Security & Privacy - VerifEye MFA

How Privacy Works: Technical Deep Dive

Face verification without storing faces. Here's exactly how we do it.

Traditional Face Recognition (What We DON'T Do)

Stores Photos

Company keeps a database of your face photos

Can Be Reconstructed

Photos can be leaked or stolen in a breach

Centralized Risk

One honeypot with millions of faces

VerifEye Architecture (Privacy-First)

Cryptographic Hash Only

We store cryptographic hash of 512-dimensional vector, not a photo

Cannot Be Reversed

Mathematically impossible to reconstruct the original image

On-Device Processing

Can be setup to process photos locally

VerifEye Processing Flow

1

Capture

Camera captures face for 2-3 seconds

2

Extract

AI generates 512-D mathematical vector hash

3

Delete

Photo deleted in <1 second

4

Verify

Hash checked against uniqueness database

What We Store

Only a cryptographic hash of the 512-D face embedding (not the embedding itself, not the photo). This hash is used solely to check uniqueness. It cannot be reversed into a face, cannot be used for surveillance, and is anonymized.

Data Handling & Storage

Complete transparency on what we collect, process, and store

We Collect

Temporary face capture (deleted in <1s)
Device metadata (browser, OS, camera type)
Timestamp of verification

We Store

Cryptographic hash (not reversible to face)
Age range estimate (e.g., 25-34)
Verification result (pass/fail)

We DON'T Store

Photos or images of faces
Video recordings
Names, emails, or photos

Fairness Across All Demographics

Trained on the world's largest, most diverse GDPR-compliant dataset. Validated by Meta for fairness.

Training Data

18M

Webcam Sessions

Real-world, in-the-wild captures with varying lighting, angles, and conditions

6M

Unique Identities

From 93 countries, representing all age groups, genders, and skin tones

100%

Explicit Opt-In Consent

Every data point collected with explicit user permission. GDPR/CCPA compliant.

Independent Validation

Meta Fairness Testing (2024)

Independent validation by Meta's AI team confirmed market-leading fairness across all skin tones, ages, and demographics. VerifEye surpassed all competitors in the RFP evaluation.

Core Tech PwC Audited

Flawless 10-year track record. PwC conducted an audit of data collection, consent mechanisms, and bias testing procedures.

Trusted by Fortune 500

Meta, Google, P&G, and Mars have all scrutinized and approved VerifEye's responsible AI practices.

99.8% accuracy across all demographics, ages, genders, and skin tones.

VerifEye achieves market-leading performance without sacrificing fairness. No demographic group is left behind.

Legal Protection & Compliance

Indemnification Included

VerifEye includes legal indemnification with every license. If a regulatory challenge arises from using VerifEye, we defend it. This signals our confidence in the compliance architecture.

→ Risk transferred from you to us

Regulatory Alignment

GDPR Article 9: Biometric data processing with explicit consent
CCPA: Right to deletion, data minimization, transparency
EU AI Act: Transparency for AI systems, bias testing

Infrastructure & Security Practices

Deployment Options

Cloud API: Hosted by Realeyes, 99.99% SLA
On-Premise SDK: Deploy on your own infrastructure
Edge/Client-Side: Process entirely on user's device

Data Residency

EU data centers available for GDPR compliance
US data centers for domestic-only processing
On-premise option for sovereign requirements

Encryption & Access

TLS 1.3 for data in transit
AES-256 encryption at rest
Role-based access controls (RBAC)
Audit logging for all API calls

Security & Privacy Questions?

Talk to our security team about your specific compliance requirements, data residency needs, or technical implementation.

Contact Security Team Try Privacy-Safe Demo

Privacy-First Security

Certifications & Compliance