SECURE DOCUMENTS & QR CODE SOLUTION
SecuSeal (known as BioSeal in Europe) is an evergreen universal digital solution or visible digital seal (VDS) used to tamper-proof, certify and authenticate products, documents and content of all types. It is like a QR code but infinitely more secure. In fact, it can be integrated into QR codes to improve their integrity. SecuSeals combat fraudulent falsification of documents and use privacy-friendly biometric recognition technology to verify identity. Discover how to leverage SecuSeal codes for your brand.
Check a SecuSeal in a few steps
SecuSeal is an innovative, robust and economical solution for verifying the authenticity of your documents and products. By integrating biometric identity information such as fingerprints and facial data, SecuSeal enables multi-factor authentication.
Secure your documents and products
More than ever, fake documents and counterfeits are appearing and spreading to the products we all use in our daily lives. What confidence do we give to these documents and products? To protect yourself from forged documents and counterfeits, SecuSeal brings an innovative, robust and economical solution to make sure that your products and documents are true and authentic.
New Visible Digital Seal standard
SecuSeal is the new generation of interoperable and standard-compliant ESEDS (electronically signed encoded data set). Often presented as a visible digital seal (VDS) applied to a document or object, it is used to detect tampering and to confirm the authenticity and legitimacy of the issuer through asymmetrical cryptography. In strict compliance with international standards related to security and resilience and a few exclusive extensions such as biometric recognition, the solution paves the way for an infinite number of use cases.
Verify the identity of the owner
By integrating biometric identity information such as fingerprint and facial data or other password-based encrypted unique identifiers, SecuSeal provides the capability to implement multi-factor authentication for networks, applications, and buildings.
It acts as a digital credential that the legitimate holder can carry on phone or printed format and present to an officer or an automated access control system to prove his/her identity.
Our technology is fully developed in-house and optimized to be stored in a standard QR code or similar 2D barcode while providing you with the highest level of assurance.
Your Data is Safer with a SecuSeal
A Flexible and Versatile Solution
SecuSeal is an extremely flexible, versatile and customizable solution. Everything from the data structure to the physical representation of the code can be personalized according to your needs. Our experts will help you translate your specific use case into a machine-readable format (a.k.a. an XML descriptor) so the issuers and our universal reader can process the information seamlessly, while complying with the policies set in the use case, even when these policies get updated.
The key data fields with associated field constraints are defined per use case in a digitally signed manifest file. Choose to encrypt partial or full data with your preferred encryption algorithm.
Specify your own validation policies (ex: validity period, biometric verification parameters, etc.) Additional verification policies may also be included to satisfy the business rules.
Barcode or RFID
A SecuSeal can be embedded in most 2D barcode technologies, from Datamatrix to QR code and even proprietary 2D barcodes. It can also be stored in RFID tags that have persistent storage.
The first solution certified by
Otentik Trust Network
To ensure the reliability of the service, verification of the different elements of the SecuSeal and the chain of trust is essential. The solution relies on open standards and fits into the Otentik Trust Network whose governance is centered around a trust framework and a root trust list which guarantee both authenticity and legitimacy of the information.
With SecuSeal, no fraud is possible. Every building block on the solution is electronically signed, and the chain of trust is verified up to a root of trust defined in a Trust Service List (TSL), managed and signed by the Otentik network: data set, descriptors, signing certificates, certificate revocation status, TSL, etc. In addition to the chain of trust, each SecuSeal gets validated against the policies defined in the use case. These could include restrictions on the SecuSeal validity period, authorized symbologies, requirements for external certified timestamps, accepted cryptographic key length, and many others.
SecuSeal is designed from the ground up with security and data protection in mind. The solution is 100% GDPR compliant (European General Data Protection Rules). All the key data, included the biometric data, are stored in the personal code with full or partial encryption. The biometric data are also protected by innovative diversification mechanisms for better privacy. The biometric authentication is performed locally, on the Trusted End-Point (TEP).
How to generate your own SecuSeal ?
Create your use case
SecuSeal content is conditioned by a use case. Each use case determines the key data fields to be included in the schema and the field constraints. If required, the use case may also include additional verification policies and features defined in TSO extensions. Use cases are then translated into a machine-readable format (secure XML-format manifest file). Our experts will help you to translate your specific use case.
Validation and deployment
Otentik validates the use case descriptor, signs it with an eIDAS certificate and deploys it on the network. To generate a valid SecuSeal it is necessary to request a signing certificate from an Otentik trusted certificate authority. All use cases declared on the Otentik Trust Network are retrievable via our SecuSeal web service.
Ask users to fill out a form designed for the use case. In order to verify the identity of the user, you may be required to upload an ID document and pass a liveness detection test.
SecuSeal code verification
Our SecuSeal reader verifies whether the information contained in the SecuSeal complies with the specifications defined by the use case. It also verifies the validity of the signature to confirm the integrity of this data. If all checks pass, it presents the information to the user in a presentation view appropriate for the user’s language and the guidelines established by the use case.
We have developed a mobile application to read a SecuSeal or any VDS and verify the legitimacy of the certificate regardless of the code format (QRbio code, Datamatrix…) or the use case concerned.