- Online mode for both mobile iris recognition and enrolment functionality
- Offline mode for both recognition and enrollment functionality of up to 10,000 iris records
- API’s, EyeCloud® and EyeCloud® Management Security Services
- Monitoring of the IMEI of the device. IrisGuard can provide white and blacklist control and link to third party MDM if mobile network operator requires.
- SIM control and provision (if optionally required) IP and MAC address control
- For limited time operation and prevention of out of hours usage in the field, various control parameters can be set based on UTC or local time
- Embedded liveness and spoof detection software
- Iris scanner phone integrates with the Blockchain, utilising the iris template as the private key, without the requirement to store or remember the 32bit key
- Location based control
- GPS enabling accurate location stamp and additional linkage to the device IMEI and SIM
In March 2020 our EyePay®Phone, EyeCloud® system and application were tested by iBeta for PAD and associated counter measures and were found to be fully compliant to Level 1 of ISO 30107-3 Presentation Attack Detection (PAD) for mobile devices.
iBeta is the only NIST NVLAP-approved biometrics test lab and the first FIDO Alliance accredited test lab for biometric testing in the world. IrisGuard is one of only two companies globally to achieve this level of PAD performance for iris scanning.
The EyePay®Phone, as well as all EyeCloud® products in its fixable, portable and embedded range, are protected by the highest standards and certified to ISO9001:2015 (UK).
In addition, we are members of the GSMA - the association representing and overseeing global mobile networks for all GSM mobile devices and standards.
The security of our iris scanner phone system is protected by the cloud-based EyeCloud® Manager. This allows the system to provide extensive variable parameters for the control of queries to the iris templates and the function and availability of the system in the field.
It is fully scalable to multi-million records, with each client system operating independently and capable of allowing federated support for third parties to utilise mobile iris recognition under the control of the master client. This data access can also be customised to only allow specific information to pass through the system or fully anonymised.
Report queries can be initiated and supplied directly and automatically or clients can have special portal access. The EyePay®Phone also has full compliance to PAD (Presentation Attack Detection) ISO 30107-3 Level 1 testing, performed independently by iBeta labs in the USA.
If utilising the offline mode, a limited number of iris records can be stored on the device and are protected by the encryption key from the Android Key Store and locked to the Android client application residing on the EyePay®Phone.
Our iris scanner phone and the provided EyeCloud® Client APIs are all provisioned to utilise the Android Key Store. The APIs also include further checks to determine if any unauthorised tampering or changes have occurred to the phone, such as rooting, thereby automatically disabling the APIs. The EyeCloud® Client API therefore ensures protection of your client data.
The EyeCloud® packets are protected with an end-to-end encryption scheme. The scheme uses the latest symmetric and asymmetric encryption algorithms to secure packets going to and from the EyeCloud® Host. Other security features that the API uses include but are not limited to: signatures, OTPs, T-OTPs and expiring templates.