Biometric identity,
handled like infrastructure.
Ports run on contracts, audits and accountability. ports.io is built around the same expectations — encryption, isolation, retention, consent, signed ingest.
Six commitments.
Vector, not face
What crosses the wire is a 512-d embedding, not a raw face crop. Embeddings are not reversible to a usable image.
Per-tenant isolation
Every row in every table carries an org_id. Row-Level Security policies, backed by a security-definer membership function, enforce isolation at the database layer.
Audit by default
Every administrative mutation writes to an append-only audit log. Identity events themselves are immutable and traceable to a track_id and source camera.
Retention controls
Per-org policy controls how long raw frames, embeddings and events are retained. Hard delete and right-to-be-forgotten flows are built in.
Consent records
Each enrolled worker carries a signed consent record with type, granted-at, revoked-at and signer. Recognition skips workers without active consent.
Signed ingest
Edge cameras / workers post detections through HMAC-SHA256 signed endpoints with a 5-minute clock window. Per-camera secrets, rotated independently.
Aligned with DPDP, GDPR and BIS expectations for biometric processing.
- ◆Encrypted-at-rest storage for embeddings and documents
- ◆Encrypted-in-transit ingest (TLS) with HMAC-signed payloads
- ◆Per-tenant data isolation via Postgres RLS
- ◆Append-only audit log with admin-grade visibility
- ◆Configurable retention windows per data class
- ◆Documented data-subject deletion workflow