How ZeroFace and ZeroVault Power Biometric Cryptography
There are enormous consequences when traditional cryptographic keys are lost, stolen or misused. Dedicated secure storage is often used to help safeguard traditional keys. And companies will divulge customer keys when presented with a government subpoena
Instead, ZeroVault uses ZeroFace's SHA-256 generated ZeroHash as the "seed" for cryptographic keys. These biometrically-derived keys, known as ZeroKeys, exist only during a ZeroFace user session. Because ZeroKeys are never stored at the end of the session, they are ephemeral by design
Crucially, no modifications to standard cryptographic libraries are required to create ZeroKeys! As one example, ZeroVault uses OpenSSL to create the ZeroKeys used in an AES-256 and file encryption API that ships with our products. And ZeroVault makes it easy to integrate other cryptographic libraries.
The unique privacy protections from the ephemeral nature of ZeroKeys are significant. When the user isn’t logged in, their ZeroKeys don’t exist anywhere, and their data cannot be decrypted
Companies benefit too. They don't have the expense of separating key storage from data storage. And in the event of a data breach, there are no keys for the attacker to steal