Tips 1：Reduce the risk of centralized storage of biological information

For the centralized biological information processing platform, it is recommended that the background does not directly store the original biological information. It is suggested to encrypt and protect the converted biological characteristics, place the biological characteristics and real-name information in separate databases, and use a variety of methods to reduce the risk of exposure caused by the centralized storage of biological information. Establish a regular verification mechanism for the centralized biological information processing system to standardize the security application of biological information in the financial field.

As a professional and authoritative third-party testing laboratory, the National FinTech Evaluation Center (NFEC, also well-know as Bank Card Test Center or BCTC) has specialized technical teams and professional testing laboratories to provide chip security and terminal product security services.

Tips 2：Biometric algorithm optimization and improvement

Algorithm vendors should continuously optimize and upgrade biometric algorithms based on risk models, constantly update algorithm models, and adopt the latest models with the most stable recognition performance to improve the accuracy of biometric algorithms and live detection performance, also reduce the security risk of biometric technology applications.

 

As a professional and authoritative third-party testing laboratory, the National FinTech Evaluation Center (NFEC, also well-know as Bank Card Test Center or BCTC) has specialized technical teams and professional testing laboratories to provide chip security and terminal product security services. 

Tips 3：Use security chip platform to protect biometric information

For biometric modules, mature SE and TEE security technologies should be used to process biological information to enhance the overall security of the terminal operating environment. Facial feature data should be encrypted and protected during information interaction. Information such as transaction random numbers and time factors should be used in data transmission to prevent data attacks are replayed.

 

As a professional and authoritative third-party testing laboratory, the National FinTech Evaluation Center (NFEC, also well-know as Bank Card Test Center or BCTC) has specialized technical teams and professional testing laboratories to provide chip security and terminal product security services.