Securing Biometric Data in Transit
How PunchConnect encrypts attendance data end-to-end — TLS 1.3, AES-256 at rest, HMAC-SHA256 webhook signatures, and why it matters for compliance.
Why security matters for biometric data
Biometric attendance data includes personal identifiers — fingerprint templates, face recognition data, and employee records. In many jurisdictions (GDPR, POPIA, PDPA), this is classified as sensitive personal data with strict handling requirements.
A breach of biometric data is particularly severe because, unlike passwords, you can't change your fingerprints.
Encryption in transit
All communication between devices and PunchConnect uses TLS 1.3. The ZKTeco push protocol runs over HTTPS, ensuring that attendance data, employee records, and device commands are encrypted in transit.
Webhook deliveries to your server also require HTTPS. PunchConnect will not deliver webhooks to plain HTTP endpoints in production mode.
Encryption at rest
All data stored in PunchConnect's database is encrypted using AES-256. This includes attendance records, employee data, device configurations, and webhook logs.
Database backups are also encrypted, and access is restricted to automated systems with rotating credentials.
Webhook signature verification
Every webhook delivery includes an X-PunchConnect-Signature header containing an HMAC-SHA256 hash of the payload, computed using your webhook secret.
Your server should verify this signature before processing any webhook. This prevents attackers from sending fake attendance events to your endpoint.