TACEO:Match Overview
TACEO:Match is a service on the TACEO network for biometric feature matching in MPC. It evaluates biometric comparisons directly on secret shares, so no plaintext template is ever reconstructed by any node, any server, or TACEO itself.
What Problem Does It Solve?
The Challenge: Biometric data is irrevocable. You can rotate a password or a key; you cannot rotate your iris or your palm. Any architecture that centralizes biometric templates creates a permanent liability - a breach doesn't affect one user, it affects every enrolled user, forever. Sending raw templates to a verification server requires trusting that server completely, with data that can never be changed if that trust is violated.
The Solution: TACEO:Match distributes the comparison across independent MPC nodes on the TACEO Network. No single node holds a meaningful fragment of any template. Matching runs on secret shares, and the only output is the comparison result - never the underlying biometric data.
How TACEO:Match Works
Key Features
- Secret-share enrollment: Templates are split on the user's device before they leave. No complete template exists outside the device.
- Comparison on shares: Matching functions (e.g. Hamming distance for iris codes) are evaluated directly on shares. No node reconstructs the template.
- Threshold security: Results require cooperation of a threshold of independent nodes. No single party can produce or manipulate a result unilaterally.
- Biometric-modality-agnostic: Iris codes today; extensible to other distance-based biometric representations.
Who Should Use It?
Identity Protocol Teams
Building uniqueness systems, sybil-resistance infrastructure, or anonymous identity verification where biometric templates cannot be centralized.
Biometric Verification Providers
Offering cross-organization deduplication or uniqueness checks without requiring any party to hold the underlying templates.
Enterprise Developers
Running population-scale matching or compliance screening across organizational boundaries, where centralizing sensitive biometric data is not acceptable.
Common Use Cases
Population-Scale Uniqueness / Sybil Resistance
Problem: Checking uniqueness across a large enrolled set requires comparing against stored templates - centralizing them creates an unacceptable breach risk.
Solution: TACEO:Match compares against the enrolled set without centralizing templates or revealing which record matched.
Used in: Proof-of-uniqueness systems, anonymous credential issuance, sybil-resistant voting
Cross-Organization Deduplication
Problem: Multiple organizations want to detect shared or duplicate identities, but cannot legally or practically share their biometric databases with each other.
Solution: Organizations contribute to a joint MPC computation. The check runs on secret shares; no party sees another's templates or learns individual match results beyond the joint output.
Used in: Cross-border identity verification, financial compliance, fraud detection consortiums
Anonymous Identity Verification
Problem: Verifying that a biometric matches an enrolled identity requires revealing which identity it is - breaking anonymity.
Solution: The MPC nodes verify a match against an enrolled set and return only a boolean result. The verifier learns that a match exists, not which identity matched.
Used in: Anonymous credential systems, private age/eligibility verification, privacy-preserving KYC
Next Steps
- Understand the cryptographic foundations? Read the Concepts guide.
- Evaluating for an identity use case? Start with Confidential Biometrics.
The Identity Solutions → Confidential Biometrics section presents this service in a product context - start there if you are evaluating TACEO for a biometric verification use case.