Biometric Identity Platform for Hospitality
Your face is the key. The card. The loyalty programme.
A unified facial recognition middleware layer connecting Property Management Systems and Point of Sale — delivering frictionless check-in, instant room charges, automatic loyalty rewards, and secure staff authentication across every guest touchpoint.
01 — Property Management System
Replace the front-desk queue with a seamless face-first workflow. Guests are recognised the moment they approach the kiosk or desk terminal — reservation pulled, room assigned, key issued, in under a second.
Guest approaches kiosk. Live frame captured, liveness detection confirms physical presence.
Encrypted biometric vector compared against enrolled guest profile in under 0.8 s.
Reservation retrieved, room assigned, digital key dispatched to guest's phone. Done.
Returning guests and loyalty members flagged to front-desk staff on approach — name, tier, and preferences surface before a word is spoken.
Optional face-unlock integration with compatible door locks (RFID + camera combo) — guests access their room without any physical key.
When a guest face is matched departing the property, housekeeping queue is automatically updated to mark the room for service.
Do-Not-Check-In flags linked to face profiles. Security team alerted silently if a flagged individual is recognised at any terminal.
02 — Point of Sale
Guests settle their dining bill or charge it to their room with a glance at the POS camera — no card, no phone, no signature. Powered by Hashmato POS products.
Restaurant, bar, pool bar, spa, and room service share the same biometric engine — identity and folio consistent across every touchpoint.
Property-configurable thresholds: charges above a set amount require a secondary PIN or card confirmation alongside the face match.
Server or outlet manager can see a guest's running account balance and current folio total before processing a new charge.
Day-spa visitors, club members, and event guests enrolled as non-resident profiles — face-pay without a room charge destination.
03 — Loyalty Programme
Every recognised interaction — check-in, dining, spa, activity — earns points automatically. No app tap or card swipe required. The face is the loyalty card.
0 – 4,999 pts / yr
5,000 – 14,999 pts / yr
15,000 – 39,999 pts / yr
40,000+ pts / yr
Points credited the moment a face-pay transaction settles — visible in the guest app within seconds.
Guests redeem points at POS by face — server sees redeemable balance and applies discount with one tap.
Date-range or outlet-specific multiplier events (e.g. 3× on spa Tuesdays) applied automatically.
API hooks to connect earning/burning with airlines, car hire, and third-party hotel platforms.
04 — Staff Authentication
Staff authenticate to PMS workstations and POS terminals using their face — eliminating shared passwords, forgotten PINs, and buddy-punching. Every action tied to a verified individual identity.
Time-and-attendance is biometrically locked — staff cannot clock in or out on behalf of a colleague.
Rate overrides, comp authorisations, and account adjustments all require a supervisor-level face re-scan.
HR enrols new staff via a secure mobile flow — face captured in under 60 seconds, immediately active.
Exception reports flag high-frequency voiders or comp issuers correlated to their face-verified identity.
05 — Institutional Dining
FaceFlow extends beyond hotel F&B into high-volume, account-based dining environments where speed, meal entitlements, and dietary compliance are mission-critical.
Meal plan entitlements, resident vs commuter tracking, dining hall access control
Subsidised meals, department cost-coding, executive dining, visitor catering
Patient meal delivery, clinical dietary flags, staff canteen billing
Resident identification, nutritional compliance, medication mealtime flags
Dining hall gates linked to face recognition — only enrolled plan holders gain access during service hours.
Parents optionally view their child's meal activity and remaining balance — configurable privacy controls.
Face scan at express exit confirms selection against plan entitlement — no cashier required.
Connects to SAP, Oracle HR, Workday — enrolments and leavers auto-synced; no manual management.
Verified consumption data correlated with food waste metrics for right-sized production planning.
Automated monthly billing pack — verified cover counts and subsidy totals from biometric records.
06 — Technical Architecture
A lightweight biometric middleware layer sits between your existing PMS and POS systems — no rip-and-replace required. Eight-layer architecture from camera to connector, integrated via REST API and webhooks.
Near-infrared + RGB dual-camera hardware (kiosk, tablet, or fixed terminal). Liveness detection prevents photo spoofing.
Face vectorisation runs at the edge — raw biometric data never leaves the terminal. Only encrypted feature vectors transmitted.
Hosted matching service compares encrypted vectors against the enrolled profile store. Returns confidence score + profile ID.
REST API adapters for WinCloud & Yellowstone. Reservation and folio data exchanged bidirectionally.
Integrations for Hashmato POS products. Guest profile and payment method pushed on match event.
Points ledger API — earn rules, tier calculation, redemption, and partner exchange hooks. Real-time balance to guest app.
Web-based property UI — enrolment management, terminal health, match logs, exception reports, and loyalty analytics.
Self-service enrolment, loyalty balance, transaction history, point redemption, and digital room key. iOS + Android.
Technology Stack
FaceFlow is built on a robust, battle-tested open web stack — maximising compatibility with existing hotel infrastructure and ensuring a wide pool of development talent.
Modern PHP 8 with typed properties, fibers, and named arguments. Composer-managed dependencies throughout.
InnoDB engine with row-level locking for high-concurrency POS environments. Encrypted at rest via TDE.
Eloquent ORM, queue workers for async loyalty posting, and Artisan CLI for deployment and migration management.
In-memory session cache for active face-match sessions and offline entitlement data at terminal level.
High-performance reverse proxy fronting PHP-FPM process pools for concurrent terminal requests.
Stateless JSON API consumed by PMS, POS, kiosks, and mobile app. OAuth 2.0 bearer token auth on all routes.
All vectors encrypted in transit with TLS 1.3 and additionally with per-property AES-256 keys in HSM.
Docker Compose configuration for rapid provisioning. Deployable to any Linux server, AWS, Azure, or GCP.
07 — Security & Compliance
Biometric data handling governed by GDPR, CCPA, BIPA, and local equivalents. Consent is explicit, revocable, and fully audited.
Raw facial images are never persisted. Only encrypted mathematical feature vectors are stored — these cannot be reverse-engineered into a photograph.
Guests and staff opt in explicitly before enrolment. Consent captured digitally with timestamp and privacy policy version.
One-click biometric data deletion. All vectors purged across all nodes within 24 hours of request.
Anti-spoofing via active liveness challenge and passive depth analysis. Prevents photo, video, or mask attacks.
All data encrypted with TLS 1.3. Biometric vectors additionally encrypted with per-property AES-256 keys in HSM.
FaceFlow engine certified SOC 2 Type II. Annual penetration testing. Data residency options for EU and APAC properties.
Certified Integrations
See FaceFlow live in a guided demo — we'll walk through check-in, POS payment, and loyalty enrolment end-to-end in your stack.