Connect with industry leaders and join the conversation—follow us on LinkedIn, Facebook, and Instagram to share your insights and expand your professional network.

Rebecca Spayne of International Security Buyer sits down with Hanchul Kim, CEO of Suprema Inc. to discuss AI regulations and biometric authentication.

Q. Please introduce yourself and give us a brief insight into Suprema?

I'm Hanchul Kim, CEO of Suprema. Suprema, established in 2010, is a global leader in AI-powered access control and security solutions. Suprema has earned recognition for its technological expertise and innovation in access control and biometric authentication. By leveraging AI, cloud, and video analytics, Suprema delivers a comprehensive portfolio of innovative security solutions. These include security platforms, access control solutions including AI edge devices, AI-powered video analytics, cloud-based solutions, and integration services.

With a presence in over 140 countries, Suprema has established itself as a premium brand in the global market. It is recognized as one of the world's top 50 security companies and holds the number one market share in biometric access control across Europe, the Middle East, and Africa.

Q. What are the most pressing ethical considerations in deploying AI-powered biometrics or video analytics today, and how can solution providers and end users ensure responsible design and use?

One of the most important considerations is user consent. Individuals must be clearly informed about what data is being collected, how it will be used, and for how long it will be retained. AI-based security systems often rely on biometric data, behavioral patterns, and environmental context, which are sensitive in nature. The use of this data must be based on clear consent, with transparency around its use and retention. Equally important is the principle of data minimization. Systems should collect only the biometric information necessary for authentication, nothing more. From a design standpoint, privacy must be addressed at the architectural level including data encryption, support for on-device processing, and role-based access to data.

Q. How do you see the evolving global data protection and AI regulations shaping the future of enterprise security?

Global regulations are reshaping how security systems are designed and managed. They are setting expectations for consent, data transparency, and user rights. For AI-powered biometric or video analytics systems, this means that organizations must take a more proactive approach to compliance.

All Suprema software and hardware devices are built to prevent external hacking attacks. Suprema meets rigorous global regulations, including NIS2 (Network and Information Systems Directive 2), GDPR (General Data Protection Regulation), PSTI (Product Security and Telecommunications Infrastructure) Act, and NDAA (National Defense Authorization Act). Also, Suprema consistently renews ISO/IEC 27001 and ISO/IEC 27701 certifications and has acquired CSA Star Level 2 certifications enhancing trust in cloud-based biometric data protection.

Suprema ensures that its AI-powered products and services align with the requirements of the EU AI Act. However, Suprema’s AI-based biometric solutions developed for access control, may vary in form and use depending on how customers deploy them.

Security and compliance reviews are embedded across all stages of the product lifecycle from planning and design to development to uphold key regulatory principles of AI Act. Suprema operates a comprehensive AI governance framework focused on data minimization, transparency, system robustness, and the protection of user rights. This includes ongoing efforts in risk management, algorithm accountability, and data quality control to ensure that AI-based biometric access control solutions are safe, reliable, and compliant.

Q. What role should transparency and user consent play in the deployment of AI-powered and biometric security systems across commercial environments?

Transparency and consent are foundational to ethical deployment and long-term acceptance of AI-powered and biometric security systems. Organizations need to communicate clearly how personal data will be used, who will have access to it, and under what conditions. This applies not only at the point of enrolment but throughout the system lifecycle from software updates to policy changes.

Suprema, as a provider of access control systems, provides guidance to help customers safely manage users’ privacy data. And, Suprema provides functions such as role-based access control, multi-factor authentication, and 'Template on Mobile' (ToM) authentication method. ToM combined mobile access with facial authentication which allow users to securely stores facial templates on their own smartphones, eliminating reliance on company servers for biometric data storage and giving users direct control over their sensitive credential data. 

Q. What are the most common misconceptions about biometric authentication, and how should the industry address them?

One misconception is that biometric authentication is the same as surveillance. In access control, biometrics are generally used for voluntary, active verification — not passive monitoring. Another is the belief that biometric templates can be reverse-engineered into facial images or fingerprints, which is not accurate for properly encrypted, vector-based templates. 

