Give digital the finger

August 2012 Access Control & Identity Management

Regular readers will have read countless articles in Hi-Tech Security Solutions dealing with access control and the dangers of traditional means of access, in other words, cards, passwords, tokens and PINs. We have also carried a few articles of logical access control, where we look at the current ease with which people can log into corporate computers and access sensitive applications, such as accounting systems, for their own nefarious purposes.

You will also have read some articles expounding how useless passwords and PINs are as an identification and authentication mechanism. In fact, in this issue we have an article highlighting the enormous amounts stolen, seemingly with ease, by insiders in companies globally. One of the startling facts in the article is that more than half of the stolen money is never recovered – so much for insurance.

SuperVision Biometric Systems has come up with a solution to this problem that costs about R100 per user per month. The solution, SuperSign, is a biometric logon application that works with most biometric readers. The software, developed by SuperVision, streamlines the process of registering users and authorising applications and transactions via a fingerprint.

In the demonstration Hi-Tech Security Solutions attended, SuperVision’s partner, BCX put SuperSign through its paces. The biometric device used was the MorphoSmart 1300 fingerprint reader which can be easily attached to a computer via a USB port.

BCX’s Alexander Botha explains that the system works with the normal directories companies use, such as Active Directory or Novell’s eDirectory. To keep these corporate assets safe, the SuperSign software handles the capturing of users’ biometrics and the assignment of permissions. Everything is controlled by biometric scans to ensure the accuracy of the process.

Biometric verification

Assigning permissions and access to specific digital assets is done via a drag and drop process, or users can be assigned the same permissions as other users with a click. Additionally, when a user needs to be loaded onto the system, two additional, authorised employees will have to verify the process.

For example, when the user is enrolled, someone will need to authorise the process and permissions assigned to the individual and capture their biometrics, while a third party will act as a witness, again via biometrics, before the process is complete.

When the user logs on for the first time, the system changes his default password to ensure that nobody knows what it is, preventing criminals from bypassing the biometric logon. Naturally, the administrators have overall control as usual, but also through their own biometrics. This process ensures there are no passwords written on Post-It notes or pasted under keyboards where they can be easily accessed.

SuperSign goes further in that it will also apply the same logon process to any applications the user opens that need an additional password, such as the accounting system. Once again the initial password assigned to the user is changed to ensure nobody can use his/her credentials to access the system as that user. All these logon processes are controlled from the SuperSign software.

In addition, companies can also apply these processes to Web applications, such as Internet banking or even social media sites like Facebook if they feel the need to track who uses these applications.

Clear audit trail

Botha says the system not only ensures that passwords cannot be copied, stolen or given to someone else, but by using fingerprints, a clear identity trail is created and stored in case it is needed. When using passwords, tokens, PINS or cards to log onto applications and authorise transactions, users verify the traditional ‘something you have’ and/or ‘something you know’ (both for two-factor authentication), but they do not verify who they are.

SuperVision’s Mark Eardley notes that when people are called onto the carpet after fraud has been committed with their password or card credentials, they can simply say they didn’t do it and there are few ways to prove they were there when the credentials were entered.

With biometric logon processes, the person can’t claim innocence as it is impossible to steal someone’s finger. In extreme cases where people may do so, the better biometric readers can detect if a finger is not attached to a living person. This leaves an indisputable identity chain, showing everything the user did on the system, time and date stamped.

The software is also tiered, meaning the user must first logon to Windows before they can access an application if the company so desires. This will prevent someone leaning over a colleague’s shoulder to authorise a transaction or other activities that have stringent security protocols.

When linked to physical access control systems, security is even tighter. The system can be extended to ensure that people can’t logon to their workstation if they haven’t entered the building and it can even automatically log them out when they leave the building.

As noted, the system can be leased at around R100 per month per user. This includes the full service of software, hardware, installation, training and maintenance. The SuperSign software is light on resources meaning a laptop attached to the server will suffice for medium-sized organisations.

SuperSign has already been installed in a few organisations, such as the Department of Agriculture and Fisheries, as well as the Department of Rural Development and Land Reform.

Given that a 2009 survey found that 62% of economic crime in South Africa was committed by insiders, Eardley advises that the cost of the system should not be compared to free password authorisation, but against potential losses. Some of the areas in which biometric logons can prevent losses are:

* Fraudulent EFT payments,

* Modifying billing and procurement data,

* Theft of sensitive information,

* Corruption and deletion of data, and

* Costs of downtime, recovery and restoration.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Alarms are smarter than ever
Spectrum Security Products Technews Publishing SMART Security Solutions Arxtech Perimeter Security, Alarms & Intruder Detection
Modern smart alarms are evolving beyond simple sirens and basic alerts. They now include features such as system health checks, remote management, real-time notifications, mobile apps, and multiple communication options.

Read more...
From the editor's desk: The high price of cheap
Technews Publishing News & Events
Bringing fire and safety, along with intrusion and perimeter protection, into the same publication is an interesting exercise. At their core, all these systems exist for one reason: to warn people ...

Read more...
Balancing secure access control and fire safety
Editor's Choice Access Control & Identity Management Fire & Safety
In modern building management, few topics create as much tension as the intersection between security access control and fire evacuation safety. Nichola Allen of G2 Fire sheds light on this delicate balance.

Read more...
Fire safety in South Africa
Technoswitch Fire Detection & Suppression Technews Publishing SMART Security Solutions Editor's Choice Fire & Safety Security Services & Risk Management
Fire safety is sometimes ignored, sometimes relegated to whatever is cheapest, and sometimes treated with the seriousness it deserves, given that it focuses on protecting life and assets.

Read more...
Preventing and suppressing lithium fires
SMART Security Solutions Technews Publishing Editor's Choice Fire & Safety Security Services & Risk Management Smart Home Automation
SMART Security Solutions asked Clyde Becker, director of Pyro Brand, for some insight into the mechanics of lithium-ion battery fire risks, especially thermal runaway, and to define a comprehensive, layered approach to fire detection and suppression.

Read more...
Securing water infrastructure for industry and community
Access Control & Identity Management Fire & Safety Government and Parastatal (Industry)
The Badirammogo Water User Association needed a solution that could secure remote sites, reduce reliance on physical guards, and ensure uninterrupted service delivery while remaining aligned with its values and long-term strategy.

Read more...
Integrated layers offer dependable security
OPTEX SMART Security Solutions Technews Publishing Perimeter Security, Alarms & Intruder Detection Integrated Solutions
A layered approach to security tightens protection and minimises downtime and operational risk. Moreover, integrating all the parts of a solution and proving they can do the job before spending money are critical.

Read more...
Disconnect between confidence in identity security and operational reality
Access Control & Identity Management News & Events
New FIDO Alliance and HID study reveals gap between identity security confidence and reality; 94% of enterprises claim they can revoke employee access within 24 hours, yet 35% experienced delays or failures in the past two years.

Read more...
Paxton Solo training available to security installers
Paxton Access Control & Identity Management News & Events
Following the launch of Solo, Paxton’s brand-new access control system, the security manufacturer is rolling out dedicated Solo training sessions across South Africa to support security installers working with the system.

Read more...
Echoes of 2018? Follow-up on Woolworths explosions
Technews Publishing News & Events Security Services & Risk Management Retail (Industry) Facilities & Building Management
SMART Security Solutions follows up with Jimmy Roodt to find out more about an old connection to the Woolworths bombings from 2018. The investigation remains ongoing.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.