HumanAuthn vs UR Codes
A New Generation of Privacy-Preserving Identityβ
Biometric identity systems have evolved over the last two decades. The first large-scale implementation appeared in biometric e-passports (2005), which stored facial data inside NFC chips signed by issuing authorities. While secure, these systems were costly, hardware-dependent, and difficult to deploy widely.
To address these limitations, UR Codes introduced digitally signed QR-based identity containers that store facial data and identity attributes in a portable barcode. This reduced hardware requirements and enabled offline verification.
HumanAuthn represents the next evolution. Instead of storing biometric data at all, HumanAuthn uses biometric-conditioned cryptography to regenerate keys in real time, enabling identity verification without storing biometrics, templates, or private keys.
What Is HumanAuthn?β
HumanAuthn is a biometric-conditioned cryptographic primitive that generates HumanData-based identity containers without storing biometric data.
Instead of storing face templates, HumanAuthn:
- Generates high-entropy randomness
- Uses live biometric input
- Reconstructs ephemeral keys
- Decrypts encrypted metadata
- Authenticates via successful decryption
Authentication becomes:
human presence β key regeneration β decryption β identity proof
No biometric data is stored. No templates. No persistent keys.
This is human-anchored cryptographic identity.
How Identity Proof Differsβ
| UR Codes | HumanAuthn | |
|---|---|---|
| Model | Face matching | Key regeneration |
| Biometric storage | Stored in QR | Never stored |
| Trust anchor | Issuer | Human presence |
| Authentication | Compare face | Decrypt with regenerated key |
| Keys | Issuer-signed | Ephemeral |
| Matching database | Not required | Not required |
| Identity proof | Signature + match | Successful decryption |
Privacy Preserving Architectureβ
UR Codes improve over traditional KYC by moving identity verification offline, but they still store biometric data inside the QR container.
HumanAuthn eliminates biometric storage entirely.
UR Codesβ
- Store face data
- Store identity attributes
- Issuer-signed
- Reusable identity artifact
HumanAuthnβ
- No biometric storage
- No identity attributes required
- No issuer dependency
- Non-comparable identity artifacts
HumanAuthn minimizes data exposure and reduces identity leakage risks.
Security Architecture Comparisonβ
| Feature | UR Codes | HumanAuthn |
|---|---|---|
| Biometric Storage | Yes | No |
| Private Keys Stored | Issuer | No |
| Ephemeral Keys | No | Yes |
| Offline Verification | Yes | Yes |
| Device Independence | Yes | Yes |
| Credential Correlation | Possible | None |
| Central Authority | Required | Optional |
| Encrypted Metadata | Optional | Native |
| Zero Knowledge Property | No | System-level |
| Trust Anchor | Issuer | Human |
| Cryptography | Signature verification | ECDSA secp256k1 + entropy |
| Replay Risk | Possible | None |
| Matching Required | Yes | No |
HumanAuthn Advantages over UR Codesβ
No Biometric Storageβ
UR Codes store biometric data. HumanAuthn stores none.
This eliminates:
- Biometric database risks
- Template leakage
- Identity cloning
No Issuer Dependencyβ
UR Codes depend on identity issuers. HumanAuthn works without them.
This enables:
- Self-sovereign identity
- Decentralized authentication
- Permissionless identity creation
Ephemeral Key Securityβ
UR Codes:
- Static identity container
- Reusable artifact
HumanAuthn:
- Regenerates keys per session
- No keys at rest
- No persistent secrets
Unlinkable Identitiesβ
UR Codes:
- Same identity reused
HumanAuthn:
- Fresh cryptographic identity
- Unlinkable credentials
Cryptographic Authentication vs Matchingβ
UR Codes rely on biometric comparison. HumanAuthn uses cryptographic key reconstruction.
This removes:
- Matching thresholds
- False positives
- Template similarity attacks
Evolution of Biometric Identityβ
2005 β Biometric e-Passports
Stored biometric templates in NFC chips
β
UR Codes
Stored biometric templates in signed QR codes
β
HumanAuthn
No biometric storage.
Identity derived from human presence.
The Shift from Stored Identity to Human-Conditioned Cryptographyβ
UR Codes improved identity portability. HumanAuthn removes stored identity entirely.
- UR Codes store identity.
- HumanAuthn reconstructs identity.
- UR Codes verify who you are.
- HumanAuthn proves only you can decrypt.
Summaryβ
UR Codes modernized biometric identity by moving it from NFC chips to QR containers. HumanAuthn goes further by removing biometric storage entirely and replacing matching with cryptographic key regeneration.
HumanAuthn introduces:
- Human-rooted trust
- No biometric storage
- Ephemeral keys
- Offline verification
- Unlinkable identities
- ECDSA secp256k1 cryptography
- SensePrint-based identity containers
This represents the next evolution of biometric identity β from stored templates to human-conditioned cryptographic authentication.