ZERO EXPOSURE • ENCRYPTED BIOMETRICS

Your Biometric is Never Decrypted. Ever.

Fully homomorphic biometric matching. Templates are encrypted client-side, stored encrypted, and matched in the encrypted domain. 50µs per authentication. The server literally cannot see your face, fingerprint, or voice.

Get API Key → View Docs SDK Integration Guide
50µs
Per Auth
1.2M/sec
At Scale
Zero
Data Exposure
32
Batch Size
ARCHITECTURE

End-to-End Encrypted Biometric Pipeline

From capture to match decision, your biometric template never exists as plaintext on the server. Every step is cryptographically protected.

📱
Step 1
Client Capture
Biometric captured on device. Template extracted as a 128-dimensional feature vector. Stays on the device.
🔒
Step 2
Client Encrypt
Template encrypted with BFV FHE (N=4096). Never leaves the device as plaintext. Only ciphertext is transmitted.
Step 3
Server Match
FHE inner product computes similarity on ciphertexts. SIMD batching packs 32 users per ciphertext.
Step 4
Threshold Decision
Encrypted score compared against threshold. Match/no-match returned. Raw biometric never touched by the server.
THE PROBLEM

Traditional Biometrics Are a Liability

Every traditional biometric system has the same fundamental flaw: the server must decrypt your data to match it. That window of exposure is a window of vulnerability.

💥
Database Breach
Stolen biometrics can't be reset like passwords. Once leaked, they're compromised forever. You cannot change your fingerprint or face.
👁
Server-Side Exposure
Traditional systems decrypt biometrics for matching. Every authentication is a window of vulnerability where raw biometric data exists in server memory.
Regulatory Pressure
GDPR Article 9, CCPA, BIPA — biometric data is the highest-risk personal data category. Non-compliance penalties are severe and growing.
H33 eliminates all three.

FHE means the server provably never sees the biometric. There is no plaintext to steal, no decryption window to exploit, and no raw biometric data to regulate — because it never exists on the server.

PERFORMANCE

Production-Grade Speed

Encrypted biometric matching at speeds that make plaintext systems look slow. Measured on AWS Graviton4 with 96 workers.

50µs
Single Auth Latency
1,375µs / 32 users per batch
1.2M
Auth/sec at Scale
Graviton4, 96 workers
32
Users per Ciphertext
4096 slots ÷ 128 dims
~1.04ms
Constant-Time Batch
Identical for 1 or 32 users
Blink test: 300ms blink ÷ 50µs = 6,000 authentications per blink
API

Biometric Match API

Four endpoints. Encrypt, match, attest. All operating on ciphertexts — the server never touches plaintext biometrics.

POST /v1/fhe/h33-128/encrypt Encrypt biometric template
POST /v1/fhe/h33-128/biometric-match Match encrypted probe against template
POST /v1/fhe/h33-128/dilithium/biometric-match Match + Dilithium attestation
POST /v1/fhe/h33-128/3key/biometric-match Match + 3-Key attestation
Biometric Match Request curl 
# Match an encrypted biometric probe against stored template
curl -X POST https://api.h33.ai/v1/fhe/h33-128/biometric-match \
  -H "Authorization: Bearer h33_sk_..." \
  -H "Content-Type: application/json" \
  -d '{
    "probe_ciphertext": "<base64-encoded FHE ciphertext>",
    "template_id": "usr_8f2a...c41b",
    "threshold": 0.85
  }'

# Response
{
  "match": true,
  "confidence": "above_threshold",
  "latency_us": 48,
  "batch_id": "batch_a9f3...e712",
  "plaintext_exposed": false,
  "fhe_params": {
    "scheme": "BFV",
    "n": 4096,
    "t": 65537,
    "batch_size": 32
  }
}

Also available on H33-256 (/v1/fhe/h33-256/*) for NIST Level 5 security.

SECURITY

Cryptographic Guarantees

Not just "encrypted in transit" or "encrypted at rest." Encrypted during computation. Provably.

