No, your biometric data and privacy are always protected at Wink. Once Wink receives your full consent during enrollment Wink will collect your biometric data in a form of encrypted non-identifiable hash signatures anonymously. These hash signatures are meaningless on their own and non-identifiable. This consent is 100% in your control and you can withdraw that consent anytime on a global level and/or at a merchant/service provider level.

At Wink, we view privacy is key. We only collect the minimum amount of personal information needed to ensure you can easily access or pay across the Wink network. Any biometric data we collect is securely encrypted and stored in meaningless hash signatures for user privacy and security and this data is never shared.

Yes, Wink is truly passwordless with your face and voice replacing the need for any password, OTP, 2FA, etc.

The most important standard related to Authentication ( of which Biometrics is a part ) is called AAL (Authentication Assurance level ) 1/2/3 certification from NIST ( National Institute of Science and Technology ). Refer to the following detailed description of AAL (https://pages.nist.gov/800-63-3/sp800-63b.html#sec4 )

In short

• AAL1 is for authentication technology that only are single factor ( like Apple FaceID or Android TouchID or Windows Hello )
• AAL2 is a multifactor authentication technology that has at least 2 factors ( usually something you have and something you know ) – such as Apple FaceID combined with an OTP code sent to the phone
• AAL3 is an enhancement of AAL2 where the technology also offers impersonation resistance ( that means that another user cannot share the same access privilege granted to the authorized user )

All device based biometrics technologies by themselves, being single factor, can only provide AAL1 access. Hence they are suitable for certain actions like device unlock and password autofill.

This is why most banks use a 2nd factor such as code sent to email or SMS to protect more advanced use cases ( such as wire transfer ) where AAL2 access is recommended

However, AAL2 allows for account sharing and fails to meet impersonation resistance. For example, an iPhone user can share the PIN of their device with another user who can then unlock the phone and also receive the OTP to gain access.

Wink’s technology can provide AAL3 type access since it also provides impersonation resistance. Since there is no OTP/PIN based bypass, if the device is shared with another user, Wink’s technology requires both face and voice to be verified thereby denying access to another user.

Wink plans to use accredited labs by NIST such as iBeta to achieve AAL3 certification in 2023. As explained above solutions based on FaceID alone cannot achieve AAL3.

Wink’s biometrics technology uses multiple factors to authenticate users without the need of any password. It uses the common selfie camera and microphone to capture biometric vectorized data representing a user’s face, voice and device and this data is stored in a private wallet belonging to the user on the cloud (blockchain).

Wink Login can work on any device that has a selfie camera and a microphone.

You can use Wink Login anywhere Wink on any wink enabled device.

Apple’s FaceID makes use of an integrated specialized sensor and a security chip that is part of the iPhone hardware. The security chip stores biometric data representing the main user’s face. The FaceID technology is able to quickly match the face belonging to the holder of the iPhone with the biometric data in the security chip to unlock the iPhone. FaceID can also be used to unlock username and passwords stored in iCloud keychain that allows other apps on the iPhone to use FaceID to automatically fill-in username and passwords for login without the need for the user to manually type the passwords. Apple’s FaceID is the most popular and widely used device based biometrics technology. Other device based biometrics technology are TouchID ( fingerprint sensors found on some models of iPhones, iPads, Macbooks and Android phones ) and USB keys ( like Yubikey ) that have a fingerprint sensor on them.

Wink’s biometrics technology uses multiple factors to authenticate users without the need of any password. It uses the common selfie camera and microphone to capture biometric vectorized data representing a user’s face, voice and device and this data is stored in a private wallet belonging to the user on the cloud (blockchain). Wink’s biometric matching happens in the cloud and is an example of Multi-factor authentication as at least 2 factors relating to the user must match ( out of device, face and voice ) for the user to be granted access. There are many other companies using Cloud based biometrics to offer services like KYC and Identity Verification.

Wink Payment is a service that enables you to replace username and passwords with biometric face-and-voice recognition for a stronger, secure and multi-factor authentication that ties your payment details to your identity for fast and easy payments online and in-store.

To use Wink Payment, simply enroll your face and voice with Wink and add your preferred payment method to your wallet and you’re ready to use Wink to checkout at your favorite stores.

Wink is free to use and at any Wink enabled merchant. If you are interested in offering Wink Payment or login for your business please contact our sales team.

Wink Wallet is not a traditional wallet. Instead, it works with wallet providers for easy online and in-store payment. With Wink Wallet you are able to manage your identity, permissions and profile across any Wink enabled merchant or service provider.

You can manage your Wink profile, authorized payment methods, as well as any permissions granted for merchants and service providers.