Internet isn’t a free creativity data farm…
Fingerprint-capable devices, at registration, store a mathematical representation of your physical fingerprint(s)-most devices can store more than just one. One of these is then used by various apps, of which the most eloquent, frequently-used examples are mobile banking apps. The actual pattern of the lines and ridges that form a human fingerprint is not scanned or stored by any device. Devices incapable of fingerprint scan will use the same concept behind a security pin/passphrase.
Sources:
Apps are notified only whether your fingerprint was verified. Your fingerprint data is stored securely and never leaves your device. Your fingerprint data isn’t shared with Google or any apps on your device.
Google passkeys
Google biometric data
A fingerprint used on a device isn’t stored as the actual fingerprint image. Instead, the fingerprint data is filtered and saved as a mathematical representation or encrypted biometric key. The browser only retains the binary code, which is used for verification. This algorithm cannot be reverse engineered to recapture the image of the fingerprint and thus cannot be duplicated. Fingerprint data is stored on the device itself.
Okta biometric data
OUR PROCESS
We’ve elevated this device built-in technology into a multi-layered security product packaged in the form of a captcha sitting at the front of your website. Although the complexity of the product warrants its own server, the process still takes just as long as opening a banking app and assuredly more secure.
Speed:We timed our fully automated workflow on caFtcha at 30 seconds: from the moment of pressing ‘enter’ on your website’s main page through to showing a notification to perform fingerprint authentication, the actual finger tap and redirect back to your main page. The product is not hosted, it lives alone on a dedicated cloud server and the code execution time is under 300ms.
This product lives on our server, a server that we will hire to you at a fixed cost of 100$ per year+3 months free. Along with the server, we will grant you free copyright to use our product name as apex domain and, depending on the version chosen, will look like:
" yourdomain.caftcha.com" , " yourdomain.fingercaptcha.com" or "yourdomain.dactylocaptcha.com"
Therefore, the captcha on OUR subdomain will filter all traffic requests before they reach your server, acting as a multi-factor authenticator, gateway and load-balancer.
SEE IT IN ACTION: https://xpat.to
The product is designed to forward all authorized visitors and traffic to your website whilst at the same time any unauthorized visitors and traffic will be automatically redirected to perform our captcha. This allows reinforcing with security access lists between our server’s IP and yours.
None of the pages of your website will be reachable if the finger/dactylo /caftcha has not been performed = DATA INTEGRITY
A time limit of 60 seconds per webpage exists for the captcha’s validity and even authorized visitors will be asked to re-authenticate using their fingerprint. A browser restriction is applied, so if during an authorized visit, another page is accessed with a different browser, visitors will be asked to re-authenticate using their fingerprint/pin/passphrase.
Special allowances for SEO purposes are made for bingbot and googlebot, to allow website indexing for search optimization. Unfortunately, they’re the only bots that we allow through our server to yours and that through a complex domain mapping proprietary code.