Encrypted Is Not Private: Why Biometrics Need Decentralized Multi-Party Matching Written on

Encrypted Is Not Private: Why Biometrics Need Decentralized Multi-Party Matching

Homomorphic encryption can protect biometric templates from exposure, but it does not eliminate centralized identification power. Privacy-preserving biometrics require architectures where no single institution can independently search, reconstruct, or control biometric identity at scale.

TL;DR

Biometric privacy is often misunderstood as an encryption problem. It is not.

Homomorphic encryption can secure biometric templates during storage and computation, but the institution operating the system may still be able to identify users, match arbitrary face images, and link authentications across sessions.

True privacy-preserving biometrics require more than encrypted computation. They require architectural decentralization: systems where no single actor can independently reconstruct, search, or control biometric identity. That is why decentralized multi-party biometric matching is a stronger privacy model than homomorphic matching alone.

The industry keeps confusing security with privacy

Biometric authentication is becoming the default trust layer of the digital economy. Banks use face verification for onboarding. Governments are moving identity systems online. Payment providers want frictionless authentication. AI systems can now identify people from images at enormous scale.

At the same time, biometric data is fundamentally different from passwords. You can reset a password. You cannot reset your face.

This is why the industry has become interested in “privacy-preserving biometrics”, especially systems based on homomorphic encryption and secure multi-party computation. These technologies are often grouped together, but they solve different problems.

Homomorphic encryption protects biometric templates from exposure. Multi-party computation can protect users from centralized identification power.

That distinction matters enormously under GDPR and even more in a world where face recognition is becoming infrastructure.

The real danger is not biometric theft. It is permanent identification.

Most people think biometric risk means someone stealing their face image. That is a serious risk, but it is not the only one.

The deeper risk is that one institution gains the technical ability to continuously identify a person. A biometric system can be secure against data leakage while still being invasive if one operator can match people across sessions, identify users from arbitrary photos, correlate activity across services, or build a persistent identity graph.

GDPR reflects this sensitivity. Article 4 defines biometric data as personal data resulting from specific technical processing of physical, physiological, or behavioural characteristics that allow or confirm unique identification. Article 9 then treats biometric data used to uniquely identify a natural person as a special category of personal data. Article 25 adds the requirement for data protection by design and by default.

In other words, GDPR is not only about protecting databases from attackers. It is also about limiting unnecessary power over personal data from the start of system design.

A biometric template is not harmless just because it is not a photo

Modern face recognition systems usually do not store raw photos. Instead, they convert a face image into a mathematical representation called a biometric template.

A simplified enrollment flow looks like this: a camera captures a face image, a model extracts distinguishing features, those features become a numerical vector, and that vector becomes the reference template. During authentication, a fresh face image is converted into another vector and compared with the stored template.

The important point is that the template itself remains biometric data. Even if it is not human-readable, it can still be used to recognize and identify a person.

The Norwegian Data Protection Authority’s SALT report makes this point directly in the context of protected biometric templates. The report explains that biometric templates may still reveal facial information and therefore require strong protection. It also describes homomorphic encryption as a way to protect templates while still enabling face recognition.

What homomorphic encryption actually solves

Homomorphic encryption allows computation on encrypted data. In biometric systems, that means a stored template can remain encrypted, an incoming biometric probe can remain encrypted, and the matching operation can still be performed without decrypting either template during the computation.

This is a major security improvement. If the database leaks, attackers may not obtain usable plaintext templates. Operators may never directly see raw biometric vectors. The comparison can happen inside encrypted space.

Conceptually, homomorphic encryption changes the model from:

“Compare Alice’s plaintext face template against the database.”

into:

“Compare Alice’s encrypted face template against encrypted database templates.”

That is valuable. It reduces exposure. It improves confidentiality. It makes biometric template protection much stronger.

But it does not automatically create privacy.

Encrypted does not mean anonymous

The core limitation is simple: homomorphic encryption hides the content of biometric data, but it does not necessarily hide identity relationships.

A bank can still ask whether a new encrypted face probe matches a customer’s enrolled encrypted template. It may still be able to run a search against enrolled users. It may still know which account authenticated. It may still link repeated authentications to the same person.

In practical terms, the biometric becomes unreadable but still searchable.

That is why homomorphic encryption can be secure while remaining insufficiently private. It protects against exposure of the biometric template, but it may preserve the centralized power to identify.

The architectural difference: centralized, homomorphic, and decentralized biometrics

The difference becomes clearer when comparing three models: traditional centralized biometrics, homomorphic biometric matching, and decentralized multi-party biometric matching.

Property Traditional Centralized Biometrics Homomorphic Encryption Biometrics Decentralized / MPC Biometrics
Prevent theft of raw biometrics No Yes Yes
Prevent database leaks exposing usable templates No Often yes Yes
Prevent operator from seeing biometric contents No Yes Yes
Prevent centralized possession of full biometric templates No No Yes
Prevent a single party from matching users arbitrarily No No Yes
Prevent the bank from knowing who authenticated No Usually no Can be made to, depending on design choice
Prevent arbitrary facial searches against all users No Usually no Yes, depending on design choice
Prevent cross-session linkage No Usually no Can be made to, depending on design choice
Provide unlinkability between authentications No Limited Can be made to, depending on design choice
Require user consent for matching No No Yes
Reduce surveillance-style identification capability No Limited Yes
Eliminate biometric honeypots No No Yes
Align with GDPR data minimization principles Weakly Partially Yes, goes beyond GDPR
Protect against insider misuse Weakly Partially Yes
Provide anonymity No Not by itself Can be made to, depending on design choice
Preserve authentication capability Yes Yes Yes
Improve confidentiality during computation No Yes Yes
Reduce trust in any single operator No No Yes
Architecture focus Centralized identity control Encrypted centralized computation Distributed trust and privacy

The central lesson is this: homomorphic encryption improves biometric security. Multi-party architectures change biometric power structures.

