Smarter Biometric Access

Smarter Biometric Access

When companies upgrade to multi-factor authentication, there’s a fundamental choice:

Do the biometric scan at the door… or on the card?

The Old Way – At the Door

• Many systems put biometric scanners at every access point.
• That means replacing or upgrading badge readers, rewiring doors, and risking downtime if retrofits go wrong.
• During rollout, employees may even need two badges — one for old doors and one for new.
• It’s expensive, disruptive, and slow.

The Better Way – On the Card

• ChromeID takes a different approach.
• We put biometric verification — fingerprint today, more to come — directly on the card.
• Unless your fingerprint is validated, the card stays inactive. No authentication means no access.

Why This Matters for Compliance
Biometric data is different. Passwords can be reset. Cards can be reissued. Biometric identifiers such as your fingerprint, iris pattern, or facial structure are permanent. If a biometric template is stolen, there is no way to issue a “new” fingerprint or face.

For that reason, the FIPS 140-3 specification and ISO 24745 standard both set strict rules for protecting biometric data.

• They’re clear: biometric data should never be exposed in transmission.
• That’s where ChromeID stands apart.
• Your authorized fingerprint template is stored inside the card’s secure environment.
• When you authenticate, the test fingerprint is taken on the card, compared on the card, and never leaves the card.
• Neither the stored template nor the live sample is ever transmitted.

The Flaw in Other Designs
Cards like Idemia’s recently announced PIV card can require biometric data to move between card and reader.

Depending on the implementation, that could mean:

1. The reader pulling your stored template from a database to compare against a live scan.
2. The card transmitting your stored template to the reader for comparison.
3. The reader sending your live scan to the card for comparison.

In all three cases, biometric data is exposed — something FIPS and ISO specifically aim to prevent.

Why ChromeID Is Different
With ChromeID, biometric data never leaves the card. Authentication happens entirely inside a hardened secure environment, isolated from the reader, the network, and the server.

Conclusion
On-card biometrics mean faster deployment, lower cost, stronger security, and full compliance with the highest biometric protection standards.

It’s not just a smarter card — it’s a smarter identity platform.