Cloud Biometric MFA quickly, securely and privately identifies and authenticates millions of employees, partners and customers across all browsers, platforms and devices using face, voice and fingerprint recognition.


Identity is the keystone of security. Passwordlessly identify, authenticate and protect your workforce, partners and customers across all browsers, platforms, devices and geographies using a broad range of MFA options including biometric face, voice and fingerprint recognition, passive & active liveness, WebAuthn and FIDO2 authenticators.

Users identify and authenticate in real time (200ms) with absolute accuracy (IR=99.99%), no false positives (FPIR=0.0001%) and global privacy compliance.

It is easy to get started with built-in SSO and GCP, AWS & Azure Active Directory integration, full compliance with open standards, no upfront costs, no hardware to buy and no software to install.

Identity Without PII

Cloud Biometric MFA provides biometric identification and authentication without the need to store or process usernames, passwords, email addresses, tokens, shared secrets or any other Personal Identifiable Information (PII).


Private Identity protects individual privacy and complies with data privacy laws worldwide by encrypting each biometric at rest, in transit and in use using one-way fully homomorphic encryption (FHE) as specified in IEEE 2410-2019.

To accomplish this, we use two DNNs that work hand-in-hand to encrypt and classify each biometric. The first DNN is a pre-trained mobile CNN that leverages TensorFlow at the Edge to acquire, pre-process, one-way encrypt (1-way hash) and then discard users’ face, voice and fingerprint biometrics.

The second DNN is a pre-trained FCNN that classifies one-way encrypted biometrics and is capable of processing an unlimited number of identities in constant time using fault-tolerant, elastic Kubernetes™ container(s).

The first and second DNNs are pre-trained in order to allow for rapid processing at the Edge and in the Cloud. Full training for the FCNN takes place in the background.

Enterprise-Grade Microservices Architecture

Start small and scale up to billions of employees, customers and partners without human intervention-- even during peak usage.

Our microservices architecture is composed of three lightweight, elastic Kubernetes™ building blocks (enroll, predict and liveness) that communicate using RESTful APIs. These services provide resilience and scalability, enable customers to go to market faster and easily integrate and deploy with legacy and third-party services.

Private Identity supports full Enterprise directory integration (Azure Active Directory, GCP, AWS, Ping Identity) and SSO using OAuth 2.0/OIDC and SAML 2.0.

Edge Computing

Private Identity encrypts biometrics on the browser or device using an ensemble of TensorFlow™ pre-trained mobile models.

Computing one-way homomorphic encryptions (HE) at the Edge assures full data privacy and confidentiality by never transmitting a plaintext biometric, reduces data flows to the cloud by 99.95%, achieves massive horizontal scalability and allows users to authenticate even when devices cannot reliably connect to a network.

Open Standards

Open Standards foster innovation and competition and reduce cost and complexity. We help lead development of open standards for biometric privacy, cryptography and security and partner with leading organizations to perform full-scope assessments, penetration tests, reviews, audits and IEEE and ISO certifications.

Encryption Standards

W3C Web Authentication (WebAuthn)

Web API that enables the creation and use of strong, attested, scoped, public key-based credentials by Web applications for the purpose of strongly authenticating users.

IEEE 2410-2019 Standard for Biometric Open Protocol

Standard requires use of 1-way fully homomorphic encryption to protect biometrics at rest, in transit and in use.

US DOD Standard Trusted Computer System Evaluation Criteria (TCSEC)

DoD 5200.28-STD. Mandatory for use by all DoD Components in carrying out technical security evaluation activities applicable to the processing and storage of classified and other sensitive DoD information Orange Book.

US ODNI Intelligence Community Directive 503

Protecting Sensitive Compartmented Information Within Information Systems. Applies to all US government organizations, their commercial contractors, and Allied governments information systems that process, store, or communicate intelligence information.

Federal Information Processing Standard (FIPS) 197, Advanced Encryption Standard (AES)

NIST Special Publication 800-21. Guideline for Implementing Cryptography in the Federal Government.


Standard protocols to provide privacy and data integrity between two or more communicating computer applications.

Security- And Safety-Critical Architecture / Standards

DoD Multiple Independent Levels of Security/Safety (MILS) Architecture

Compartmentalized approach to the design of security-critical, safety-critical, high-assurance computing systems

ISO 27001:2013 Information Security Management Standard

Framework includes all legal, physical and technical controls involved in the information risk management processes.

ISO 9001:2015 Quality Management Standard

Standard ensures software meets the needs of customers, other stakeholders and satisfy statutory and regulatory requirements.

OAuth 2.0 / Open ID Connect / SAML 2.0

Standards that cover authorization, federation, identity management and single sign-on (SSO).


Protects User Accounts From Fraud

Biometric MFA protects against data breaches, eliminates password resets and greatly reduces the risk of account takeover fraud, phishing, credential reuse and credential stuffing.

Passwordless Biometric MFA on Any Device

Provides a consistent customer and employee identification and authentication experience across all modern browsers, devices, platforms and channels without hardware to buy or software to install. Enroll once and authenticate everywhere. Allows multiple users per device and multiple devices per user.

Get Employees Up and Running in Minutes

Compatible with Google Cloud Identity, Azure AD, AWS Identity and Access Management (IAM), Ping Identity, Okta,OneLogin, ForgeRock and thousands of other SaaS platforms using OAuth 2.0/OIDC and SAML 2.0.

