TRST Docs

Appearance

Environments

Environments are logical encapsulations that store palm vein biometric data. They are owned by organizations and represent the core data storage layer for identity matching in the trst platform.

What is an Environment?

An environment is a secure, isolated database that stores encrypted palm vein templates for a collection of users. Environments are owned by organizations and accessed by projects for enrollment and verification operations.

Key Characteristics:

  • Owned by an organization (org_id)
  • Stores encrypted biometric templates (not raw images)
  • Supports 1:N matching (one scan against many templates)
  • Optimized for fast lookup and matching
  • Scales to millions of templates
  • Templates are non-reversible and privacy-preserving

See Organizational Hierarchy → to understand how environments fit into the overall trst platform structure.

Comparison: Global vs Organization Environments

FeatureGlobal EnvironmentOrganization Environment
Ownershiptrst organizationCustomer organization
EnrollmentPublic self-serviceBusiness-controlled
ScopeRegional/nationalOrganization-specific
DatabaseShared across projectsIsolated per organization
Project ControlRead-only (verification only)Full control (if org matches)
User Data OwnershipUser-controlledOrganization-controlled
Use CasePublic identificationPrivate authentication
ScaleMillions of usersHundreds to thousands
Cost ModelPer verificationPer organization + per user

Learn about Project Control Model → - Understand what projects can do based on environment ownership.

Creating an Environment

Contact trst support or your account manager to create a new environment.

Duplicate Detection

Environments will attempt to prevent the same palm from being enrolled against different user IDs.

It does this by checking new enrollments against existing templates in the environment.

Performance Considerations

Search Performance

Environment Size Impact:

Template CountAverage Search Timep95 Search Time
1,00020ms50ms
10,00050ms120ms
100,000150ms300ms
1,000,000400ms800ms

Optimization Strategies:

  • Use multi-environment verification to search smaller environments first
  • Partition large global environments by region
  • Implement caching for frequently verified users
  • Use metadata filtering to narrow search space

Security and Privacy

Template Encryption

All templates are encrypted:

At Rest:

  • AES-256 encryption
  • Unique encryption keys per environment
  • Hardware security module (HSM) key storage

In Transit:

  • TLS 1.3 for all API communication
  • End-to-end encryption for Device-Com

Data Isolation

Organization Environment Isolation:

  • Separate database schemas per organization
  • Encrypted organization identifiers
  • Access control at database level

Global Environment Protection:

  • Regional data residency
  • Compliance with local regulations
  • User consent management

Privacy Compliance

GDPR Compliance:

  • Right to erasure (delete enrollments)
  • Data portability (export enrollment metadata)
  • Consent tracking
  • Audit logs for data access

Learn more about Security →

Best Practices

Choosing Environment Type

Use Global Environment when:

  • Building regional/national ID system
  • Users need to enroll themselves
  • Cross-application verification needed
  • Large-scale public deployment
  • User should control their own data

Use Organization Environment when:

  • Building organization-specific system
  • Business needs to control enrollment
  • Data isolation required
  • Corporate or private deployment
  • Organization should manage user data

Environment Design

DO:

  • Use descriptive environment names
  • Document environment purpose
  • Set appropriate verification thresholds
  • Enable duplicate detection
  • Plan for scalability
  • Match project org_id with environment owner_org_id for full control

DON'T:

  • Mix unrelated users in same environment
  • Use overly strict thresholds (increases FRR)
  • Disable audit logging
  • Ignore retention policies
  • Point projects to environments without understanding control implications

Next Steps

Now that you understand environments:

  1. Learn about Projects → - How projects use environments
  2. Explore Sensors → - Choose the right hardware
  3. View API Reference → - Interactive API documentation

Additional Resources