(2026-05) VeinoCert; Binding an Object to an Owner
2026-05-18
We define a protocol by which we can recognize if a person is the owner of an object. The object can, for instance, be an official document such as a diploma. In our model, the object has an attached RFID chip. The owner is enrolled when the document is created and the chip is attached. Later on, public verifying terminals can verify if a person is the enrolled owner by means of biometric recognition. Hence, the terminal must scan both the chip and the person. As an implementation demonstrator, we use fingervein biometry. Our system can also be used for access control to an online repository to get more information and services related to the object. We require strong security and privacy levels such as: a secure owner recognition and access limited to the legitimate owner holding the right document, the principle of least privilege, and no storage of biometric data at rest. Our solution relies on an inexpensive off-the-shelf RFID chip.