EyeLock patent envisions privacy protection at network level
17 August 2018 14:49 GMT

Iris security firm EyeLock has reported that the United States Patent and Trademark Office has issued U.S. patent No. 100,009,178 B2, to the company, adding to the company's IP portfolio, according to a press release.

The patent utilizes a "zero-knowledge proof" algorithm that eliminates the need to transmit sensitive biometric data, thus eliminating privacy concerns at the network layer.

"With the geometric increase in information exchange over the past few years, reliable transmission and storage of sensitive data has become a vital aspect of network security," EyeLock Chief Technology Officer Jeff Carter said in the release. "Data as it traverses a network is at its most vulnerable state as it is a very easy target for any attacker present in the network. Our latest patent brings strong biometric authentication technology to the network layer to provide real-time authorization and human presence assurance for network traffic."

The firm says the patent can:

Prevent the spread of malware by distinguishing between network traffic that is generated through human/application interaction and application-only traffic.
Mitigate session-hijacking attacks wherein the session of a live user who is logged into a website (e.g., a banking site) is taken over by a hostile actor