Security at Wicket
Wicket restores trust in the use of biometric identification by keeping data security at the forefront of our products and following industry best practices related to system security.
Consent
100% opt-in
To use Wicket facial authentication, all users must explicitly opt in prior to uploading an image into our system. All users can opt out at any time. Depending on the customer’s requirements, all captured data is purged on
a scheduled basis. In all cases where Wicket makes a decision on a non-registered User, that data is non-identifiable and is not used by Wicket except to match that person against a registered User.
AUDIENCE
Audience analysis falls reasonably within the bounds of what is already being captured by existing sensors and cameras at customer venues and is anonymized and, therefore non-identifiable.
DENSITY
Density analysis is based on non-identifiable features and is used strictly for a real-time count of the number of people in an area.
PUBLISH
Publish is used for display purposes only and does not use cameras or sensors to collect any identifiable data.
Data Privacy & Security
ALWAYS ENCRYPTED
In all product cases, all decisions and analyses are made locally (i.e., Edge-Decision) on the device instead of sending data back and forth to a cloud server (i.e., Cloud-Decision). Local decisions help minimize the possibility of information being intercepted. Additionally, all data is encrypted at industry standard levels at rest and in transit.
Algorithm Bias
FIGHTING BIAS
Wicket algorithms are developed and optimized in-house by our team of scientists in Cambridge, MA, and are designed to address bias. We submitted to NIST testing, viewed as the industry gold standard. The results show Wicket has a 99.7% accuracy rate across all demographic categories and is top 3 for accuracy of matched decisions in the U.S.
Personally Identifiable Information
ONLY WHEN NEEDED
Wicket only captures and stores PII for the stated use of our products and minimizes exposure of this Customer and User data at all times. This data is never sold, transferred, or otherwise utilized for any third-party purpose aside from our core products or partner integrations.
ACCESS
All PII is directly provided by the Customer or User. PII is then translated from an image to a mathematical representation of the face for identification.
AUDIENCE
Wicket does not identify or associate an image used for demographic and audience analysis with any individual or their PII.
DENSITY
Density does not capture, analyze or store any PII data, and instead identifies key features such as arms and legs.
PUBLISH
Publish is used for display purposes only and does not use cameras or sensors to collect any identifiable data.
Infrastructure Security
A SECURE STACK
Wicket utilizes Amazon Web Services and embedded security products within their trusted ecosystem to host and deploy our applications using containers run on AWS managed services. Wicket also uses Alert Logic, a managed detect and respond provider for threat and intrusion detection.
Application Security
THIRD-PARTY APPROVED
Wicket performs ongoing third-party penetration tests from trusted security vendors. Wicket also uses static code analysis tooling to secure our product at every step of the development process.
Data & Image Retention
CUSTOMER-CONTROLLED DATA
Wicket products require that different data and images be captured and held for varying time frames, depending on the customer’s use case. Data is only stored for the purpose of the product and is automatically purged according
to the data policies of Wicket customers for the intended use of that data.
access
Images of the faces of individuals that present themselves to an Access touch-point are captured and retained for logging purposes. This data is purged from the system according to the specified data configuration
of the customer.
AUDIENCE
Only ‘crop images’ are captured for Audience data analysis. All images are purged following analysis, and no additional data or information is captured, sought, or retained about any individual.
DENSITY
No images or PII is captured as part of Density analysis.