a secure trust platform designed to meet the concerns of accessibility and data protec- tion in a connected environment. The plat- form should leverage credential technology that employs encryption to prevent man-in- the-middle attacks while also protecting the biometric database, and a software-based infrastructure to secure identities on any form factor for trusted access to doors, IT networks and beyond.
As an example, HID Global’s iCLASS SE RB25F fingerprint reader/controller in- corporates the company’s Seos technology and secure trusted platform, which gives users the option of accessing facilities with a mobile device. Its multispectral sensor in- corporates trusted liveness detection to pro- vide real-time validation that the fingerprint is genuine and real, while ensuring superior protection against hundreds of commonly used spoofing materials. The solution also comes with duress finger functionality, as well as a built-in optical tamper that auto- matically sends alerts in the case of an at- tempt to remove the device.
With today’s solutions, system manage- ment is simplified using web-based reader managers that handle all reader/controller configuration and management while sup- porting fingerprint enrollment for both the 1:2 verification and 1:N identification modes. The solution should encompass remote man- agement of all readers and users, spanning all onboarding as well as template loading and enrollment activities for the supported authentication modes. Today’s tools can be used as stand-alone applications or inter- faced with other access control and/or time and attendance platforms and enable system administrators to manage all configuration settings from time and data to language, se- curity and synchronization. They also enable continuous live monitoring of authentica- tion, alerts and system health.
To simplify deployment, application programming interfaces (APIs) are avail- able for direct integration of biometrics authentication solutions with the access control infrastructure. Multiple interface options should be available to support vari- ous system architectures.
It is critical that biometrics data is han- dled like all sensitive and identifying infor- mation. A properly architected system will always consider and protect against both internal and external threats and attacks. Beyond the encryption of the data itself, there are now many good alternatives avail- able for building highly secure and well pro- tected systems, including the use of multi- factor and even multi-modal authentication to maintain security even if some identifying data is compromised. All reader/controllers should also feature duress finger functional- ity, as well as built-in optical tamper safe-
guards with automated alerts if there is an attempt to remove the device.
Also important is the environmental de- sign of the reader/controller. In addition to built-in vandal resistance, all devices should include weather protection so they can be installed indoors or outdoors. Features that support rapid deployment can reduce instal- lation time to just minutes.
Early Adoption Paths
There are several applications that lend themselves to the security and convenience of biometrics technology at the door. Ex- amples include education and healthcare campuses where it is imperative to prevent users from taking someone else’s card and using it to gain access to restricted locations and/or privileged resources. When used for authentication, it adds the human element to strengthen security by combining something the user “is” with something the user “has” or “knows.”
The ability to identify persons with 100 percent accuracy is especially critical health- care so that medical professionals have the correct patients’ medical history with which to properly diagnose and treat them. The inclusion of liveness detection in these bio- metric solutions will give healthcare organi- zations the assurance, for instance, that they are complying with HIPAA regulations for verifying identity without the fear that some- one will compromise the system and gain ac- cess using a fake fingerprint.
On a college campus, biometric solutions will be increasingly important for prevent- ing unauthorized use of data or access to secured campus locations, and eliminating errors or fraudulent manipulation of atten- dance monitoring, library management and other systems. Here, too, liveness detection will play an important role, ensuring that a thief can’t steal and use someone’s campus
ID card to, for instance, gain unauthorized access to the person’s dorm room or fraudu- lently purchase meals at the cafeteria using their account.
In these and similar applications, bio- metric solutions deliver a higher confidence about “who” is being admitted into a uni- versity residence hall, classroom, a hospital’s front door and other restricted areas where this confidence really matters. In these and other applications, it is insufficient to simply possess an ID card, and what is required is the ability to validate a person’s true identity using biometrics. This must be accomplished in such a way that any person can be identi- fied or verified regardless of skin condition, at any authentication point regardless of en- vironmental conditions, and without the risk of excessive false user rejections that slow down access.
Biometrics technology will continue to improve as it grows in popularity to use at the door, and companies are actively investing in these advancements. Examples include HID Global’s acquisition of Lumidigm for finger- print sensors with multispectral imaging and liveness detection, and Crossmatch for its biometric identity management solutions for civil government, defense and commercial applications, as well as a secure multifactor authentication software solution. Today’s fingerprint authentication solutions are on a fast track to deliver a unique combination of ease of use and higher security. They com- bine enhancements in liveness detection, sys- tem architectures and trusted performance to give people secure and convenient access facilities, networks and services using finger- prints that are unique and cannot be forgot- ten, lost or stolen.
Stephen Carney is the vice president of prod- uct marketing, Physical Access Control, at HID Global.
28
JULY/AUGUST 2019 | SECURITY TODAY
COVER STORY
Tanoy1412/Shutterstock.com