Biometric authentication solutions for personal identification purposes in healthcare, social security, national identity, financial services, general access to computer networks and physical security are gaining popularity.
Current solutions contain a set of access credentials protected on the smart card through encryption and activated by the combination the smart card and a personal identification number (PIN).
While stronger than traditional magnetic strip cards, maintaining security of the PIN and the need for help-desk services to reset forgotten PINs, continue to be weak points.
The introduction of biometric authentication has strengthened current two-factor authentication solutions by including the two elements: "something you have" - the smart card and "something you are" - the biometric. These solutions are described as "Match-on-Card" as the fingerprint is read by a separate device and then matched to data on the card.
Better still is the "Capture-Store-Match" approach to biometric authentication as the fingerprint reader is now incorporated on the smart card. Solution costs are reduced considerably, and flexibility and scalability are increased dramatically.
In addition, "big brother" concerns about vast data bases of personal data being established are avoided as security risks are now decentralised, with personal data stored securely on the smart card and protected with anti-tamper hardened secure access modules incorporated to guarantee secure transmission of critical messaging between devices. Security is further enhanced as the card reader plays no part in the decision-making, evaluation of business rules or encryption. Its sole role is to properly route each message.
A backend management system establishes business rules and access authorisation according to the customer`s specific requirements. Authorisation protocols, new rules and updates are distributed instantly to individual cards when next inserted in a card reader. The backend server receives secured messages and logs all transactions for end-of-day reports, security alerts, exception reports and other reporting functions.
For more information, contact Peter Hill at Info Sec Africa (peter@cobit.co.za).
Share
Editorial contacts