Question 1

How do zero-knowledge biometrics differ from other types of biometrics?

Accepted Answer

Local biometrics store data on the device itself, and centralized biometrics store data on the cloud within an organization’s system. Ping’s zero-knowledge biometrics are decentralized, and they use privacy-preserving cryptographic techniques designed to ensure biometric information is never stored in a retrievable or reconstructable form. Even during authentication, data is encrypted and protected, preventing exposure, misuse, or linkage back to the original image.

Question 2

Does this work with my existing IdP or CIAM platform?

Accepted Answer

Yes. Our zero-knowledge biometrics solution integrates with Ping Identity or any IdP, and it fits into existing authentication flows without requiring architectural changes. You can add privacy-preserving biometric authentication to your current identity stack, including Ping deployments.

Question 3

Does it work with our IDV provider?

Accepted Answer

Yes. Ping’s solution can be used in combination with any leading IDV provider for authentication use cases. During login, step-up, payment, or account recovery, user biometrics are matched against their verified identity in a privacy-preserving manner.

Question 4

Do users need to re-enroll if they change devices?

Accepted Answer

No. Users can reauthenticate on a new device in seconds with a quick selfie matched to their original enrollment. This enables fast, secure account recovery or addition of multiple devices without repeating identity verification or contacting a call center. Since the device is unrecognized, account recovery and device binding rely only on facial recognition. The selfie match can then be paired with another MFA method for additional assurance.

Question 5

How does this solution defend against deepfake and spoofing attacks?

Accepted Answer

Our zero-knowledge biometrics use multiple real-time checks—passive liveness, behavioral signals, and certified presentation and injection attack detection (ISO/IEC 30107-3 & CEN/TS 18099 certified). For existing devices already bound to a user account, each authentication is also inherently multi-factor, checking that both face and device were those used to enroll. Together, these signals detect deepfakes, replayed media, and spoofing attempts, helping ensure the genuine user is physically present and stopping remote impersonation.

Question 6

Does this solution meet global privacy and security regulations and mandates?

Accepted Answer

Yes. Our zero-knowledge biometrics support global privacy and security requirements. Biometric information is cryptographically processed and never kept in a reconstructable form, reducing exposure and helping organizations align with GDPR, PSD3, ISO/IEC 30107-3, CENTS18099, and CCPA expectations.

Prove Identity.
Protect Privacy.

Security Gains. UX & Privacy Pains.

Security Gains. UX & Privacy Pains.

Static Credentials Invite Fraud

Bad UX. Big Risk.

Stricter Mandates, Higher Stakes

Privacy-Proven,
Zero-Knowledge Biometrics

Prove Identity. Protect Privacy.

Security Gains. UX & Privacy Pains.

Security Gains. UX & Privacy Pains.

Static Credentials Invite Fraud

Bad UX. Big Risk.

Stricter Mandates, Higher Stakes

Privacy-Proven, Zero-Knowledge Biometrics

Prove Identity.
Protect Privacy.

Privacy-Proven,
Zero-Knowledge Biometrics