Why GDPR pushes the conversation beyond encryption

GDPR is not simply a cybersecurity checklist. It is a framework for limiting unnecessary personal data processing and protecting people from disproportionate data power.

Several principles become especially important for biometric identity systems.

Data minimization

Organizations should process only the personal data necessary for a specific purpose. If the purpose is authentication, a system that enables broad biometric search may process more identity power than is necessary.

Purpose limitation

A biometric collected for login should not silently become part of a wider identification or surveillance capability. The same technical architecture that verifies a user can also become a search infrastructure if it is not constrained.

Privacy by design

Article 25 requires data protection to be embedded into the system design itself. For biometrics, this means asking not only whether templates are encrypted, but whether the architecture prevents unnecessary identification in the first place.

Special protection for biometric identification

Biometric data used to uniquely identify a person receives heightened protection because identification creates structural power asymmetry. The question is therefore not only “can attackers steal the data?” It is also “who has the ability to identify users?”

What secure multi-party computation changes

Secure multi-party computation changes the trust model. Instead of one institution holding a complete biometric matching capability, the capability itself is distributed.

In a simplified decentralized biometric system, the user’s biometric template is transformed and split into cryptographic shares. Different nodes hold different shares. No single node possesses the full template. During authentication, the user’s phone captures a fresh biometric sample and coordinates a matching protocol across the network.

The nodes collaboratively compute whether there is a match, but no single node learns the full biometric. Depending on the protocol, no single node may know the full identity relationship either.

In a strong multi-party architecture, identification requires cooperation.

That is the essential difference. A centralized encrypted system may still allow the operator to identify users. A decentralized multi-party system can be designed so that no single operator can initiate or complete matching alone.

Identification may require your participation

One of the most important privacy improvements comes from requiring the user device to actively participate in the biometric matching process.

The phone may hold routing secrets, temporary keys, challenge-response logic, or authorization tokens required for the MPC process. Without the user’s device, the network may not know which shards to query, which nodes to activate, or how to complete the comparison.

This makes arbitrary facial searches much harder. A bank employee who obtains a face image may no longer be able to independently search the biometric database, because there is no single database and no unilateral matching capability.

This does not automatically mean perfect anonymity. Metadata, account relationships, node governance, and protocol design still matter. But it changes the default from institutional control to user-mediated authentication.

Encryption protects data. Decentralization protects power boundaries.

This is the point many biometric privacy debates miss.

A fully encrypted centralized biometric system can still become a population-scale identity graph. It can still authenticate, identify, correlate, and search. The data may be encrypted, but the power to identify remains centralized.

A decentralized MPC architecture changes that boundary. It reduces the ability of any single actor to search identities at will, correlate users across services, or silently repurpose biometric authentication into biometric surveillance.

That is why privacy-preserving biometrics cannot be evaluated purely by cryptographic strength. Governance matters. Custody matters. Query authorization matters. Key control matters. The ability to initiate matching matters.

The goal is not simply to encrypt biometric databases better. The goal is to ensure that no single actor can possess or reconstruct biometric identity at scale in the first place.

Where Youverse fits into this shift

This is the architectural direction behind Youverse’s approach to decentralized biometrics and privacy-preserving identity.

The goal is not to make centralized biometric databases slightly safer. The goal is to remove the centralized biometric honeypot and reduce unilateral identification power while still enabling high-assurance authentication and identity verification.

Products such as YouAuth and YouID reflect this principle: identity systems should prove that the rightful person is present without forcing users to surrender their biometric identity to a central operator.

In practical terms, this means moving from biometric possession to biometric proof. Not “store the face and search it later,” but “prove that the right person is present now.”

The future of biometrics will be judged by how little power they centralize

For years, the identity industry asked how to secure biometric databases. That question is still important, but it is no longer enough.

The more important question is how to prevent biometric systems from becoming universal identification infrastructure.

Homomorphic encryption is a valuable security layer. It can protect templates, reduce breach exposure, and enable encrypted computation. But if one organization can still identify users, run arbitrary searches, and correlate activity, the privacy problem remains unresolved.

Multi-party and decentralized biometric architectures move toward a different model: authentication without unilateral identification power.

The future of biometrics will not be defined only by how accurately systems recognize people. It will be defined by how little centralized identification power they create.

Homomorphic encryption secures biometric computation. Decentralized multi-party biometrics secure biometric privacy.

FAQ

Is homomorphic encryption bad for biometrics?

No. Homomorphic encryption is a strong security tool because it protects templates during storage and computation. The limitation is that it does not, by itself, remove centralized identification power.

Can a bank still match a person against encrypted biometric templates?

In many homomorphic systems, yes. The bank may not see the plaintext template, but it may still be able to compare a new encrypted biometric probe against enrolled encrypted templates.

Why is decentralized biometric matching more private?

Because the matching capability can be distributed across multiple parties. No single actor needs to possess the full template or independently control the biometric search process.

Does MPC guarantee anonymity?

Not automatically. MPC can strongly reduce centralized identification power, but anonymity also depends on metadata handling, account mapping, node governance, and protocol design.

How does this relate to GDPR?

GDPR requires special care for biometric data used to uniquely identify people and promotes privacy by design. Decentralized architectures can better support minimization and reduce unnecessary identification capability.

Sources

Newsletter subscription icon
Subscribe to our Newsletter!
The latest posts delivered to your inbox.