Security at Bifense
Protecting biometric data requires rigorous security practices at every layer. Here is how we safeguard your data and maintain the trust you place in our platform.
Infrastructure security
Our infrastructure is designed with defence in depth, ensuring multiple layers of protection for your data.
Encryption
- AES-256 encryption at rest for all stored data
- TLS 1.3 enforced for all data in transit
- Biometric templates encrypted with per-tenant keys
- Key management via hardware security modules (HSMs)
Infrastructure
- Hosted on enterprise-grade cloud infrastructure
- Network segmentation with strict firewall rules
- DDoS mitigation at the edge layer
- Automated infrastructure patching and hardening
Access control
- Role-based access control (RBAC) across all systems
- Multi-factor authentication required for all internal access
- Least-privilege principle enforced for service accounts
- Comprehensive audit logging of all administrative actions
Data handling
Biometric data is among the most sensitive categories of personal data. We treat it accordingly.
Biometric template storage
Biometric templates are stored as irreversible mathematical representations. Original biometric images are processed in memory and not persisted beyond the verification workflow unless explicitly configured by the customer.
Data minimisation
We collect and process only the minimum data necessary to perform the requested verification operation. No biometric data is shared across tenants or used for purposes beyond the scope defined in the customer agreement.
Retention policies
Default retention periods are aligned with regulatory requirements. Customers can configure custom retention windows. Automated deletion processes ensure data is purged on schedule with cryptographic verification of destruction.
Compliance
Our security programme is built to meet the compliance requirements that matter to regulated enterprises.
ISO 27001 alignment
Our information security management system is aligned with ISO 27001 controls, covering risk assessment, access management, and incident response.
GDPR readiness
We provide Data Processing Agreements, honour data subject rights, and maintain processing records in accordance with GDPR requirements.
Biometric data regulations
Our platform is designed to support compliance with biometric data regulations including BIPA, GDPR Article 9, and equivalent frameworks.
Secure development practices
Security is embedded into our software development lifecycle from design through deployment.
Code review
All code changes require peer review before merge. Security-sensitive changes undergo additional review by the security team.
Dependency scanning
Automated scanning of all dependencies for known vulnerabilities. Critical findings are patched within defined SLA windows.
Penetration testing
Regular third-party penetration testing of our platform, APIs, and infrastructure. Findings are triaged and remediated on a risk-prioritised basis.
Incident response
Documented incident response procedures with defined severity levels, escalation paths, and communication protocols. Post-incident reviews drive continuous improvement.
Responsible disclosure
If you believe you have found a security vulnerability in Bifense, we encourage responsible disclosure. Please report security issues to security@innovantics.com. We commit to acknowledging reports within 48 hours and providing regular updates on remediation progress.
Please do not publicly disclose any vulnerabilities until we have had reasonable time to address them.