZelfEncrypt approach, by removing similarity scores and making ZelfProofs irreversible, ensures that users are protected against these attacks. No clues are provided that could allow attackers to recreate the original facial data, thus safeguarding wallet access.
Conclusion
The integration of ZelfEncrypt and ZelfProofs into crypto wallets offers a next-generation privacy-preserving solution. By embracing Unlikability, Irreversibility, Revocability, and Renewability, crypto wallets can provide users with secure, decentralized access without the risks associated with traditional biometric verification systems.
The result is a highly secure, user-centric system where privacy is not just an option, but a core principle. ZelfEncrypt ensures that users can confidently manage their crypto assets, knowing that their personal information remains safe, secure, and private at all times.
Last updated