We can't leak what we don't have
FaceIn uses a zero-knowledge architecture where your biometric data never leaves your device. Our servers verify proofs, not faces. Even if we were breached, there's nothing to steal.
Zero-knowledge by design
Your face is processed on your device. Only a mathematical proof — never your biometric data — is sent to our servers.
Your Device
Camera captures face → On-device AI generates biometric template → Template stored in Secure Enclave / StrongBox
✓ Raw biometric data NEVER leaves this boundary
FaceIn Servers
Receives mathematical proof → Verifies proof validity → Issues authentication token → Never processes biometric data
✓ Servers see PROOF, not FACE — mathematically impossible to reconstruct
Your Application
Receives auth token → Verifies with FaceIn API → User is authenticated → No password involved at any step
Device Layer
- Face detection & liveness check
- Biometric template generation
- Secure Enclave / StrongBox storage
- On-device matching engine
Communication Layer
- TLS 1.3 with certificate pinning
- Zero-knowledge proof generation
- End-to-end encrypted channels
- Challenge-response authentication
Server Layer
- Proof verification only (no biometric data)
- User identity tokens (opaque IDs)
- Session management & rate limiting
- Audit logging & anomaly detection
Encryption standards
Industry-standard cryptographic primitives. No proprietary algorithms. No security through obscurity.
AES-256-GCMSymmetric encryption for data at rest. NIST-approved, used by the US government for classified data.
Used for: Encrypts vault entries, user preferences, and local biometric templates on device.
ECDSA P-256Elliptic curve digital signatures for authentication proofs. Same algorithm securing TLS certificates worldwide.
Used for: Signs zero-knowledge proofs and device attestation challenges.
ECDH (X25519)Elliptic curve Diffie-Hellman for secure key exchange. Generates ephemeral session keys.
Used for: Establishes encrypted channels between device and server.
HKDF-SHA256HMAC-based key derivation function. Derives unique encryption keys from shared secrets.
Used for: Generates per-session encryption keys from device-server handshake.
Argon2idMemory-hard key derivation function. Resistant to GPU and ASIC brute-force attacks.
Used for: Derives encryption keys from optional backup passwords.
Built for the strictest regulations
BIPA
Illinois Biometric Information Privacy Act
FaceIn never collects, captures, stores, or transmits biometric identifiers to our servers. All biometric processing occurs exclusively on-device, meeting BIPA's strictest requirements by architectural design.
GDPR
General Data Protection Regulation (EU)
Built with data minimization, purpose limitation, and privacy-by-design principles. Users have full control: access, portability, deletion, and the right to be forgotten — all self-service.
CCPA
California Consumer Privacy Act
FaceIn provides all CCPA-mandated disclosures, opt-out mechanisms, and data deletion capabilities. We do not sell personal information.
SOC 2 Type II
Service Organization Control 2
We're currently undergoing SOC 2 Type II certification for Security, Availability, and Confidentiality trust service criteria. Expected completion Q3 2026.
Bug Bounty Program
We believe in transparency and community-driven security. Our bug bounty program will reward security researchers for responsibly disclosing vulnerabilities. Details coming Q3 2026.
In the meantime, report security concerns to security@facein.id
Security questions?
We're happy to walk through our architecture, share our security whitepaper, or answer any questions your security team has.