Suprema’s edge devices securely store and manage user and biometric authentication data at the edge, utilizing advanced security technologies to encrypt all sensitive information. These devices are equipped with Secure Element (SE) chips, which store encrypted personal data and cryptographic keys in an isolated location, preventing decryption in the event of a data breach.

Q. How can access control systems be designed and deployed to ensure inclusivity and equitable performance across diverse populations, environments, and physical conditions?

Inclusivity starts with algorithmic design. AI models should be trained on demographically diverse data to reduce performance gaps across skin tones, facial features, and age groups. Testing should also be conducted across various real-world environments including different lighting, motion, and physical features. Furthermore, when operating in diverse global markets, it is critical to design systems that comply with local and regional data protection regulations, including the GDPR in Europe and Korea’s Personal Information Protection Act (PIPA). Suprema’s access control solutions incorporate features that support privacy compliance through robust data governance, helping customers address regulatory requirements without compromising functionality.

Suprema’s AI-powered fingerprint recognition and facial authentication devices are actively securing diverse real-world environments, across over 140 countries, from high-security facilities to office buildings. Suprema’s facial authentication technology incorporated with deep learning AI is highly adaptable, accurately identifying faces of all ethnicities, even when individuals are wearing masks, glasses, hats, beards, niqabs, or have various hairstyles. Furthermore, the technology performs accurately in varied lighting conditions, including bright, dim, or backlit environments. Suprema's AI-powered fingerprint recognition technology also enables accurate template extraction even from low-quality, noisy, or distorted fingerprints. Additionally, the Live Finger Detection (LFD) technology effectively identifies fake fingerprints made from materials like rubber, paper, film, clay, and silicone by analyzing unnatural features and inconsistencies. This extensive regional and vertical coverage underscores that AI outperforms in real-world.

This combination of technical inclusivity, real-world performance, and regulatory readiness demonstrates how AI-powered biometric solutions can scale across regions and industries delivering accurate, secure, and equitable authentication for users everywhere.

Q. Beyond physical access points, which emerging applications of AI-powered and biometric security solutions will most transform the future of enterprise and critical infrastructure security?

AI-powered technologies are expanding the role of access control to proactive security intelligence. By integrating biometric authentication with video analytics and contextual data processing, organizations can move from passive monitoring to real-time detection and response.

One key area is behavior-based video analysis, where AI is used to identify abnormal or high-risk activities such as tailgating, loitering, unauthorized intrusion, or sudden falls, supporting faster incident response in public or unmanned spaces. In large-scale facilities, AI enables operational intelligence through applications like people counting, tailgating detection, blacklist detection, and missing person tracking. These capabilities go beyond identity verification to support situational awareness and safety management at scale.

As these technologies evolve, we’re seeing a shift toward unified security platforms that combine identity, behavior, and environment into a single decision-making framework.

Q. How are traditional access control systems being integrated into AI-based integrated security systems, and what challenges does that bring?

Traditional access control systems are increasingly being connected to AI-based security platforms through hybrid integration methods. This allows organizations to retain existing infrastructure while gaining enhanced capabilities such as intelligent video analytics, and centralized monitoring. The main challenges lie in bridging legacy protocols, limited interoperability, and inconsistent data formats. To address this, open API support and standards-based integration are essential, enabling traditional systems to communicate effectively with modern AI platforms and operate as part of a unified, intelligent security architecture.

Q. What impact will the convergence of AI and biometric technology have on the security industry?

The convergence of AI and biometrics is fundamentally reshaping the security industry, shifting it from a reactive to a proactive, intelligent model. AI dramatically enhances biometric accuracy, reliability, and anti-spoofing, enabling sophisticated multimodal authentication.

While this evolution creates new AI-powered threats, it also provides the adaptive tools to defeat them. Suprema is at the forefront of this transformation, developing advanced AI and integrated platforms that unify security management. The industry-wide shift to cloud solutions and software-driven platforms accelerates this trend, making advanced security more scalable and accessible.

Crucially, innovations like storing biometric credentials on a user's mobile device are key to balancing robust security with modern privacy demands. This convergence is building a future of autonomous, predictive, and truly integrated security ecosystems.

Source: Security Buyer