Document security solution
BioSeal is a global and interoperable solution to certify and authenticate all types of products and documents, making them tamper-proof. Thanks to instant and local verification, it helps to fight against fraudulent falsification of all types of documents and to verify the identity of people thanks to privacy-friendly biometric recognition technology.
Check a BioSeal in a few steps
BioSeal is an innovative, robust and economical solution for verifying the authenticity of your documents and products. By integrating biometric identity information such as fingerprints and facial data, BioSeal enables multi-factor authentication.
Secure your documents and products
More than ever, fake documents and counterfeits are appearing and spreading to the products we all use in our daily lives. What confidence do we give to these documents and products? To protect yourself from forged documents and counterfeits, BioSeal brings an innovative, robust and economical solution to make sure that your products and documents are true and authentic.
New Visible Digital Seal standard
BioSeal is the new generation of interoperable and standard-compliant ESEDS (electronically signed encoded data set). Often presented as a visible digital seal (VDS) applied to a document or object, it is used to detect tampering and to confirm the authenticity and legitimacy of the issuer through asymmetrical cryptography. In strict compliance with international standards related to security and resilience and a few exclusive extensions such as biometric recognition, the solution paves the way for an infinite number of use cases.
Optional
Verify the identity of the owner
By integrating biometric identity information such as fingerprint and facial data or other password-based encrypted unique identifiers, BioSeal provides the capability to implement multi-factor authentication for networks, applications, and buildings.
It acts as a digital credential that the legitimate holder can carry on phone or printed format and present to an officer or an automated access control system to prove his/her identity.
Our technology is fully developed in-house and optimized to be stored in a standard QR code or similar 2D barcode while providing you with the highest level of assurance.
BioSeal is labelled France Cybersecurity
A Flexible and Versatile Solution
BioSeal is an extremely flexible, versatile and customizable solution. Everything from the data structure to the physical representation of the code can be personalized according to your needs. Our experts will help you translate your specific use case into a machine-readable format (a.k.a. an XML descriptor) so the issuers and our universal reader can process the information seamlessly, while complying with the policies set in the use case, even when these policies get updated.
Data Structure
The key data fields with associated field constraints are defined per use case in a digitally signed manifest file. Choose to encrypt partial or full data with your preferred encryption algorithm.
Validation Policies
Specify your own validation policies (ex: validity period, biometric verification parameters, etc.) Additional verification policies may also be included to satisfy the business rules.
Presentation View
BioSeal allows you to design a presentation layer for your specific use case. Based on HTML, CSS and Javascript, it provides a consistent visual representation across devices with multi-language support.
Barcode or RFID
A BioSeal can be embedded in most 2D barcode technologies, from Datamatrix to QR code and even proprietary 2D barcodes. It can also be stored in RFID tags that have persistent storage.
The first solution certified by
Otentik Trust Network
To ensure the reliability of the service, verification of the different elements of the BioSeal and the chain of trust is essential. The solution relies on open standards and fits into the Otentik Trust Network whose governance is centered around a trust framework and a root trust list which guarantee both authenticity and legitimacy of the information.
With BioSeal, no fraud is possible. Every building block on the solution is electronically signed, and the chain of trust is verified up to a root of trust defined in a Trust Service List (TSL), managed and signed by the Otentik network: data set, descriptors, signing certificates, certificate revocation status, TSL, etc. In addition to the chain of trust, each BioSeal gets validated against the policies defined in the use case. These could include restrictions on the BioSeal validity period, authorized symbologies, requirements for external certified timestamps, accepted cryptographic key length, and many others.
Privacy-By-Design
BioSeal is designed from the ground up with security and data protection in mind. The solution is 100% GDPR compliant (European General Data Protection Rules). All the key data, included the biometric data, are stored in the personal code with full or partial encryption. The biometric data are also protected by innovative diversification mechanisms for better privacy. The biometric authentication is performed locally, on the Trusted End-Point (TEP).
How to generate your own BioSeal ?
Step 1
Create your use case
BioSeal content is conditioned by a use case. Each use case determines the key data fields to be included in the schema and the field constraints. If required, the use case may also include additional verification policies and features defined in TSO extensions. Use cases are then translated into a machine-readable format (secure XML-format manifest file). Our experts will help you to translate your specific use case.
Step 2
Validation and deployment
Otentik validates the use case descriptor, signs it with an eIDAS certificate and deploys it on the network. To generate a valid BioSeal it is necessary to request a signing certificate from an Otentik trusted certificate authority. All use cases declared on the Otentik Trust Network are retrievable via our BioSeal web service.
Step 3
Data capture
Ask users to fill out a form designed for the use case. In order to verify the identity of the user, you may be required to upload an ID document and pass a liveness detection test.
Step 4
Generate a BioSeal code
BioSeal codes are generated online using our web API with the previously captured data. The generated BioSeal code can either be saved locally, sent by email or embedded in another document of your choice. This document can be sent or/and physically printed for additional authentication.
Step 5
BioSeal code verification
Our BioSeal reader verifies whether the information contained in the BioSeal complies with the specifications defined by the use case. It also verifies the validity of the signature to confirm the integrity of this data. If all checks pass, it presents the information to the user in a presentation view appropriate for the user’s language and the guidelines established by the use case.
Universal Reader
We have developed a mobile application to read a BioSeal or any VDS and verify the legitimacy of the certificate regardless of the code format (QR code, Datamatrix…) or the use case concerned.