Skip to content 
by He Yu @X-Telcom
Hello, I’m He Yu, Technical Director of Palm Vein Technology at X-Telcom.
As we’ve expanded deployments globally, one question keeps coming up from clients:
"How does your Palm Vein Recognition system support cloud-based matching while ensuring full data privacy?"
In this article, I’ll walk you through the core architecture of our Palm Vein Scanner cloud solution, from a technical perspective.
It’s written especially for platform developers, system integrators, and organizations planning projects related to Palm Pay, Palm ID, or biometric authentication.
If you’re building secure access control, cashless payment, or national ID registration systems, I hope this gives you a clear picture of how our Palm Vein Technology works in real life.
🖐️ Device Side – Palm Capture & Feature Extraction
When a user places their palm in front of an X-Telcom Palm Vein Scanner (such as the XT-PalmVein 01), the embedded SDK—running on Android, Linux, or Windows—triggers the Palm Vein Recognition process.
Workflow FYI:
The scanner performs:
- Palm image capture
- Quality filtering & enhancement
- RGB & IR Feature string extraction (a secure, encrypted biometric template)
Unlike fingerprints or facial recognition, Palm Vein Technology works with subcutaneous vascular patterns, making it highly secure and spoof-resistant.
☁️ Step 1: Uploading Features to the Palm SDK Server
The encrypted feature string or raw image is securely uploaded from the device to the customer-designated Palm SDK Server via HTTPS + SSL.
Customers can deploy this server:
- Locally, on-premise
- In private cloud environments (e.g., for government or banking)
- Or in public cloud platforms like AWS, Azure, Alibaba Cloud, etc.
X-Telcom does not operate or manage this server. We only provide the Palm Vein Technology SDK for integration.
Simply put, Palm Vein technology’s algorithm services are all handled by us.
🧠 Server-Side Algorithm Processing (Registration / Recognition)
The Palm SDK Server executes the Palm Vein Recognition algorithm based on use case:
- Registration mode: Stores the uploaded feature string and generates a Feature ID.
- Recognition mode: Compares against stored feature strings and returns a matched Feature ID.
Our solution supports high-speed, large-scale matching—0.35 seconds or less for databases with over 5 million users.
The result is a unique Feature ID, securely sent to the customer’s backend for business-level decision-making.
🔄 Step 2: Binding Feature ID to User Info
All User Data Is Fully Customer-Controlled
Once the Feature ID is returned, the client-side business server (fully built and hosted by the customer) handles user data binding and permission logic.
For example:
| Feature ID | Username | Department | Access Rights |
|---|---|---|---|
| 894327491 | Alice Wang | Finance | Door Access + Palm Pay |
Customers are free to define their user schema: names, mobile numbers, roles, clearance levels, and more.
X-Telcom has no access to or control over user information or business logic.
✅ Final Step – Response to Device
Once identity and permissions are validated, the business server returns a result to the device application. This completes actions like:
- Door or gate access
- Cashless Palm Pay
- Medical check-in or e-Government login
- Attendance punch-in, etc.
🔐 Data Security: How We Ensure Privacy & Compliance
Our architecture is designed around data sovereignty, giving full control to our clients while keeping biometric security uncompromised.
End-to-End Encryption:
- Transmission: HTTPS + SSL
- Cloud Storage: AES-256 CBC encryption
- Encrypted on writing
- Decrypted on reading
Clear System Separation:
- The Palm Vein Scanner only captures and uploads feature templates
- The algorithm server performs template matching only
- The business server binds identity and controls permissions
- X-Telcom never touches user information or accesses any client databases
🧩 Flexible Deployment, Modular Integration
Palm Vein Technology is designed to be developer-friendly and adaptable across industries:
| Capability | Details |
|---|---|
| OS Compatibility | Android, Linux, and Windows support |
| SDK & API | Full developer documentation and SDK libraries provided |
| Deployment Models | Cloud / On-prem / Hybrid |
| Industry Use Cases | Finance, Government ID, Healthcare, Education, Transportation |
| System Integration | Easy to connect with CRM, ERP, POS, HRM, or Access Control platforms |
✅ Summary: A Platform-Oriented Palm Vein Recognition Architecture
- ✅ Feature capture and extraction happen on-device
- ✅ Feature string is uploaded to cloud or private algorithm server
- ✅ User info and permissions are handled solely by customer-side systems
- ✅ AES + SSL ensures end-to-end data security
- ✅ Open API architecture allows flexible deployment
- ✅ Scalable: Real-time recognition in databases with millions of users
If you’re planning to deploy a Palm Vein Scanner system that’s secure, customizable, and built for real-world integration, is here to help.
We offer not just hardware—but a complete, open biometric stack through our Palm Vein Technology, ready for your backend, your platform, your users.
— He Yu
Technical Director | X-Telcom
Palm Vein Technology · Palm Vein Recognition · Palm Vein Scanner Solutions
