Security & Privacy Protocol
01. How Is Palm Vein Data Stored?
Palm vein systems store:
- RGB palm images
- NIR vein images
- Extracted feature templates
All biometric data is stored exclusively on the customer’s own servers (local or cloud).
No data is stored by X-Telcom / BioWavePass. You fully own and control your biometric data.
02. How Is Data Encrypted?
Data protection uses industry-grade encryption:
Transmission HTTP + SSL (TLS)
Cloud Storage AES-256 CBC
تشفير عند الكتابة Decrypted on authorized reading
03. التحكم في الوصول
No.
X-Telcom / BioWavePass does not: Store biometric data, access customer databases, or manage user identity data.
We only provide hardware, SDK/API, and algorithm support. All data control remains with the client.
04. Global Compliance
Supporting GDPR and PCI DSS through:
Data minimization Local storage No 3rd-party access Zero retention
Reducing operational risks.
05. Risk Reduction via Tokenization
Source
Palm
Identify
Identity
Secure
Token
Action
Payment
Biometric data is never used in transactions
Tokens are used instead of sensitive data
Tokens can be revoked and replaced
Is it Safe for Large-Scale Deployment?
Yes, by design.
E2E Encryption Client-Owned Compliance-Ready
Security is built into the system design, not added afterward.
Build a Secure and Compliant Palm Vein System
Full Data Control Global Compliance Secure Scalability
Get Started