 |
Biometric Layering
Provides a More Secure, Hierarchal Structure
of Identity Protection
Protect ID Biometric Layering:
To layer biometrics, you must first start
with a secure authentication
platform. Our Protect ID platform is the
worlds most secure authentication platform
because it was developed with authentication
layering in mind and
architected using an "Out-of-Band" methodology.
Whether you're looking to layer
a Fingerprint Reader, Iris Reader, Smartcard
or Token, whether you're
looking to match templates locally or centrally,
the Protect ID's open
biometric architecture enables you to implement
your configuration of choice.
Why Biometrics?
The explosive growth of corporate networks,
the Internet, and e-commerce has created
a tremendous challenge to reliably yet easily
identify people who cannot be met face-to-face.
Today the most common means for verifying
the identities of individuals in network
environments are passwords and personal identification
numbers (PINs). However, these older authentication
methods are no longer appropriate for most
applications. Passwords and PINs
are often easily guessed or cracked by a
skilled hacker, are frequently forgotten,
leading to demands on help desks, and can
be shared between several users, leading
to multiple users having access to a single
account. The value and importance of network-based
transactions, including e-commerce, has grown
to levels that require more than passwords
or PIN authentication. Users have recognized
that it they require appropriate means to
reach a higher level of security. Biometrics
represents a powerful tool to accomplish
this.
Biometric technology has been around for
many years, but historically it had been
very expensive and somewhat difficult to
use. Its application has mostly been limited
to military and other very high-security
applications where cost and convenience
are less important than security. On the
supply side, many companies have recently
developed new biometric authentication
technologies that have brought the cost
down and increased the ease-of-use. There
are now several devices on the market that
sell for less than $100, and they work
much better than the $1000 products available
five years ago, and major hardware and
software companies have committed considerable
resources to the development of biometrics.
On the demand side, the Internet boom has
driven up the demand for authentication.
The technology is now affordable and easily
available to satisfy the increased demand
for authentication.
How does biometrics protect personal information
from unauthorized access?
A biometric record is a mathematical representation
of an individual's unique characteristic,
stored in digital form. The record can
be based on a wide range of methods including
fingerprint scan, iris scan or facial recognition.
Standing alone, the record is of no use
to anybody. Even if illegally acquired,
it cannot be used to reconstruct a person's
biometric identity. When used for authentication
purposes, it serves as an effective gatekeeper
of personal privacy and a strong deterrent
against identity theft. Compared to other
methods of establishing who you are — producing
a driver's license, showing a birth certificate,
or revealing one's family history — biometrics
is a tool that can actually enhance privacy
and prevent abuse.
How do biometrics and authentication tie
into computers and the Internet?
As more and more personal information is
stored in computers, it is becoming increasingly
important to ensure that only certain individuals
have access to that information. Online
banking, online shopping, online voting,
online stock trading — each of these
online applications requires secure authentication
in order to be successfully implemented.
Currently passwords are used almost exclusively
for authentication on the Internet. Passwords
are cheap, because they don’t require
any special hardware, and they have been
in use for many years. However, passwords
are far from ideal.
|
| |
 |
Passwords
are easily forgotten. |
| |
|
|
| |
|
Passwords can
be "stolen" by people looking
over your shoulder as you type, or by
electronically "sniffing" the
password as it is transmitted across
the network. |
| |
|
|
| |
|
Passwords can
be shared with others, allowing multiple
individuals access to something that
was intended for only one person. |
| |
|
|
| |
|
As you work with
multiple password applications, the number
of passwords you have to remember becomes
unwieldy. To simplify, most people use
the same password for all of their accounts,
which creates huge security risks. |
| |
|
|
| |
|
Typing passwords
is inconvenient for most people, leading
them to choose shorter passwords, which
are easily guessed or cracked. |
|
| Biometric
authentication has the tool to solve many
of these problems by eliminating passwords.
By comparison, biometric characteristics
(such as fingerprint, iris, voice, face etc.)
has the following advantages: |
| |
|
Can
not be lost or forgotten by the individual |
| |
|
|
| |
|
Are tremendously difficult to steal and
replicate |
| |
|
|
| |
|
Cannot be shared
with others |
| |
|
|
| |
|
Are convenient and easy to use |
|
Are there other applications for biometric
authentication?
Besides logging on to computers and Web sites,
biometrics is well suited whenever an individual
needs to be authenticated: |
| |
|
Encrypting
files and email |
| |
|
|
| |
|
Unlocking
doors and allowing access to homes and
offices |
| |
|
|
| |
|
Authorizing credit cards and ATM cards
at stores and banks |
| |
|
|
| |
|
Authenticating
hourly employees as they clock in and
out at work (to prevent "buddy punching") |
| |
|
|
| |
|
Applications
that currently uses a key or password |
|
How
can biometrics be implemented?
Once used almost exclusively by law enforcement
agencies, biometrics products are rapidly
gaining market acceptance by Fortune 1000
companies, governments and consumers because
they are a simple and cost-effective way
to reduce fraud while increasing productivity.
Biometrics devices will essentially play
a critical role in all environments where
the following issues are present: |
| |
|
Protecting
the security of corporate, government
and home computer systems |
| |
|
|
| |
|
Increasing consumer confidence in using
the Internet for communications and
commerce |
| |
|
|
| |
|
Reducing fraudulent
transactions with credit cards and ATMs |
|
Is biometric
technology safe?
Various biometric devices have been in the
marketplace for over two decades. Like using
any other computer peripherals — such
as a keyboard or mouse — the technology
presents no risk to public health and safety.
How reliable is biometrics?
Biometric technologies have been tested
under the most demanding conditions.
They protect facilities that are vital
to national security, prevent unauthorized
people from crossing borders and preserve
the integrity of financial systems and
data networks. The real-world results
show that the products are robust, easy-to-use
and cost-effective.
What about privacy?
Many people worry about the privacy of
their biometric information. There are
many answers to this issue, depending
on the application. |
| |
|
In many applications, biometric data
may be stored on a smart card, or in
the computer that is controlled by
user only. Only a cryptographic key
is released after authentication. |
| |
|
|
| |
|
In most cases, only a processed, mathematically
reduced version of the biometric data
is stored. This data is called a "template," and
cannot be used to re-create the original
data. |
| |
|
|
| |
|
In cases where
it is necessary for a company or agency
to store the biometric template data,
there is generally an option for the
customer or user to "opt-out" and
use alternative methods of authentication.
Legislation is in the works in several
states, including California, to make
this option a requirement. |
| |
|
|
| |
|
Legislation is also in the works to prevent
companies from sharing biometric data
with each other, unless permission
is explicitly granted. |
|
What
if someone steals a fingerprint off a glass
or takes a picture of my face?
It depends heavily on the quality of the
biometric hardware, whether a system is tamper
proof. A majority of today's biometric devices
have built-in mechanisms to prevent this
kind of forgery. However, no system is completely
impervious to break-ins, but if the effort
required to defeat a security system is greater
than the potential gains, the system is safe.
This emphasizes the need for a flexible approach
as to which method and device is appropriate
for a particular situation. |
|
|
| "Biometric technology is an important component of the identity protection and management vision for the Department of Defense.”
|
David M. Wennergren, Chair, DoD Identity Protection and Management Senior Coordinating Group
|
 |
28 countries
have mandated face reading security be
in place by 2007
The United Kingdom is now testing for
electronic passport visas that will be
the basis of a national ID system.
380,000 police cars and up to 900,000
law enforcement officials will carry these
devices
The U.S. government has mandated using
face and fingerprint recognition for all
immigrants.
|
|
|
