-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(service): add face-id service document
Signed-off-by: samzong <samzong.lu@gmail.com>
- Loading branch information
Showing
2 changed files
with
98 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,51 @@ | ||
| # Face Information Processing Rules | ||
|
|
||
| !!! Warning | ||
|
|
||
| **NOTICE: This English version is for reference only. The Chinese version shall prevail if there is any inconsistency.** | ||
|
|
||
| > Update Date: February 12, 2025 | ||
| > Effective Date: March 1, 2025 | ||
| Shanghai DaoCloud Network Technology Co., Ltd. (hereinafter referred to as "we") highly values the protection of users' (hereinafter referred to as "you") facial information. This "Face Information Processing Rules" (hereinafter referred to as "these Rules") aims to explain our specific rules for processing and protecting facial information, which forms part of the [Real-name Authentication Service Description](./name.md). | ||
|
|
||
| Before using the real-name authentication service, please carefully read and fully understand the terms of these Rules. Your active confirmation of these Rules through checkbox selection or other means and subsequent use of related services indicates your acceptance of all contents of these Rules. If you do not agree with these Rules, please stop using related services immediately. | ||
|
|
||
| ## Definitions | ||
|
|
||
| 1. **Facial Information**: Refers to facial images, videos, and derived facial feature recognition data collected for identity verification or identification purposes. | ||
| 2. **Authoritative Data Source**: Refers to government-authorized identity authentication platforms established by law, including but not limited to the Public Security Bureau's Citizen Network Identity Authentication System and other statutory data sources. | ||
| 3. **Authentication Service Provider**: Refers to Alipay (China) Network Technology Co., Ltd. and its affiliates, providing facial recognition technical capabilities required for this service. | ||
|
|
||
| ## Processing Purposes | ||
| 1. **Real-name Authentication**: Verify the consistency between the d.run account holder and the real-name authentication subject through facial information comparison. | ||
| 2. **Account Security**: Use facial recognition technology for identity verification to ensure account operation security. | ||
|
|
||
| ## Processing Methods | ||
| 1. **Information Collection**: Access device camera permissions to collect facial images/videos in real-time, which are only used for single authentication process. | ||
| 2. **Technical Implementation**: Use Alipay's financial-grade facial recognition technology to perform real-time feature comparison between collected data and authoritative data sources (comparison process not exceeding 30 seconds). We do not store any original facial images, videos, or biometric templates. | ||
| 3. **Third-party Processing**: Facial data generated during authentication is processed by Alipay according to the [Alipay Facial Recognition Authentication Service Agreement](https://render.alipay.com/p/f/fd-j8mezje2/index.html). We only receive authentication results (pass/fail). | ||
|
|
||
| ## Data Management | ||
| 1. **Transmission Security**: Uses SSL/TLS 1.2 or above protocols for end-to-end encrypted transmission, complying with GM/T 0024-2014 cryptographic industry standards. | ||
| 2. **Data Retention**: Unless otherwise stipulated by laws and regulations, we do not store original facial images, videos, or biometric feature data, only retaining encrypted authentication results with timestamps. | ||
