Paper 2019/894

BioID: a Privacy-Friendly Identity Document

Fatih Balli, F. Betül Durak, and Serge Vaudenay


We design a suite of protocols so that a small tamper-resistant device can be used as a biometric identity document which can be scanned by authorized terminals. We target both strongly secure identification and strong privacy. Unlike biometric passports, our protocols leak no digital evidence and are essentially deniable. Besides, getting the identity information from the device requires going through access control. Access control can follow either a strong PKI-based path or a weak password-based path which offer different functionalities. We implemented our protocols on JavaCard using finger-vein recognition as a proof of concept.

Note: The version 2 of this report fixes some typos from previous version, and contains minor updates on references.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. MAJOR revision.15th International Workshop on Security and Trust Management (STM) 2019
privacydeniabilityID documentsmart card
Contact author(s)
fatih balli @ epfl ch
2019-09-02: revised
2019-08-05: received
See all versions
Short URL
Creative Commons Attribution


      author = {Fatih Balli and F.  Betül Durak and Serge Vaudenay},
      title = {BioID: a Privacy-Friendly Identity Document},
      howpublished = {Cryptology ePrint Archive, Paper 2019/894},
      year = {2019},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.