Verify anyone, anywhere, instantly
BYOB provides deepfake-resistant biometric authentication by replacing perception-based verification with cryptographic proof. An authenticated biometric bound to a cryptographic credential is the strongest digital identity assurance available today. It can be verified instantly — in person or remotely — by any relying party, anywhere. Simplifies biometric infrastructure, solves data protection compliance, and provides each person with a way to cryptographically prove they're not a deepfake.
Centralized biometric databases x synthetic identity fraud x deepfakes are inherent vulnerablilities and existential risks
Real-time deepfake avatars now pass perception-based liveness detection. AI-generated faces and voices are indistinguishable from real ones. Every system that relies on “does this look/sound right?” is structurally vulnerable.
You can reset a password. You can reissue a card. You cannot reissue someone’s face, fingerprints, or iris. A centralized biometric database is a single point of catastrophic failure.
Authentication systems are in a losing arms race as generative AI makes both biometrics and documents easier to fake and forge. BYOB avoids the problem by creating portable cryptographic proofs that AI can't fake.
The biometric never leaves the device
A validated government document containing a biometric is liveness-checked and face-matched and, if validated, bound together in a cryptographically-signed credential stored on the holder’s phone. Verification is cryptographic, instant, and doesn't require calling the issuer or storing biometrics in a centralized database. The cryptographic proof is self-contained in the credential.
The holder scans their government ID. A liveness video maps their face to the biometric on or in the document (e.g., a passport chip contains an embedded biometric). Both are authenticated along with the authenticity of the document and then bound into a single cryptographic credential.
The credential — containing the authenticated biometric — is issued to the holder’s digital wallet. The biometric data stays on their device. No copy is stored by the issuer of the credential or any third party. The biometric is fully portable, bound to its rightful owner.
At a border, bank, or call center, the holder presents the credential. The issuer is cryptographically verified. The data is cryptographically verified. If needed, the verifier can performs a real-time liveness match against the authenticated biometric in the credential.
The holder presents their credential. A camera captures a live image. The verifier’s software compares the live capture to the authenticated biometric sealed in the credential without extracting or storing the biometric data.
The customer presents their voice credential. They speak. The verifier’s software checks the credential’s cryptographic signature, then compares the live voice to the authenticated biometric, replacing knowledge-based authentication entirely.
Liveness-checked facial biometric bound to government document. In-person or remote verification.
Authenticated fingerprint sealed in a credential. On-device matching without centralized template storage.
High-assurance iris biometric for environments requiring the strongest identity confidence.
Authenticated voiceprint for remote and call center authentication. Replaces knowledge-based auth entirely.
Where authenticated biometrics are working today
Authenticated biometric credentials originated in Indicio’s Digital Travel Credential work and have expanded across borders, banking, and contactless identity corridors.
Travelers derive a DTC-1 type credential from their passport, including a liveness-checked biometric. By sharing their credential in advance, Aruba populates a biometric gallery with authenticated passport images. On arrival, travelers look into a camera and cross the border in seconds, with the system validating the live face against the pre-shared authenticated biometric. The gallery is retained only as long as the country’s law requires for visitors.
A full contactless corridor deployment for national border management and the world’s first production implementation of both DTC-1 and DTC-2 type credentials with authenticated biometrics. Travelers are verified biometrically without stopping, queuing, or presenting physical documents. Deployed and in pre-launch phase.
A financial institution uses Indicio Proven for remote customer enrollment with authenticated biometrics, issuing a credential the customer uses for ongoing account access. The biometric is bound to the credential on the customer’s device, and the institution verifies the customer biometrically without storing biometric data. Replaces passwords and knowledge-based authentication.
IDEMIA’s world-leading biometric identity proofing combined with Indicio’s Verifiable Credential Platform. The customer completes IDEMIA’s root-of-trust verification — liveness detection, document authentication, biometric binding — and receives a portable credential. See the end-to-end flow: onboarding, credential issuance, and biometric-authenticated account access.
Watch the demo →The strongest identity assurance with the lightest compliance footprint.
BYOB eliminates the compliance obligations that come with centralized biometric storage. If you never receive, transmit, or store biometric data, GDPR Article 9 special category processing obligations don’t apply to you. BIPA litigation risk doesn’t apply to you. The regulatory exposure associated with biometric data at rest disappears. This is because BYOB brings its own proof of deepfake-resistant biometric authentication.
Biometric data is a “special category” under GDPR. Processing it requires explicit consent plus a lawful basis. BYOB avoids processing entirely — the relying party never touches the raw biometric.
Illinois’s Biometric Information Privacy Act creates per-violation liability for collecting or storing biometrics without informed consent. No storage means no BIPA exposure.
Japan’s Act on Protection of Personal Information treats biometrics as “personal information requiring special care.” BYOB eliminates the institutional obligation to protect biometric data at rest.
Every major privacy framework requires collecting only what’s necessary. BYOB is the purest expression of data minimization — the verifier gets a yes/no match result, not the biometric itself.
The 2024 Prism Project Report described Indicio’s implementation of biometrics in Verifiable Credentials as “masterful” — highlighting the architecture’s ability to deliver biometric authentication without centralized biometric storage.
IDEMIA’s world-leading biometric identity proofing combined with Indicio’s Verifiable Credential platform, Indicio Proven. A biometric validation engine behind BYOB for financial services.
Bring your use case — retail banking, payments, digital assets, cross-border — and we’ll map it to the platform. We’ll walk through partner integrations, the credential lifecycle, and what deployment looks like.
Start using the most powerful digital identity in the market.
Use our biometric providers or bring your own. We’ll show you how BYOB can be quickly integrated with your existing systems for a transformational compliance and security upgrade. Don't wait for a deepfake disaster.
Book a session →