The No-Storage Solution: How Organizations are Rethinking Biometric Security

By Hiroki Uchiyama, Director and Head of Security Innovation Lab, Hitachi America R&D

Biometric security’s greatest strength—permanence—is also its biggest flaw. Unlike passwords, you can’t change your fingerprint. So when biometric data is compromised, the risk—and liability—is permanent.

Financial institutions have long wrestled with this paradox. They aim to deliver seamless authentication, but customers remain wary of handing over unchangeable biometric data. Storage-based systems only heighten this tension by turning every saved template into a potential breach target.

The Storage Dilemma

Traditional biometric systems follow a simple formula: capture features during enrollment, store a mathematical template, and compare future inputs against it. Technically effective, this method creates a critical vulnerability.

In a typical banking scenario, a customer enrolls a fingerprint, which is processed into a template and stored on a smart card or secure server. At login, the system compares a new scan to the stored data. If the match exceeds a threshold, access is granted.

But the stored template—a permanent mathematical representation of a person—is the problem. Encrypting it may delay a breach, but it doesn’t erase the fundamental risk: you’re storing something that should never exist.

From a cryptographic lens, it’s like keeping a master password that can never be changed. The more layers of defense we add, the more we're compensating for a flaw we could instead eliminate.

Rethinking Cryptographic Assumptions

At Hitachi, we asked a foundational question: “Why store anything at all? What if cryptographic keys could be generated directly from biometric input, with nothing left behind?”

This led to our development of the Public Biometric Infrastructure (PBI). Unlike the store-and-compare model, PBI operates on a generate-and-discard principle. During enrollment, biometric data is used to generate a public-private key pair. The private key is discarded, and only the public key is retained.

For authentication, the biometric data is recaptured, and the private key is regenerated on demand. Once authentication is complete, the key is deleted entirely.

This is made possible by fuzzy extractor algorithms, which account for natural variations, such as finger positioning, lighting, and skin dryness, by applying error correction codes. The system doesn’t match templates; it regenerates cryptographic keys from similar-but-not-identical inputs.

Solving the Fuzzy-to-Digital Challenge

The central technical challenge—converting noisy biological signals into stable cryptographic keys—has long been a holy grail in the field. Our PBI system solves this problem by identifying the most stable features of a biometric system and generating error correction data during enrollment.

This error correction data, along with the public key, is stored—but it can’t be used to reconstruct the original biometric or private key. During authentication, the system extracts features from the live input, applies the correction data, and regenerates the same private key. The result: stable, secure authentication without ever storing sensitive biometric data.

Real-World Validation

Theoretical advances only matter when proven in practice. We’ve been working with regional banks and other businesses in Japan to apply PBI in real-world conditions.

Regional banks have been ideal early adopters, thanks to their agility compared to mega-banks. PBI integrates easily with existing systems because it operates within standard Public Key Infrastructure (PKI) frameworks. At the endpoint, typically an ATM, biometric data is captured, used to generate cryptographic keys, and then discarded after secure communication is completed.

From the user’s perspective, it’s simple: place a finger on a sensor and conduct your transactions—no cards required. Behind the scenes, cryptographic keys authenticate the user and then vanish.

The customer response has been overwhelmingly positive. Beyond convenience, users appreciate knowing their biometric data isn’t stored, and therefore can’t be stolen.

Integration and Implementation

PBI enhances existing infrastructure rather than replacing it. Banks retain their PKI systems and hardware security modules. Implementation involves upgrading endpoints with compatible biometric sensors and configuring backend systems to accept dynamically generated keys.

This compatibility is essential in conservative sectors, like banking, where institutions are reluctant to overhaul core architecture.

Cost and Compliance Benefits

The financial implications are significant. Traditional systems carry heavy costs for card issuance, secure storage, and regulatory compliance. Consider the numbers: issuing a single smart card costs roughly 20 dollars and requires renewal every five years for a bank with 100,000 customers. That translates to 2 million dollars in upfront issuance costs alone, plus ongoing renewal expenses.

More critically, these systems require constant investment to stay ahead of evolving threats and changing privacy laws.

PBI eliminates these expenses. No stored templates mean no databases to secure, no breach risk to mitigate, and dramatically reduced compliance burdens.

The benefits extend to operations as well. With PBI, account setup can take just a day or two— compared to one or two weeks under card-based systems.

Beyond Banking

PBI is already being deployed in Japan outside of banking.  Tobu Railway, one of Japan’s largest private railways, looks to implement our biometric authentication systems for payments across its affiliated retail and commercial facilities.  Customers simply place a finger on a sensor to pay. No cards or smartphones required.

The longer-term vision is global. While we have to address local regulations, imagine registering once in the U.S. and using your biometric to authenticate purchases or sign documents in Japan, Europe, or India. Not because your data travels, but because the cryptographic method is universal. Your body becomes a secure, portable key generator, wherever PBI is supported.

The Paradigm Shift

PBI marks a complete paradigm shift from storage-based to generation-based security. This shift breaks the old stalemate between security and convenience—the tradeoff that's held back biometrics in high-stakes settings for years.

The technology is real, and the payoff is hard to ignore. As businesses worldwide grapple with increasing breach costs and tightening privacy regulations, the question isn't whether this approach will eventually dominate—it's whether organizations will lead the transition or follow from behind.

PBI represents the future of biometric security. The mathematics are sound, the deployments are successful, and the benefits are undeniable. Above all, it solves the storage problem plaguing biometric authentication, delivering “worry-free” transactions—a promise that organizations can finally make and mean.