“What happens when the face database gets breached?” is the sharpest question a campus CISO can ask a biometric vendor, and it deserves better than reassurance. It deserves an attack-surface analysis.
The load-bearing answer first: in an edge-processed facial authentication system there is no central database of faces to breach — matching happens on the reader against encrypted, non-reconstitutable templates, no images are stored, and what an attacker could exfiltrate from any single layer is math that cannot be turned back into a person. Security still has to be engineered layer by layer; here is that analysis, threat by threat.
Threat 1: Presentation attacks — the photo at the door
The folk attack: hold up a photo, a video on a phone, a mask. The countermeasure is liveness detection on a 3D capture — the reader measures depth and the properties of a living face, so a flat image fails structurally, not statistically. Presentation-attack detection is a mature discipline with standardized testing (ISO/IEC 30107), and it’s the reason the door-side question has shifted from “can a photo fool it?” to the more interesting threats below. Honest note: no anti-spoofing claim should ever be “impossible” — the correct posture is a hard target with detection, which is exactly why high-assurance rooms run face-plus-badge two-factor rather than any single factor.
Threat 2: The stolen device
An attacker unbolts a reader and takes it to a workbench. What do they have? A device storing no photos, names, or videos — templates are encrypted with AES-256, and the template itself is a one-way mathematical representation that does not reverse into a face, as unpacked in the template post. The hardware is also built for the attempt: the Rock X is IK08 impact-rated with an IP66 enclosure, engineered to live unsupervised at exterior doors. The steal-the-box attack yields a box.
Threat 3: The network path
Data in motion — enrollment, management, events — travels under TLS 1.2/1.3, and the reader’s output to the access control system is a standard credential signal over Wiegand or OSDP into Genetec, LenelS2, C•CURE, or Genea. Two implications. First, the biometric decision is made at the edge, so there is no cloud round-trip to intercept at the moment of authentication. Second, the ACS integration inherits your existing panel-side security posture — which means OSDP with Secure Channel is worth specifying where your panels support it, the same hygiene conversation you’d have about any reader.
Threat 4: The honeypot that isn’t there
The breach scenario that headlines are made of — millions of face images exfiltrated from a central store — presumes a central store of face images. An architecture that converts faces to templates on-device and never warehouses photos removes that target rather than defending it. This is data minimization as a security control, not just a privacy one: what is never collected cannot leak, be subpoenaed sideways, or appear in a notification letter. The platform’s posture — SOC 2 attestation, encryption standards, deletion on revocation — is documented for exactly this review in the privacy architecture.
So what should a CISO actually verify?
Five questions for any vendor, ours included: Where does matching occur — edge or cloud? What exactly is stored on the device, and what would its forensic image contain? Can the stored artifact be reconstituted into a face — and what’s the evidence? What are the encryption standards in motion and at rest, and who attests to them? What deletes the template, and how is deletion verified? Written answers to those five, checked against the architecture diagram, are worth more than any marketing page — including this one. Fold them into your vendor-evaluation play and make every bidder draw the data flow.
Want ours in writing? Book a demo and send the five questions ahead — security reviews go faster when the whiteboard starts full.
Frequently asked questions
Can a photo or phone screen fool a facial authentication reader?
A liveness-checked 3D capture measures depth and the properties of a living face, so flat images and screens fail structurally. No anti-spoofing claim should say impossible — the correct posture is a hard target with detection, and face-plus-badge two-factor where stakes demand it.
What does an attacker get from a stolen reader?
A box. The device stores no photos, names, or videos; templates are AES-256 encrypted and mathematically non-reconstitutable, and the hardware is IP66-sealed and IK08 impact-rated to live unsupervised at exterior doors. The steal-the-device attack yields no faces.
What should a CISO ask any biometric access vendor?
Five questions in writing: where matching occurs, exactly what the device stores, whether the stored artifact can be reconstituted into a face, the encryption standards and who attests to them, and what deletes a template with how deletion is verified.