Face Recognition

Enroll an unlimited number of users. Use encrypted match to determine the identity of an unknown user’s face with 99.78% accuracy in 200ms. Webcams and phones work well. Minimum face resolution is 224x224 pixels and the DNN accommodates most boundary conditions including low light and blurry images.

Speaker Identification

Enroll an unlimited number of users. Use encrypted match to determine the identify an unknown user’s voice with 98.70% accuracy in 600ms. Webcams and phones work well. Requires minimum of 3 seconds of 8.1kHz stereo telephone quality audio. The DNN accommodates most boundary conditions including low quality audio and background noise.

Fingerprint Identification

Enroll an unlimited number of users. Use encrypted match to determine the identity of an unknown user’s fingerprints with 99.9% accuracy in 200ms. Webcams and phones work well. Minimum fingerprint resolution is 224x224 pixels. The algorithm accommodates most boundary conditions including low light and blurry images.

Private User Behavioral Analytics

Enroll an unlimited number of users. Use encrypted match to determine the identity of an unknown user’s behavior with 99.9% accuracy in 200ms. Webcams, phones and watches work well. Behavior data includes 70+ encrypted data points including geolocation, temperature, accelerometer, health monitoring, gyroscope and magnetometer.

Passive & Active Liveness

Ensure that biometrics are only collected from a live human user. Passive liveness includes small muscle movement analysis of eyes, eyebrowses, lips and chin. Active liveness requires the user read out loud a random sentence and then assures that the user spoke the requested words and the user’s voice identity matches the user’s face identity.

High Availability SLA

Have confidence in the availability of Private Identity knowing that the service runs in elastic, fault-tolerant Kubernetes containers on public or private Clouds. We guarantee 99.9% uptime and maintain compliance with international standards and government requirements for privacy, encryption and security.

Multi-Regional Infrastructure

Deploy Private Identity in a specific region or globally using low-latency Cloud infrastructure. Expand the service to additional regions as needed. Private Identity is multilingual and built to serve global audiences.

Automatic Updates

Private Identity automatically updates itself, monitors for issues, adds and removes Kubernetes cubes as user demand changes, and instantly replace cubes that fail.

Accuracy, Scalability & Performance

Users easily enroll on any device and then immediately authenticate across all platforms and devices. Private Identity is scalable, elastic and built to serve global audiences. Delivers massive horizontal scalability and real-time performance using edge computing, CPUs, GPUs and Edge TPUs.

Works With Your Enterprise Directory

Private Identity elegantly integrates with your existing Enterprise directory using OAuth 2.0/OIDC and SAML 2.0.

And Many Others…

System Parameters

Encrypted Search



Encrypted search across unlimited private biometrics (1:Many Open-set Identification)


No Theoretical Maximum

100,000 encrypted searches/sec tested 2/2019 using Google Cloud AI Platform.

Encrypted Match


Identification Rate (IR)


Speed of Template Creation


Template Size


Open-set False Positive Identification Rate (FPIR)


Open-set False Negative Identification Rate (FNIR)


False Negative Matching Rate (FNMR)


False Matching Rate (FMR)


Equal Error Rate (EER)


Technology & Innovation Partners

We actively partner with innovative technology companies to help improve current offerings, create new solutions, build the identity industry and drive new business at a global level.

"We are excited to work with Private Identity to provide private face, voice and fingerprint recognition for our clients. Their team is a pleasure to work with, our customers appreciate their advanced technology and their solutions integrate well into our architecture"

David Coxe CEO, ID DataWeb

About Us

Private Identity LLC is a Washington DC-based AI/cryptography software company that provides one-way, fully homomorphic encrypted biometric identity systems that operate in real time and absolute accuracy. The societal good achieved by solving one-way fully homomorphic encryption is full privacy.

Our underlying technology was developed by a small group of top computer scientists and software developers from around the world with considerable experience in machine learning. We applied our collective knowledge and experience and converged on a solution to homomorphic encryption in early 2018.

We shared our solution with IEEE P2410 Working Group in May 2018 and subsequently helped update the IEEE 2410-2019 Standard for Biometric Open Protocol. Our first cryptography patent was granted in September 2019. Additional patents are pending worldwide.

Key Relationships

“If I have seen further it is only by standing on the shoulders of Giants.”

- Sir Isaac Newton, 1676

Edge Computing

TensorFlow Team

Cloud ML Engine

Alex Lee
Google AI Platform (GCP)

Business Advisory

Richard Fields
Allen & Co

Corporate Law

Intellectual Property


William Leffler


Mike Pollard, ceo

Mike is an entrepreneur experienced in high-growth technology ventures in biometrics, machine learning, big data and security. Prior to co-founding Private Identity, Mike served as VP and General Manager in Thomson Reuters’ healthcare and science business. Prior to this, he served as co-founder and Executive VP of Discovery Logic (acquired by Thomson Reuters), founded and served as CEO and Chair of thinkXML, and founded and served as CEO of Science Management Corp.

Scott Streit, cto

Scott is a highly regarded data scientist focused on cryptography, biometrics, machine learning, cloud computing and cyber security. Scott currently leads “everything technical” at Private Identity, serves as Chair of Biometric Security for IEEE and leads the IEEE 2410 Standard for Biometric Open Protocol. Prior to Private Identity, Scott served as CTO for a large biometrics company, was a research professor for 30 years and supported the US Government for 26 years. Scott has authored several key patents and papers in machine learning, biometrics and authentication.