Because your iPhone and/or iPad have a built in high quality camera, there is no additional hardware required to utilise iProov Facial Recognition technology. Face Recognition is a very user friendly form of biometric authentication and offers exceptionally high security identification results for this type of data vault application.
iProov is a new and highly secure way to ensure that only you can access your account and your data. You don’t need to type in or remember anything – iProov simply scans your face while you look at the screen. Photos or videos of you don’t work and iProov is so secure that there is no need for you to wade through additional checks. The only ID you ever need to remember is your face.
There are 3 main ways we keep you secure:-
- iProov uses One Time Biometrics to stop attackers re-using your details. This patented Flashmark technology flashes a different encrypted colour sequence on your face every time you iProov. This way even if a hacker eavesdrops on your access to FaceCrypt they can’t re-use your details to get in.
- iProov use its advanced computer vision technology to analyse the patterns of the different lights reflecting off your face to confirm that you’re real and not a photo or video.
- iProov use its advanced computer learning technology across the process to continuously improve and adapt to new types of attack including our award winning face matcher to ensure it’s you logging in.
iProov is specifically designed to stop those types of attack but feel free to try!
The best starting point for an enrolment is normal day light conditions, but the light from the screen will normally illuminate your face enough to recognize you even in almost total darkness. Also, the more you iProov the more we learn about your face in different conditions.
There is no need to remember a password but there are things that will help keep your iProov access to FaceCrypt secure, quick and easy. See the FaceCrypt iProov guide for the main points in summary with some background here.
To deliver world-class security iProov is looking for the lights we generate on the screen during the scan to be accurately reflected off your face; so a bit like a good photographer we are trying to get the best quality images and avoid blurring, backlighting and overexposure!
This means the best starting point is normally indoors with no direct sunlight on your face or the screen and no very strong light source directly behind or in front of you. Look at the screen and keep movement to a minimum (including not talking during the flashing!). We even have a light meter that will indicate if lighting levels are too high and help guide you to better ones – especially helpful if you’re outdoors and need to iProov.
The reason for this is to protect you from attackers; because we analyse the light reflecting from your face, if it is too bright, those details can get lost. That makes it difficult to protect you from criminals trying to access your data. Your security is top priority; so if there is any doubt due to the lighting, your data is protected.
You can normally rely on iProov to recognise you, but sometimes you may need to repeat the process, for example if you moved or the light around you changed suddenly. If after a few attempts it still won’t work, or it’s too bright to start, then you can answer the secret Q and A’s as a backup option to access your data.
iProov is compliant with international standards on photosensitive epilepsy.
Try again in a different position whilst referring to the FaceCrypt guide to iProov
You can only secure the FaceCrypt application. This way your data is held securely and encrypted through one portal.
Like a safety deposit box – you normally only keep this in one bank for simplicity and conformity and it is much simpler to remember where everything is in one place.
Mobile devices in themselves are not that secure. Even with fingerprint or passwords to access the device, they can still be compromised and data accessed.
There are many reports on the Internet about data being able to be accessed if the device is lost, stolen or even sold on, even after the device has been wiped.
The only way to secure data completely is to protect access to it and encrypt all data within that protected area.
Voice recognition is not suitable for this type of application because ambient (surrounding) noise can interfere and give false rejection. As a user experience it is not as friendly as taking a picture that can be done in complete silence. All biometrics have particular areas in which they are more suited and one of the main applications for voice recognition is where you need to verify a person at a remote location such as a call centre.
iProov take the security of your images and account very seriously. The unique iProov Flashmark technology means images are not re-usable to compromise your FaceCrypt so this protects your FaceCrypt data. The iProov image data is stored in secure servers in the UK and Europe. They are designed and built to the highest standards (including ISO 27001) by experienced security and infrastructure professionals and the unique architecture minimises the chance of any element of any data being compromised.
You can use iProov with and without your glasses on, although we recommend enrolling with your usual preferred option.
At first it is better to verify with or without glasses in the same way as you enrolled, but iProov continues to learn about your face every time you scan your face. This means that as iProov gets to know you, it quickly becomes less sensitive to glasses.
iProov recognises you despite changes in facial hair or abrupt changes to facial features.
Non-identical twins cannot access each other’s accounts. Your identical twin will probably be recognised as you. If you do not trust them, use an additional pattern and/or password lock available on enrolment.
False Reject Rate – the amount of times any biometric (system) will not verify or identify you – even though it is you. This is generally because the sampling (number of points or identification parts) cannot be matched or there are not enough to be able to match against the enrolled data.
False Accept Rate – the amount of times any biometric (system) will verify or identify another person as you.
This is comparing a person against an individual record. That record would typically be recalled by an identifier like a PIN, car code, chip, record number and once that record is displayed then a comparison is made on a one to one basis. FaceCryptuses this method where the record is the owner of the phone so no record actually has to be recalled.
This is an identification process where a biometric searches and compares a database for a single match or close matches dependent on the type of biometric used. Typically, for example, fingerprint, iris or infra red vein produces 1 in millions positive identification so can in many cases be used extremely accurately as a sole identifier (extremely low FAR). Face Recognition can have a high FAR and is more useful for recalling close matches, such as identification of individuals in a crowd, where a person can compare the matches visually on a screen and make human identification decisions. FaceCrypt uses 1:1 and not 1:N.
Verification uses 1:1 and identification uses 1:N methods.
