HYPR Biometric Tokenization for Payments

October 6, 2015         By: George Avetisov

George Avetisov, CEO and Co-Founder, HYPR Corp:

Our CTO Bojan Simic often comments that humans as a species have been improving physical security for thousands of years, but we have only been developing online security for just a few decades. The team at HYPR likes to think we’ve innovated to a point where our New York-based company can look forward at the state of online security with a sense of optimism.

HYPR leverages Trusted Platform Modules (TPM) on mobile devices with embedded biometric sensors to deliver secure and encrypted password-less login to online applications. We provide an end-to-end biometric encryption platform enabling server-side validation via cloud or on-premise deployment, as well as device-agnostic client-side software that allows for an unmatched level of interoperability. HYPR was designed to integrate into existing security infrastructures to eliminate costly, time-consuming overhaul of present architecture. Simply put, biometric tokenization puts military grade security into the hands of any consumer with a biometric mobile device.

Most inbound interest for our biometric tokenization platform has come from financial services, healthcare, and government agencies. Yet, the demand from banking sector eclipses its counterparts as the promise of safeguarding desktop and mobile payment applications is driving the unrivaled urgency. Some of our largest banking customers tell us the HYPR Token is particularly appealing while others come to source our mobile SDK in efforts to meet standards-based specifications like those of the FIDO Alliance™. Even digital currency platforms in the Bitcoin space have sourced HYPR for embedded biometric cryptography citing regulatory requirements around how digital assets are secured.

Security pros in financial services fear catastrophic data breaches and related cost and reputation hit. In the same token (pun intended) they’re leery of being custodians of biometric data whose loss would have tremendous negative impact. With HYPR a person’s biometric signature remains on-device, which provides security chiefs an easy way out by reducing risk, cost, and the paranoia that comes with a central repository for user credentials. We look to the firmware layer to decentralize the storage of biometric signatures, and our banking sector customers agree that the cloud is no place for an authentication solution.


In a BYOD world – or better yet – a Bring Your Own Biometrics (BYOB) scenario, the user arrives at any HYPR-Secure terminal such as a laptop lacking an embedded biometric sensor. The laptop running a HYPR-Secure client application senses a registered authenticator device is near, and prompts the user to identify them biometrically. The fingerprint or facial recognition scan immediately validates the user to the cloud and the terminal is logged in – completely passwordless. What’s happening under the hood? The HYPR client device, for example a late-model iPhone or Samsung Galaxy S6, signs a cryptographic challenge. HYPR combines leading edge devices with bleeding edge biometric cryptography protocols to enable end-to-end authentication.

This type of biometric tokenization is vastly different from Apple’s Touch ID: When Touch ID is being used to authenticate to an application be it on the mobile device or a desktop application through a mobile app, in most cases the user is simply unlocking his or her device. The authentication process lacks server-side validation, making the standard means of biometric sensor lock less secure than a password. Think about that – is your password currently validated on a device? No – that takes place on the server. On device biometrics such as Touch ID are inherently convenience features – and we’ve taken the steps to marry security with that convenience, through the HYPR protocol.

A key company differentiator is our sector-agnostic approach at looking beyond the mobile space. Biometric mobile devices are still new, and some entities have yet to trust the technology for mission critical systems. For environments where BYOD is prohibited – such as government agencies, law enforcement, and financial institutions – we provide the proprietary biometric authenticator. The HYPR Token is a biometric OTP generator housed in a tamper proof TPM, with an embedded 3D fingerprint sensor. It communicates over Bluetooth Low Energy (BLE) or Near field communication (NFC) depending on a customer’s need, and is designed to be FIPS 140-2 Level 3 compliant for mission critical applications and heavily regulated settings where Bring Your Own Device (BYOD) or Corporate Owned, Personally Enabled (COPE) are unsupported.

In settings where our biometric token is deployed, the user arrives at any HYPR-Secure terminal such as a laptop lacking an embedded biometric reader. The laptop is running a HYPR-Secure client application that senses our token and, as in the prior BYOB example, the user is biometrically authenticated without entering a password. The HYPR Token enables entities that require specialized tamper proof devices a means for easy biometric authentication, and a way to meet regulatory standards.

While desktop and mobile devices with compliant biometric sensors are becoming widely available, relying parties still require a client- and server-side solution to securely validate biometric signatures. HYPR technology encrypts the biometric data on device and enables relying parties to validate a user’s identity without interfacing with a sensor directly. This eliminates both the user’s and the relying party’s exposure to a compromised mobile device. Recent attacks on the fingerprint readers presented at DEFCON serve as a prime example of the need for biometric cryptography. A HYPR-Secure application is defended against this attack, and still allows you to use the biometric sensor and application of your choice.

Mobile Apps

When authenticating to a HYPR-Secure mobile banking application, the mathematical representation of that fingerprint template remains on the user’s device. Upon logging in, the bank’s server issues a cryptographic challenge token that must be signed by the user’s biometric signature. The first layer of authentication takes place on the user’s device, whereas signature validation takes place on the bank’s server side.

The passwordless experience is so fast simple that banks are able to mandate authentication for transactions not usually secured by username and password, such as check deposits or something as trivial as changing the date of birth on a user’s account.

How do we keep these biometric credentials safe? The HYPR client software is running in the banking app at all times. Its role is to keep biometric data secure and unexposed in transit (web transmission) while being completely transparent to the end user. The HYPR framework is an advanced cryptography engine that facilitates a specific need for the banking application: to encrypt the user’s biometric data and keep it safely isolated from the operating system. HYPR links the banking application directly with the mobile device microprocessor, and isolates the user’s fingerprint or facial recognition data from the OS. This makes it exponentially more difficult for hackers to steal biometric data. Remember, a password server is a prime hacking target, which is why, in turn, HYPR decentralizes and disrupts this poor form of biometric password deployment.

Biometrics: Now and then

Historically, biometrics technologies relied on the elusive hope of cancelable biometrics. Literal or mathematical representations of biometric templates were generally centralized and stored in a database in a manner similar to conventional identity management schemes. These validation systems generally employ a one-to-many matching system, meaning a user’s fingerprint is checked against many other templates and if a match is found, the user is authenticated.

These systems are no more secure than passwords. They are far more risky, expensive, and inconvenient. Their lack of interoperability also has prevented legacy biometric technologies from becoming widely adopted. The one-to-many matching protocol is the root of the problem as it relies on storing all fingerprint templates in a central repository. If the database server was to be compromised, the impact is equivalent to any major password breach though it is far more calamitous.

Biometrics has always seemed fashionable and flashy, reminiscent of a James Bond film or the latest Mission Impossible blockbuster. But, their practical uses from a security standpoint were generally no better than a strong password. Today’s biometrics are markedly different, and increasingly appealing to financial services and the like.

The most revolutionary impact of HYPR might be how, aided by other technologies, it helps enterprises and ourselves return to managing PII in a one-to-one way that hearkens back to the pre-Internet era. Think about your wallet and how you jealously guard it, yet you freely present credentials when needed. We’ve been doing physical security for thousands of years. It’s time we take a cue from our own lives about not warehousing precious resources in a place that makes a prime target for fraudsters. It’s also past time that we eliminate passwords that stifle efficiency in enterprises that are increasingly Internet-dependent.

[George Avetisov is CEO and co-founder of HYPR Corp., a biometric security platform provider. A chance encounter with a computer virus that turned his PC into a bitcoin-mining zombie inspired him to pursue technological advances in cybersecurity. George Avetisov can be reached at george@hypr.com.]