Give digital the finger

August 2012 Access Control & Identity Management

Regular readers will have read countless articles in Hi-Tech Security Solutions dealing with access control and the dangers of traditional means of access, in other words, cards, passwords, tokens and PINs. We have also carried a few articles of logical access control, where we look at the current ease with which people can log into corporate computers and access sensitive applications, such as accounting systems, for their own nefarious purposes.

You will also have read some articles expounding how useless passwords and PINs are as an identification and authentication mechanism. In fact, in this issue we have an article highlighting the enormous amounts stolen, seemingly with ease, by insiders in companies globally. One of the startling facts in the article is that more than half of the stolen money is never recovered – so much for insurance.

SuperVision Biometric Systems has come up with a solution to this problem that costs about R100 per user per month. The solution, SuperSign, is a biometric logon application that works with most biometric readers. The software, developed by SuperVision, streamlines the process of registering users and authorising applications and transactions via a fingerprint.

In the demonstration Hi-Tech Security Solutions attended, SuperVision’s partner, BCX put SuperSign through its paces. The biometric device used was the MorphoSmart 1300 fingerprint reader which can be easily attached to a computer via a USB port.

BCX’s Alexander Botha explains that the system works with the normal directories companies use, such as Active Directory or Novell’s eDirectory. To keep these corporate assets safe, the SuperSign software handles the capturing of users’ biometrics and the assignment of permissions. Everything is controlled by biometric scans to ensure the accuracy of the process.

Biometric verification

Assigning permissions and access to specific digital assets is done via a drag and drop process, or users can be assigned the same permissions as other users with a click. Additionally, when a user needs to be loaded onto the system, two additional, authorised employees will have to verify the process.

For example, when the user is enrolled, someone will need to authorise the process and permissions assigned to the individual and capture their biometrics, while a third party will act as a witness, again via biometrics, before the process is complete.

When the user logs on for the first time, the system changes his default password to ensure that nobody knows what it is, preventing criminals from bypassing the biometric logon. Naturally, the administrators have overall control as usual, but also through their own biometrics. This process ensures there are no passwords written on Post-It notes or pasted under keyboards where they can be easily accessed.

SuperSign goes further in that it will also apply the same logon process to any applications the user opens that need an additional password, such as the accounting system. Once again the initial password assigned to the user is changed to ensure nobody can use his/her credentials to access the system as that user. All these logon processes are controlled from the SuperSign software.

In addition, companies can also apply these processes to Web applications, such as Internet banking or even social media sites like Facebook if they feel the need to track who uses these applications.

Clear audit trail

Botha says the system not only ensures that passwords cannot be copied, stolen or given to someone else, but by using fingerprints, a clear identity trail is created and stored in case it is needed. When using passwords, tokens, PINS or cards to log onto applications and authorise transactions, users verify the traditional ‘something you have’ and/or ‘something you know’ (both for two-factor authentication), but they do not verify who they are.

SuperVision’s Mark Eardley notes that when people are called onto the carpet after fraud has been committed with their password or card credentials, they can simply say they didn’t do it and there are few ways to prove they were there when the credentials were entered.

With biometric logon processes, the person can’t claim innocence as it is impossible to steal someone’s finger. In extreme cases where people may do so, the better biometric readers can detect if a finger is not attached to a living person. This leaves an indisputable identity chain, showing everything the user did on the system, time and date stamped.

The software is also tiered, meaning the user must first logon to Windows before they can access an application if the company so desires. This will prevent someone leaning over a colleague’s shoulder to authorise a transaction or other activities that have stringent security protocols.

When linked to physical access control systems, security is even tighter. The system can be extended to ensure that people can’t logon to their workstation if they haven’t entered the building and it can even automatically log them out when they leave the building.

As noted, the system can be leased at around R100 per month per user. This includes the full service of software, hardware, installation, training and maintenance. The SuperSign software is light on resources meaning a laptop attached to the server will suffice for medium-sized organisations.

SuperSign has already been installed in a few organisations, such as the Department of Agriculture and Fisheries, as well as the Department of Rural Development and Land Reform.

Given that a 2009 survey found that 62% of economic crime in South Africa was committed by insiders, Eardley advises that the cost of the system should not be compared to free password authorisation, but against potential losses. Some of the areas in which biometric logons can prevent losses are:

* Fraudulent EFT payments,

* Modifying billing and procurement data,

* Theft of sensitive information,

* Corruption and deletion of data, and

* Costs of downtime, recovery and restoration.


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

TAPA: The role of an effective treasury function in business risk management
June 2019, Technews Publishing , News
Neil Le Roux, the Founder of Diligent Advisors will speak at the TAPA SA (Transported Asset Protection Association) annual conference on 26 July 2019.

From the Editor's desk: No really, take it seriously
July 2019, Technews Publishing , News
Cybersecurity is a topic that has been done to death in the media. The blanket coverage has been so great that people, even the few that realised the danger, have started to gloss over the issue, barely ...

Residential Estate Security Conference 2019
July 2019, Technews Publishing , Calendar of Events
20 August 2019    Indaba Hotel, Fourways, Johannesburg    Following sold-out events in 2017 and 2018, Hi-Tech Security Solutions will once again be hosting a full-day conference covering residential estate ...

iLegal 2019
July 2019, Technews Publishing , Calendar of Events
12 September 2019    Johannesburg, South Africa    iLegal, hosted by Dr Craig Donald and Hi-Tech Security Solutions, returns in 2019 with another full-day event covering insights and advice into a range of ...

Understanding key control systems and best practices
July 2019 , Access Control & Identity Management
The effective implementation of a key control and asset management system can be achieved through best practices to realise decreased operational and financial risk and provide the best value from the application.

XS4 Mini DIN standard
July 2019, Salto Systems Africa , Access Control & Identity Management
The new XS4 Mini maintains the fire rating of the door as no additional drilling of the door is required. It is completely compatible with the DIN 18251 standard fixing instructions.

Ingo Mutinelli moves to IDEMIA
July 2019, Technews Publishing, IDEMIA , Editor's Choice, News
IDEMIA, the security and identity management company has announced that Ingo Mutinelli will be taking on the post of regional sales director for the southern Africa region.

Residential Estate Security Conference 2019: Integrating man and machine for effective security and operations
July 2019, Technews Publishing , Editor's Choice, News, Residential Estate (Industry), Conferences & Events
The Residential Estate Security Conference 2019 will delve into how estates and their service providers can better integrate man and machine for more effective security and operations.

Child fingerprint identification solution
July 2019 , News, Access Control & Identity Management
Gavi, NEC, and Simprints to deploy world’s first scalable child fingerprint identification solution to boost immunisation in developing countries.

Versatile electronic lock cylinders
July 2019, Salto Systems Africa , Products, Access Control & Identity Management
Fully integrated with the SALTO System’s Space and SALTO KS platforms, the new Geo range of electronic cylinders are compact in size, making them a suitable solution for almost any type of door.