Glossary Biometrics
Biometrics
What is biometrics?
From fingerprint scanners to facial recognition on smartphones, biometric processes have long been a part of our everyday lives. However, there is much more to this convenient user experience than meets the eye: biometrics are becoming the backbone of digital identity verification. Companies, public authorities, and financial service providers are increasingly relying on biometric technologies to balance security, efficiency, and user-friendliness.
So, what exactly does the term 'biometrics' mean, and how secure is biometric data really?
Biometrics definition
Biometrics refers to the automated measurement and evaluation of physical or behavioural characteristics that can be used to uniquely identify or authenticate living beings. In what follows, we will focus primarily on identifying and authenticating individuals.
A distinction is made between:
- physiological characteristics, such as fingerprints, faces and retinas;
- and behavioural characteristics such as voice, typing behaviour, and gait pattern.
Biometric procedures are no longer only used in official contexts. They are also becoming a user-friendly, forgery-proof alternative to traditional authentication methods in the private and business sectors, for example when opening an account, logging in or undergoing KYC procedures.
What is biometric data - and how sensitive it is?
Biometric data are personal, unchangeable characteristics that uniquely identify a person. There are many examples of this:
- Fingerprint
- Face shape
- Iris or retina pattern
- Voice profile
- Movement and typing behavior
Unlike passwords or PINs, biometric data cannot simply be 'reset'. This makes them particularly secure, but also particularly worthy of protection. Under the GDPR, biometric data is considered a 'special category of personal data' and is subject to strict protection requirements.
Modern solutions work with biometric templates: rather than storing the raw data, it is converted into mathematical patterns. This strikes a balance between security and data protection.
Biometric authentication - secure or risky?
Biometric authentication replaces or supplements traditional methods, such as passwords or TAN procedures. Unlike knowledge-based methods (e.g. PINs) or possession-based methods (e.g. smartphones), it is based on a person's unique characteristics.
Advantages | Disadvantages |
High security through uniqueness | Deepfakes and manipulation attempts (e.g. for facial recognition) |
Cannot be forgotten or passed on | Data security during storage and transmission |
Fast and intuitive application | Bias risks in poorly trained algorithms |
Therefore, secure biometric authentication is only as good as the technology behind it and the regulatory understanding of its providers.
Biometrics in digital identity verification
Biometrics play a crucial role in modern identity verification because they make it more secure. Biometric data, such as passport photos and, optionally, fingerprints, are stored digitally in biometric ID documents, such as modern ID cards and passports. This information can be read particularly securely via the NFC interface, which makes the document forgery-proof and machine-readable.
For use cases that require particularly high levels of security, such as creating a qualified electronic signature (QES), PXL Vision's identification process can be supplemented by reading NFC-based biometric information to avoid manual verification, which is more time-consuming.
PXL Vision operates without NFC verification as standard. It compares the biometric photo on the ID document with a live image from a selfie video. The AI-based software checks not only whether the facial features match, but also recognises possible attempts at deception.
The result: secure, seamless identity verification that makes effective use of biometric features - flexible, GDPR-compliant and without additional hardware.
Legal framework & standards
Biometric procedures are subject to strict regulatory requirements in the EU:
- GDPR/DSG: Biometric data requires particular protection — processing it requires explicit consent and special technical protective measures.
- The eIDAS/CertES Regulation: It defines the requirements for electronic identification and trust services, especially for qualified procedures such as QES.
- ISO/IEC 19794: This is a standard for formatting and processing biometric data for international interoperability.
Together, these standards are essential for integrating biometrics into digital processes in a legally compliant and sustainable manner.
The future of biometrics: opportunities & responsibility
Biometrics is developing rapidly - not only technologically, but also socially. Current advanced methods include:
- Multimodal biometrics: The combination of several features for verification purposes (e.g. face and voice).
- Behavioural biometrics: Use of typing behaviour or mouse movements for continuous verification.
- Deep learning: Better pattern recognition, but potential risks due to a lack of system transparency.
At the same time, both providers and users have a responsibility to uphold ethical and security standards. When using biometrics, it is important to consider not only efficiency, but also data protection, fairness and inclusion.
FAQ on biometrics
Biometrics is the recognition or verification of people based on individual physical or behavioral characteristics.
Examples are face, fingerprint, iris, voice, vein pattern or behavior (e.g. typing speed).
Yes - provided they are not saved as raw data, but are encrypted or processed as a template.
Yes - it is more forgery-proof, more user-friendly and not dependent on memory.