The present invention generally relates to identity verification using biometrics data and, more particularly, to identity verification using biometrics data and non-invertible functions via a blockchain.
Identity verification (e.g., for the purposes of granting an individual with access to assets), is often achieved using biometrics data (e.g., computer scans of the individual's biometrics, such as retina scans, finger print scans, voice scans, etc.). Biometrics data may be compared with pre-registered biometrics data for the individual, and access may be granted when scanned biometrics data matches the pre-registered biometrics data.
Storing of pre-registered biometrics data can be problematic, in that if an authentication server storing the pre-registered biometrics data is accessed by a malicious party, the malicious party may be able to use the pre-registered biometrics data to access assets for which they are not authorized. As such, substantial financial loss, identity theft, and/or other losses may occur from insecure identity verification techniques that rely on biometrics data.
The frequency and cost of security breaches continues to increase as sites that contain sensitive, personally identifiable, and payment information increase in volume and traffic. Additional layers in client-side authentication may be implemented, yet these additional layers have are often insufficient in preventing costly security attacks. Multi-layer client authentication can be burdensome to users, who are would need remember more and more credentials, and would need to change these credentials periodically (e.g., every few months). Additionally, multi-layer client authentication still fails to limit tactics used by attackers (e.g., from identifying client-side vulnerabilities, to the spread of crimeware and other types of attacks/breaches).