The biometric technology has positioned itself as an effective solution in identity and access management, offering increased security and convenience for users. However, recent regulatory decisions, such as those from the European Data Protection Committee, have restricted the use of centralized biometric systems in the workplace. 

As a result, companies are forced to adapt their methods of employee time tracking to comply with these new regulations. The Spanish Data Protection Agency has provided guidance to assist companies in complying with the new regulations. Among the requirements are data minimization and the need for specific circumstances to justify the use of biometric systems. 

Furthermore, it establishes among its conclusions that: 

“Among the recommended measures to minimize risk are: 

• The use of biometric technologies should be based on devices under the exclusive control of users. 

• It is advisable that data collection be done consciously by the individual, and even with the requirement of a positive action to initiate the processing of biometric data. 

• Preferably, centralized storage of biometric templates should not be used.” 

In this scenario, decentralized solutions such as B-FY present themselves as a promising alternative, aligned with the new regulations that prioritize user privacy. 

The evolution of biometric technology in information security 

In a constantly evolving digital world, Identity and Access Management (IAM) has become an essential component of modern business operations. The growing threat of cyberattacks and the need to comply with data privacy regulations have driven the search for innovative solutions, among which biometric technology has emerged as a fundamental pillar. 

Despite the advantages offered by biometric authentication, it faces significant challenges that require the implementation of best practices to ensure the security and privacy of users. Among these challenges are periodic risk assessments and secure storage of biometric data. 

B-FY solution: biometric decentralization 

At B-FY, we are committed to protecting people's identities through a decentralized biometric authentication solution. As established by the AEPD in the conclusions of its GUIDE ON PRESENCE CONTROL TREATMENTS THROUGH BIOMETRIC SYSTEMS, our system does not store biometric data on central servers. The user performs the registration action by providing their email address and phone number, and furthermore, B-FY’s solution only uses the biometric data stored on the user's mobile device, thus always remaining under their control, guaranteeing the privacy and security of the data. 

Biometric decentralization offers multiple advantages for both companies and end-users, including: 

• Increased security: By avoiding centralized data storage, the risk of security breaches is reduced. 

• Enhanced privacy: Users maintain full control over their biometric data, mitigating concerns about misuse of information. 

• Regulatory compliance: Biometric decentralization aligns with new data protection regulations, such as the recent decision of the European Data Protection Committee. 

Thus, biometric decentralization emerges as an innovative and secure solution in identity and access management, offering a viable alternative to regulatory challenges and prioritizing user privacy and security. 

In an increasingly data-focused business environment, solutions like B-FY are essential to ensure security and privacy in biometric authentication, consistently complying with European and Spanish regulatory provisions. 

Want to learn more? Request a free demonstration here.