📐
Mathematical Proof
FHE guarantees: computing on encrypted data produces the same result as computing on plaintext, then encrypting. The server cannot learn the input. This is not a policy — it is a mathematical property of the cryptosystem.
Constant-Time
All operations are constant-time with respect to secret key material. No timing side channels. Match time is identical regardless of similarity score, preventing oracle attacks.
🌍
Post-Quantum
Lattice-based FHE is inherently quantum-resistant. Add Dilithium attestation for end-to-end post-quantum security. Your biometric data is protected against both classical and quantum adversaries.
📜
Audit Trail
Every match generates a cryptographic audit record. Dilithium-signed, append-only, tamper-evident. Compliance teams get verifiable proof of zero-exposure operations.
USE CASES

Where Encrypted Biometrics Matter

Any application handling biometric data can eliminate its highest-risk liability with a single API integration.

🏢
Access Control
Building entry, secure facilities, server rooms. Biometric access without a centralized plaintext database to breach.
🆔
Identity Verification
KYC, onboarding, re-authentication. Verify identity against enrolled templates without ever exposing the biometric.
🩺
Healthcare
Patient identification in HIPAA environments. Biometric matching that is HIPAA-compliant by construction, not by policy.
🏦
Financial Services
Transaction authorization, account recovery. High-assurance biometric auth for banking and payments.
🏛
Government & Defense
Classified facility access, border control, national ID systems. Sovereign biometric data that never leaves the encrypted domain.
INTEGRATION

Works With Any Biometric Model

Your model extracts the embedding. H33 encrypts and matches it. Pre-built adapters for popular open-source models, plus a generic adapter for any model producing float vectors.

Face · 512-D
ArcFace / InsightFace
L2-normalized float32 vectors. Adapter validates dimension, checks L2 norm in [0.9, 1.1], rejects NaN/zero.
adapter: "arcface"
Voice · 192-D
SpeechBrain ECAPA-TDNN
Speaker verification embeddings. Adapter validates dimension, checks finite, auto L2-normalizes.
adapter: "speechbrain"
Fingerprint · 256-D
SourceAFIS
Spatial-binned minutiae vectors. Client converts CBOR templates to 256-D grid. Adapter L2-normalizes.
adapter: "sourceafis"
Any Model · Any-D
Generic Adapter
NEC NeoFace, Cognitec FaceVACS, custom iris encoders, or any model producing float vectors.
GenericAdapter::new(type, dim)
SDK Integration Guide →
ANTI-SPOOFING

Built-In Liveness Detection

21 attack types detected. Liveness checks run before FHE matching — spoofs never waste compute. Challenge-response verification with configurable risk levels.

🧑
Face Detectors
6 detection layers: Texture analysis, depth estimation, blink detection, movement patterns, moiré pattern detection, micro-expression analysis. Catches printed photos, screen displays, and masks.
🎤
Voice Detectors
4 detection layers: Replay detection (duplicate hash), synthetic speech analysis, frequency spectrum validation, environmental consistency checking. Catches recordings and AI-generated voice.
🤖
Deepfake Detection
Cross-modal analysis: GAN artifact detection, temporal coherence checking, challenge-response verification that deepfakes cannot pass in real-time. Detects face swaps and neural rendering.
SPOOF BLOCKS BEFORE FHE RUNS

If liveness fails, the FHE verification is never executed. Zero compute wasted on attack attempts. Configurable risk levels (low/medium/high) control challenge difficulty.

COMPLIANCE

Regulatory Coverage by Architecture

FHE biometrics satisfy the strictest biometric privacy laws by mathematical guarantee, not by policy promise. The server provably cannot access the biometric data it processes.

BIPA · 740 ILCS 14
Illinois Biometric Information Privacy Act
FHE ciphertexts satisfy all 5 sections: retention & destruction, informed consent, no profiting from biometric data, no unauthorized disclosure, reasonable security standard.
Read BIPA Analysis →
🇪🇺 GDPR · Article 9
EU General Data Protection Regulation
Privacy by design is a mathematical guarantee, not a policy promise. BFV FHE is definitionally Article 25 compliant. Includes DPIA template for customer deployment.
Read GDPR Analysis →
🏴 CCPA / CPRA
California Consumer Privacy Act
Right to deletion via unenroll() API with Dilithium-signed deletion receipt. H33 as service provider stores only BFV ciphertexts.
Read CCPA Analysis →

Start Building Encrypted Biometrics

One API call. Zero biometric exposure. Post-quantum secure. Drop-in integration with any biometric pipeline.

Get API Key SDK Integration Guide API Documentation View Pricing
Verify It Yourself