PrivateId Logo

DELETE (Biometric Data Deletion)

Purpose

The DELETE operation is designed to irrevocably purge a user’s enrolled biometric data and all associated cryptographic tokens from the system. This operation is critical for:

  • Regulatory Compliance: Ensures that biometric data is deleted in accordance with privacy regulations (e.g., GDPR, CCPA).
  • Minimizing Attack Surface: Eliminates stored tokens and metadata to prevent future exploitation.
  • Data Lifecycle Management: Supports transient verification policies by removing data after use.

Operational Overview

When a DELETE request is initiated, the following steps occur:

  1. Credential Verification: The system authenticates the request using x_api_key, clientID, and clientSecret (or SLC) to confirm authorization.

  2. User Record Identification: The user is identified via their UUID, precisely targeting biometric and token data for deletion.

  3. Secure Data Purging: The system employs cryptographically secure deletion techniques. This involves overwriting memory buffers and invoking secure deletion routines on persistent storage, thereby ensuring that no residual data or cryptographic artifacts remain recoverable.

  4. Audit Logging: An immutable audit log entry is generated for the deletion event. This log contains non-sensitive metadata (such as transaction ID and device information) to support compliance and forensic analysis, without exposing any raw biometric data.

POST/v2/verification-session

Endpoint

POST /v2/verification-session

Expanded Request Body

The DELETE request includes additional parameters for enhanced traceability and secure operation. Below is a detailed JSON schema for the request:

{
  "type": "DELETE",
  "redirectURL": "https://your-app.com/deletion-callback",
  "callback": {
    "url": "https://your-api.com/webhook",
    "headers": {
      "authorization": "Bearer YOUR_TOKEN"
    }
  },
  "transactionID": "txn-delete-445566",
  "deviceInfo": {
    "os": "Windows 11",
    "model": "Dell XPS 15",
    "resolution": "1920x1080"
  },
  "auditTag": "user-initiated-deletion",
  "sessionExpiry": 600
}

Parameter Details

  • Name
    type
    Type
    (String, Required)
    Description

    Must be "DELETE" to denote the deletion operation.

  • Name
    uuid
    Type
    (String, Required)
    Description

    User's unique identifier established during registration.

  • Name
    redirectURL
    Type
    (String, Required)
    Description

    Client-side redirect URL after deletion completes.

  • Name
    callback
    Type
    (Object, Required)
    Description

    Contains configuration for the webhook that delivers asynchronous authentication results.

      • Name
        url
        Type
        (String)
        Description

        Endpoint for receiving webhook notifications.

      • Name
        headers
        Type
        (Object)
        Description

        Additional headers (e.g., authorization) for securing the callback endpoint.

  • Name
    transactionID
    Type
    (String, Optional)
    Description

    Client-generated ID for tracking the deletion event.

  • Name
    deviceInfo
    Type
    (Object, Optional)
    Description

    Client device metadata: OS, model, and resolution.

  • Name
    auditTag
    Type
    (String, Optional)
    Description

    Categorization tag for the audit trail.

  • Name
    sessionExpiry
    Type
    (Integer, Optional)
    Description

    Expiration duration for this session (in seconds).

  • Name
    debugMode
    Type
    (Boolean, Optional)
    Description

    Enable detailed logs (disable in production).

Success Response

A successful DELETE operation returns a JSON payload confirming the deletion, including an audit tag for reference:

{
  "message": "Success!",
  "status": "success",
  "sessionId": "dac57c75-0ed8-40fa-b40e-f0620dbb9444",
  "identificationResult": {
    "uuid": "123e4567-e89b-12d3-a456-426614174000",
    "auditTag": "user-initiated-deletion",
    "status": "deleted"
  }
}

Cryptographic Considerations

  • Secure Erasure: The deletion process employs cryptographic erasure techniques to overwrite any stored tokens and biometric data. This ensures that, even if storage media are compromised later, no recoverable data remains. recovery impossible.

  • Data Purging: Raw biometric data and associated cryptographic tokens are purged from volatile memory immediately after the deletion command is executed. Secure deletion routines ensure that the data is not recoverable by any subsequent process.

  • Audit Trail Integrity: Deletion events are logged in an immutable audit trail. Although sensitive biometric data is not recorded, metadata such as transaction IDs and device information is cryptographically signed to prevent tampering and ensure traceability.

Was this page helpful?