Skip to Content
OperationsTelemetry and privacy

Telemetry and privacy

What the SDK sends

Per request:

  • Authorization: Bearer <ClientSecret>
  • X-SDK-Version
  • Content-Type: application/json

Per face enroll, match, or search:

  • Base64-encoded JPEG of the captured frame.
  • enrollee id (for enroll and match).

Per fingerprint enroll or match:

  • Base64-encoded PNG per finger.
  • capture_modality'contactless' for camera captures, 'scanner' for captures from the SladeID companion app.

What the SDK does not send

  • No background telemetry. There is no analytics ping, no error reporter, no usage beacon.
  • No raw video frames. Only the gated capture frame is uploaded.
  • No localStorage data beyond the synthesised deviceId UUID, which is scoped per origin.

Logging rules

Captured images and BiometricSample.data are biometric data. Do not log them. Do not send them to any third-party analytics. Do not store them on the client beyond the lifetime of the request.

This applies equally to:

  • The captured Uint8Array returned from the camera.
  • The base64 sample string the SDK submits.
  • The raw field on every backend response.
  • Console logs, error reporters, request body dumps, and HAR file exports.
SupportTroubleshooting