Hi there Clive🙋

We are legally required to share certain data with the Tax Authorities. This data might be

shared internationally by the Tax Authorities. We can compare your data with data from

external sources to control risks and prevent fraud. For more information about how biometric data is stored and employed you can read our 'Privacy Statement' here👍For any further questions you can always get in touch with us here or with one of our guides in the chat in the app😊

Cheers!

Hi! Elk bedrijf in Nederland (maar ook hierbuiten) is verplicht wanneer er een gerechtelijk bevel is, alle mogelijke informatie te geven die kan helpen een onderzoek van de belastingdienst/politie op te lossen. Dit zijn transacties en opgeslagen data bij bunq, berichten naar je ex bij whatsapp en bv. alle locatiedata van Facebook.

English translation for his comment:

"Hi! Every company in the Netherlands (but also here outside) is obliged when there is a court order, to give all possible information that can help to solve an investigation by the tax authorities / police. These are transactions and stored data with bunq, messages to your ex with whatsapp and eg all location data from Facebook."

Dutch citizens can legally request bunq to share ("inzageverzoek persoonsgegevens") all information that they store about them (the customer). If bunq stores biometric data then they need to share information about this (what, how) with you. You need to refer to article 35 sub 2 "Wet bescherming persoonsgegevens" for the legal framework surrounding your request.

I also find this concerning. This is why Apple has TouchID/FaceID setup in such a way as the apps themselves have no access to the biometric data and the data is only stored locally on an ‘encrypted enclave’. Apple couldn’t provide the biometric data to any other 3rd party even if they wanted to. I’m puzzled as to why bunq have created their own solution instead of using the more secure solutions like TouchID/FaceID which are better in every single way and do not compromise privacy.

Obviously I use an iPhone and can’t speak to the Android situation, but I’m sure it’s somewhat similar?

The hand ID is a novel solution and another example of bunq’s fantastic innovative culture. However, in this case I feel they were overly eager to be different from other banks and it has hurt themselves. It’s the one part of bunq that makes no sense(at least to me).

It is possible to use bunq without using your fingerprints or your hand at all.

Besides that, bunq doesn't store your fingerprints at all, at least on iOS. Which system are you using?

How do we know? I hear my camera making a shutter sound. This means a picture is taken. I assume the picture is send to the Veridium servers. How do we know wether bunq or Veridium stores this picture?

I would like to edit my answer seeing that it may have caused some confusion, and emphasise the fact we share certain data with the Tax Authorities. However, this does not include biometric data. More information about how we employ your biometric data and how we store it can be found here 👍

Hi all,

I would like to clarify Steffany's response to Clive's question.

To make sure the biometric authentication works, we have to gather biometric data. All data is gathered, stored and processed in accordance with the law.

In our Privacy Statement you can read what data we collect and what we do with this data. You can find our Privacy Statement here.

In short, this comes down to the following. We do not store your biometric data longer than legally allowed and not longer than necessary for the purposes the data was collected for. Your biometric data will only be used for the biometric authentication in the bunq app. We do not share your biometric data.

I hope this answer alleviates the concerns you might have! 😊

Ali has explained the difference between Touch ID (and Android equivalent on-device biometric data) in Dutch here: https://together.bunq.com/topic/waarom-handherkenning#comment-5277

In short, with on-device Touch ID, the bunq app can only store a secret token, which later can be retrieved only when authenticating with Touch ID. This secret token is then send to the bunq server to check if it is correct. For multi-factor authentication, this falls under "something you know" (the secret token).

When using hand recognition, a derived hash of your hand data is send to the bunq server, which then validates that derived data. This falls under "a physical characteristic". and not "something you know".

Hey everyone,

There seems to be some confusion in this thread. The comment by Ali that Andreas linked to sums it up pretty well.

bunq never stores any of your biometric data. We only store a hashed representation of it. This allows us to verify that the biometrics that you send to us is actually you. But we can not (even in case of a court order) retrieve your biometrics data from our servers, because it can't be reconstructed back from the hash.

If you're not a techie, here is a good explanation of how hashing works!

The concern that I, and I think others like me, have is that the data shouldn't be captured in the first place. People already use devices with biometric authentication which are preferable as data is stored locally in an encrypted location that nobody can reach.

If you're a programmer, you probably know that you can never trust the client to do this. The server must be able verify the biometric data, because the client may be lying to it. Otherwise, an attacker could modify the bunq app and spoof the requests to the server.

If you prefer not to share your four-finger scan with bunq, you can use the six-digit passcode and the passphrase instead.

@Arjan I asked them last year and bunq said they have their own Veridium server that does the 4-finger verification. Maybe @bunq staff can provide a little more background here on this?

Thanks Elise for clearing this up. This give's more peace of mind