|
|
||
| ## Security Protection | ||
| 1. **Technical Safeguards**: Has obtained Level 3 Network Security Protection Certification (MLPS 3.0) and ISO/IEC 27001:2022 certification, deploying multiple protection mechanisms including: | ||
| 1. Dynamic key management | ||
| 2. Anti-replay attack mechanism | ||
| 3. Liveness detection defense | ||
| 2. **Rights Exercise**: Regarding personal information (including facial information) management rights and exercise methods, please refer to the relevant provisions in the [Real-name Authentication Service Description](./name.md). | ||
|
|
||
| ## User Obligations | ||
| 1. **Account Management**: You should properly maintain terminal devices and account credentials. All operations performed through facial verification are considered personal actions and bear corresponding legal responsibilities. | ||
| 2. **Risk Notification**: If unauthorized facial information submission is discovered, contact us immediately through official channels. | ||
|
|
||
| ## Contact Us | ||
| For questions about facial information processing or to exercise personal information rights, you can [contact us](../contact) through official channels. | ||
| For authentication technology-related issues, please directly consult Alipay customer service: 95188 | ||
|
|
||
| ## Supplementary Provisions | ||
| 1. **Rules Update**: We may revise these Rules from time to time. Revised content takes effect after appropriate notification and is not retroactive. | ||
| 2. **Conflict Resolution**: Matters not covered by these Rules shall be governed by the [Real-name Authentication Service Description](./name.md). In case of conflicts between different language versions, the Simplified Chinese version shall prevail. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
| # 人脸信息处理规则 | ||
|
|
||
| > 更新日期:2025年2月12日 | ||
| > 生效日期:2025年3月1日 | ||
| 上海道客网络科技有限公司(以下简称"我们")高度重视用户(以下简称"你")的人脸信息保护。本《人脸信息处理规则》(以下简称"本规则")旨在说明我们处理和保护人脸信息的具体规则,相关内容构成[《实名认证服务说明》](./name.md)的组成部分。 | ||
|
|
||
| 在使用实名认证服务前,请仔细阅读并充分理解本规则条款。你通过主动勾选等方式确认同意本规则并使用相关服务,即视为接受本规则的全部内容。如不同意本规则,请立即停止使用相关服务。 | ||
|
|
||
| ## 定义 | ||
|
|
||
| 1. **人脸信息**:指基于身份验证或识别目的所收集的人脸图像、视频及其衍生生成的面部特征识别数据。 | ||
| 2. **权威数据源**:指依法设立的政府授权身份认证平台,包括但不限于公安部公民网络身份识别系统等法定数据源。 | ||
| 3. **认证服务商**:指支付宝(中国)网络技术有限公司及其关联方,提供本服务所需的人脸识别技术能力。 | ||
|
|
||
| ## 处理目的 | ||
| 1. **实名认证**:通过人脸信息比对验证d.run账号持有者与实名认证主体的一致性。 | ||
| 2. **账号安全**:运用人脸识别技术进行身份核验,保障账号操作安全性。 | ||
|
|
||
| ## 处理方式 | ||
| 1. **信息采集**:调用设备摄像头权限实时采集人脸图像/视频,该数据仅用于单次认证流程。 | ||
| 2. **技术实现**:通过支付宝的金融级人脸识别技术,实时将采集数据与权威数据源进行特征比对(比对过程不超过30秒),我们不会存储任何原始人脸图像、视频及生物特征模板。 | ||
| 3. **第三方处理**:认证过程中产生的人脸数据由支付宝按照[《支付宝人脸识别认证服务协议》](https://render.alipay.com/p/f/fd-j8mezje2/index.html)进行处理,我们仅接收认证结果(通过/不通过)。 | ||
|
|
||
| ## 数据管理 | ||
| 1. **传输安全**:采用SSL/TLS 1.2及以上协议进行端到端加密传输,符合GM/T 0024-2014密码行业标准。 | ||
| 2. **数据留存**:除法律法规另有规定外,我们不会存储人脸原始图像、视频及生物特征数据,仅保留包含时间戳的加密认证结果。 | ||
|
|
||
| ## 安全保护 | ||
| 1. **技术保障**:已通过网络安全等级保护三级认证(等保3.0)及ISO/IEC 27001:2022认证,部署多重防护机制包括: | ||
| 1. 动态密钥管理 | ||
| 2. 防重放攻击机制 | ||
| 3. 活体检测防御 | ||
| 2. **权利行使**:关于个人信息(含人脸信息)的管理权利及行使方式,请参见[《实名认证服务说明》](./name.md)相关规定。 | ||
|
|
||
| ## 用户义务 | ||
| 1. **账号保管**:你应妥善保管终端设备及账号凭证,凡通过人脸验证进行的操作均视为本人行为,需承担相应法律责任。 | ||
| 2. **风险告知**:如发现非本人授权的人脸信息提交行为,应立即通过官方渠道联系我们。 | ||
|
|
||
| ## 联系我们 | ||
| 如对人脸信息处理有疑问或需行使个人信息权利,可通过官方渠道[联系我们](../contact.md)。 | ||
| 认证技术相关问题请直接咨询支付宝客服:95188 | ||
|
|
||
| ## 附则 | ||
| 1. **规则更新**:我们可能不时修订本规则,修订内容通过适当方式公示后生效,且不溯及既往。 | ||
| 2. **冲突解决**:本规则未约定事项以[《实名认证服务说明》](./name.md)为准,不同语言版本冲突时以简体中文版为准。 |