FaceCrypt is an extremely secure method of accessing your private data vault. When using access methods like pattern match and / or passwords they have no variables and can only be right or wrong. Because Face Recognition works on a set number of conditions, such as lighting, the variances can sometimes make it more difficult to access the application – or give a FRR. If this happens just follow our guide to get better lighting and FaceCrypt will eventually allow you in or, if your device supports it, you can use Touch ID. FaceCrypt errs on the side of failure as it is a security system to offer better protection.
iProov provides such high security that you do not need any other locks to FaceCrypt vault. However, they are available should you so wish.
You can use Touch ID if you select this option on enrolment.
You may find this quicker to access the vault as there are fewer security checks that happen. You sacrifice security by using Touch ID and if anyone ever breaks in, it will be much more difficult to trace, heal and resolve the attack.
Like locks on your front door, FaceCrypt allows you to choose the access methods you want to use. iProov provides the most secure lock in only a few seconds. A pattern lock will be even quicker but is much easier to break into.
FaceCrypt includes backup options. Backups can be held on your device or devices. A 3rd party backup service is available too and the advantage is that if your device or devices are lost or stolen, you will always be able to retrieve your information.
This will also delete your data in which case you will need to restore from a backup.
All backed up files remain encrypted.
They will be locked in the vault and accessed by the access methods selected on that device.
There are two methods for failsafe. One is PPVR explained in other sections of FAQ and the other is backing up your vault regularly.
Everything that is held within the FaceCrypt vault is encrypted and secured.
You can store all this types of data in the FaceCrypt vault. You can save directly or import files in and / or export out of the FaceCrypt vault. Individual files may have further protection on them.
Yes – this is a feature within FaceCrypt in that you can work with secure files once inside the vault.
Yes – it conforms to AES: Federal Information Processing Standard FIPS PUB 197 (Advanced Encryption Standard)
Not really. Just Google search security flaws on these devices and you will be treated to a host of articles of security breaches, hacks and stolen identities. One example less widely known is that even after deleting or even viewing data on your device, that information can remain on SSD (Solid State Device – or referred to just as memory). Even the latest fingerprint recognition on the iPhone 7 can be been fooled and bypassed. With discussions how biometric systems can be bypassed, FaceCrypt offers user additional enhanced security methods to the vault to add the even more access control.
No. The secret answers are not stored. They are created by a unique method each and every time you enter the answers and this means that only a person who knows the exact answers and way they are spelt to your questions could attempt access.
As with the secret answers no pattern or password access data is stored. FaceCrypt uses a special secure hash technique which means that these access strings are created only on correct input. So for example, entering a correct access password will send it to an algorithm which creates a match to the vault access code. This process means that no one can hack and retrieve any access codes.
Pattern Password Vault Recovery. So if you using a Pattern or Password in addition to iProov and you forget either of them, PPVR is a secondary measure to enable access to the vault providing you accurately answer your questions.
The problem remains with flash memory where data remains after even just viewing and closing the app. Viewing other information will just place data in another part of flash memory until such time it needs to overwrite an area that is used by other ‘old’ data. Wiping the device does not necessarily ‘clean’ every part of the flash memory and so can be accessed to find your data randomly stored throughout the memory. FaceCrypt addresses this issue by scrambling the information with meaningless data after viewing or deleting so that any residue data that is held in memory is undecipherable.
The design of the FaceCrypt vault is to emulate a regular safety deposit box to emphasize how important it is to keep your valuables as safe as possible. As each data box can be made to keep different types of information separate and organised it makes it easier for a user to file and manage their data.
No other app offers such flexible and feature-rich functions in one self-contained application. This is because the FaceCrypt management and development team has experience in creating high level biometric security systems and understands the limitations that other apps are restricted to versus the needs of the modern user.
FaceCrypt is ultimately a tool, which you use to control how you work with your own private information. We give you usage of your own vault with all the included security measures that you set up and govern with some safety backup options. Therefore you must maintain and manage this so your own data is your responsibility.
No. FaceCrypt is an extremely high security system designed to keep everyone out but you. If we offered a backdoor, this could well compromise the security, trust and high morals that we stand by – and even if we could, we would be unable to decrypt your information. We do not have and will never have a backdoor or secret entrance to anyone’s FaceCrypt vault.
Even though data is encrypted and would be unusable to anyone who could access your vault data it is good security practice to wipe the vault first as confirmation that the vault and data is actually wiped.
Taking backups is standard practice with any saved data. There are three ways data can be lost and when the whole vault might need to be restored: –
- Hardware – phones and tablets can be lost, stolen or damaged;
- Software – data can be affected by other factors such as new releases of operating systems or updates;
- Users – can delete or edit data in error.
Taking backups is the same as having insurance. It’s wonderful when you need it as it provides security, peace of mind and is a replacement service. If you lose your valuable data and you have no backups, it would be the last time you forget to take them in the future- it is a very painful and time consuming experience to find all the source information, re-enter and re-create your vault.
Really easy. Just access the Menu > Restore option and select the backed-up method and file.
The backed-up vault is saved as a encrypted data file and is virtually unbreakable. Even if the backup file is accessed by someone else they would be unable to break into it. The backed-up vault also contains the enrolment methods for the vault at the time the backup was taken. In effect this means that if the enrolled access method is changed during the period afterwards, the restored vault reverts back to the previous enrolment method. This is a safety measure that provides you with additional security control over your own vault.
No. Strict security controls mean that data is held securely and privately to your data vault only. Not only that but it is also stored in unbreakable encrypted format together with the enrolled access methods.