EyeAllow, Access200, & Access200W on Device Data

Princeton Identity's multimodal biometric access control devices employ several techniques to
ensure that sensitive business and biometric data stored or passed through the device are secured in
the event of theft or damage. Most of the data the device handles are either stored in volatile memory
or on the flash memory encrypted. Princeton Identity utilizes industry best practices to ensure that the
embedded system protects or deletes data in the event of a reader being removed and inspected by
a malicious actor. These best practices are:

• Tamper/Removal Detection: If the device is removed from the backplate, an alert will be sent
to IDS notifying necessary parties that the device has been removed.

• Secured and Signed Software and Updates: Only verified and signed software packages
can be installed onto the device. The device will only boot from a signed image preventing
unauthorized software or firmware packages from being loaded onto the device.

• Data Encryption in Transit and at Rest: Software and data stored on the device is encrypted
and communication to IDS and other authorized network resources are secured using TLS 1.2.

• Storage of Sensitive Data Restricted Server Side: Biometric templates and profile data are
configurable to be stored only on IDS. This allows the edge device to not retain any sensitive
information/users' biometrics in the event of theft or tampering of the device.

• Password Protection of Edge Devices: Authorization is to access and change settings,
perform device updates, and export logs from the device.

• Debug and Programming Ports Disabled: Ports used for factory programming and
debugging are disabled using hardware fuses on the processor to prevent unauthorized
loading images (Images would still need to be signed to be loaded).

Below is a table outlining what critical data is stored or processed on the edge device and how it is
retained.