Biometrics FAQs

Biometrics authentication is the automatic recognition of a living being using suitable body characteristics. By measuring an individual's physical features in an authentication inquiry and comparing this data with stored biometric reference data, the identity of a specific user is determined. There are many different biometric features that can be used for authentication purposes these include fingerprint, signature, iris, retina, DNA or any other unique characteristic. Once a characteristic has been chosen the next stage in the Biometric process is authentication. A biometric feature is saved on to a database. Once the data has been stored, a new scanning of the biometric feature is taken. If the comparison is positive, access to the appropriate application is granted.

By enrolling for biometrics, we will be able to speed up lunch services which will mean less queuing in the canteen. With less queues, more students are likely to enter the canteen.  FSM students will remain anonymous which will encourage these students to come and have a hot meal.  There is no need to worry about the method of payment getting lost, as the data is stored on the fingerprint.

By taking an image of your child’s fingerprint we can turn this information into a digital signature. This unique image will then be used to replace their current swipe card. Other methods of identification can often lead to problems and misuse – cards passed around amongst students and they can also be regularly left at home or forgotten.

You are still able to use your ID Cards and this is still the current method of identification for using the printers and signing in for Sixth Form students. You will still be able to use this method if you do not consent to Biometrics. We recommend that you enrol for Biometrics for Cashless Catering as ID Cards can often lead to problems and misuse – cards can be passed around amongst students and are regularly left at home or forgotten. Replacement cards are available via Wisepay Products at a cost of £1.

When the student places their finger on the scanner, the software matches their fingerprint with the unique digital signature held in the database. iDStore does not store images of fingerprints on its system, and never will. Only mathematical representations of certain points of a finger image are recorded, typically between ten and sixty depending on the characteristics of the finger. This mathematical data is encrypted and is called a template. The data is extremely secure in its encrypted form, and even if it were not encrypted it would be impossible to recreate the original fingerprint image from the stored data.

The iDstore system only allows for one finger to be scanned. We recommend enroling either your index or middle finger. You should avoid using the thumb, ring or little finger for enrolment as these fingers are often too difficult to correctly position on the fingerprint sensor and often result in poorer quality fingerprint reads. The initial scan process involves placing the finger on the scanner three times.  If the scan does not meet the required level then we would ask you to repeat this process.

The amount of information retained is sufficient to identify an individual from a specific database such as in a school using a special algorithm, but is totally inadequate for forensic use and could not be used in a court of law to prove identity from the general public. The standards for forensic matching are very much higher and require the original fingerprint image which is never stored in our system.

The iDStore database is stored within SQL Server. This is a common database engine used by a huge number of enterprise level systems. The data files cannot be read outside of SQL Server and SQL Server is always password protected. Beyond this, the fingerprint data points, as stated previously, are stored in the database in an encrypted format. This SQL Server instance is always kept within the school. It is not stored on an internet based server or offsite.The iDStore database is protected by a licence key, meaning that the database and any backup of its contents can only be accessed on licensed hardware. The hardware is stored in the school’s own secure facility, so that the encrypted data is only available to the registered licensee. Even if a school’s security were to be compromised and a backup of the database stolen, the encrypted data would still be unreadable, even by another school. The data points are encrypted before being stored in the iDStore database. The encryption standard used for encrypting the data points is AES 256 with the symmetric key being stored in RSA 204

When a student leaves the Academy all biometric information captured will be permanently deleted.

Rules around the use of such data have recently changed -

We are now required to obtain consent from one parent/carer for collection and use of fingerprint data for all students under 18 years of age.

The pupil has a right to object and overrule the parent’s consent to processing if they wish to.

We will be collecting the biometric scan from students that have consent during the Summer term so they can start using the new system from the 1 Sep 2023.

The Academy is still using Wisepay as the method for adding funds to Catering, Trips and products. FSM allowances are still credited to the students catering account each day. Please see the Wisepay page on our website for further information.