Apple Inc.
Establishing and verifying identity using biometrics while protecting user privacy

Abstract:

A user device can verify a user's identity to a server while protecting user privacy by not sharing any personal data with any other device. To ensure user privacy and to allow multiple independent enrollments, the user device performs an enrollment process in which the user device locally collects and uses biometric data together with a random salt to generate a set of public/private key pairs from which biometric information cannot be extracted. The public keys and the salt, but not the biometric data, are sent to a server to store. To verify user identity, a user device can repeat the collection of biometric data from the user and the generation of public/private key pairs using the salt obtained from the server. If the device can prove to the server its possession of at least a minimum number of correct private keys, the user's identity can be verified.