FIDO-Certified and Decentralized Security
A biometric server should never store user’s biometric templates, passwords or private keys centrally. Unlike legacy biometric authentication that relies on centralized templates and passwords, HYPR decentralizes users’ credentials to provide a true passwordless login experience.
The HYPR biometric server is FIDO-Certified and can be deployed on cloud or on premises. By eliminating centralized passwords, HYPR removes the hackers’ primary target and eliminates credential reuse.
HYPR leverages FIDO-Certified authentication to enable a secure user experience. At the time of registration, the HYPR validation server and your user’s device establish a secure communication channel to verify that they are corresponding only with one another and not to a remote malicious party. The biometric authenticator, e.g. a fingerprint reader, then assures that a user’s initial registration request has arrived from HYPR. The outcome of the registration process is the formation of a symmetric token seed. This seed token validates a specific account’s authentication requests. At inception, following creation of a seed token, future validation requests will occur seamlessly without the need for user verification to happen as a consequence of a return-trip mechanism.