Give digital the finger

August 2012 Access Control & Identity Management

Regular readers will have read countless articles in Hi-Tech Security Solutions dealing with access control and the dangers of traditional means of access, in other words, cards, passwords, tokens and PINs. We have also carried a few articles of logical access control, where we look at the current ease with which people can log into corporate computers and access sensitive applications, such as accounting systems, for their own nefarious purposes.

You will also have read some articles expounding how useless passwords and PINs are as an identification and authentication mechanism. In fact, in this issue we have an article highlighting the enormous amounts stolen, seemingly with ease, by insiders in companies globally. One of the startling facts in the article is that more than half of the stolen money is never recovered – so much for insurance.

SuperVision Biometric Systems has come up with a solution to this problem that costs about R100 per user per month. The solution, SuperSign, is a biometric logon application that works with most biometric readers. The software, developed by SuperVision, streamlines the process of registering users and authorising applications and transactions via a fingerprint.

In the demonstration Hi-Tech Security Solutions attended, SuperVision’s partner, BCX put SuperSign through its paces. The biometric device used was the MorphoSmart 1300 fingerprint reader which can be easily attached to a computer via a USB port.

BCX’s Alexander Botha explains that the system works with the normal directories companies use, such as Active Directory or Novell’s eDirectory. To keep these corporate assets safe, the SuperSign software handles the capturing of users’ biometrics and the assignment of permissions. Everything is controlled by biometric scans to ensure the accuracy of the process.

Biometric verification

Assigning permissions and access to specific digital assets is done via a drag and drop process, or users can be assigned the same permissions as other users with a click. Additionally, when a user needs to be loaded onto the system, two additional, authorised employees will have to verify the process.

For example, when the user is enrolled, someone will need to authorise the process and permissions assigned to the individual and capture their biometrics, while a third party will act as a witness, again via biometrics, before the process is complete.

When the user logs on for the first time, the system changes his default password to ensure that nobody knows what it is, preventing criminals from bypassing the biometric logon. Naturally, the administrators have overall control as usual, but also through their own biometrics. This process ensures there are no passwords written on Post-It notes or pasted under keyboards where they can be easily accessed.

SuperSign goes further in that it will also apply the same logon process to any applications the user opens that need an additional password, such as the accounting system. Once again the initial password assigned to the user is changed to ensure nobody can use his/her credentials to access the system as that user. All these logon processes are controlled from the SuperSign software.

In addition, companies can also apply these processes to Web applications, such as Internet banking or even social media sites like Facebook if they feel the need to track who uses these applications.

Clear audit trail

Botha says the system not only ensures that passwords cannot be copied, stolen or given to someone else, but by using fingerprints, a clear identity trail is created and stored in case it is needed. When using passwords, tokens, PINS or cards to log onto applications and authorise transactions, users verify the traditional ‘something you have’ and/or ‘something you know’ (both for two-factor authentication), but they do not verify who they are.

SuperVision’s Mark Eardley notes that when people are called onto the carpet after fraud has been committed with their password or card credentials, they can simply say they didn’t do it and there are few ways to prove they were there when the credentials were entered.

With biometric logon processes, the person can’t claim innocence as it is impossible to steal someone’s finger. In extreme cases where people may do so, the better biometric readers can detect if a finger is not attached to a living person. This leaves an indisputable identity chain, showing everything the user did on the system, time and date stamped.

The software is also tiered, meaning the user must first logon to Windows before they can access an application if the company so desires. This will prevent someone leaning over a colleague’s shoulder to authorise a transaction or other activities that have stringent security protocols.

When linked to physical access control systems, security is even tighter. The system can be extended to ensure that people can’t logon to their workstation if they haven’t entered the building and it can even automatically log them out when they leave the building.

As noted, the system can be leased at around R100 per month per user. This includes the full service of software, hardware, installation, training and maintenance. The SuperSign software is light on resources meaning a laptop attached to the server will suffice for medium-sized organisations.

SuperSign has already been installed in a few organisations, such as the Department of Agriculture and Fisheries, as well as the Department of Rural Development and Land Reform.

Given that a 2009 survey found that 62% of economic crime in South Africa was committed by insiders, Eardley advises that the cost of the system should not be compared to free password authorisation, but against potential losses. Some of the areas in which biometric logons can prevent losses are:

* Fraudulent EFT payments,

* Modifying billing and procurement data,

* Theft of sensitive information,

* Corruption and deletion of data, and

* Costs of downtime, recovery and restoration.


Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Securing perimeters of secure locations
November 2019, Axis Communications SA, Modular Communications, Hikvision South Africa, Nemtek Electric Fencing Products, Technews Publishing, Stafix , Government and Parastatal (Industry), Perimeter Security, Alarms & Intruder Detection, Integrated Solutions
Hi-Tech Security Solutions asked a number of companies offering perimeter security solutions for their insights into protecting the boundaries of national key points.

2020 Residential Estate Security Conference in KZN
October 2019, Technews Publishing , News, Residential Estate (Industry)
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

From the editor's desk: What a year it has been!
November 2019, Technews Publishing , News
We’ve made it to the last issue of 2019. This year has been a tough one for the local security industry with almost everyone feeling the effects of the poor economy that shows no signs of recovery. Naturally ...

November 2019, Technews Publishing , Calendar of Events
Sicurezza Fiera Milano, Italy 13 – 15 November 2019 Sicurezza 2019 is ready to continue its international development, which has turned it into a major European event for the security & fire industry. ...

2020 Residential Estate Security Conference in KZN
November 2019, Technews Publishing , Editor's Choice
Meeting the residential security challenges in 2020 and beyond: Hi-Tech Security Solutions will host the Residential Estate Security Conference 2020 in Durban on 12 March 2020.

A brighter future
November 2019, NEC XON, Technews Publishing , Editor's Choice
NEC XON hosted its annual summit in October 2019 at Sun City under the banner of ‘Orchestrating a Brighter World’.

Biometrics: the game changer in access control
November 2019, IDEMIA , Access Control & Identity Management
For security managers, the question is no longer, should I use biometrics, but rather, which biometrics should I use.

ViRDI UBio Tab 5
November 2019 , Access Control & Identity Management
ViRDI Distribution SA (ViRDI Africa) has announced the release of its long-awaited UBio Tablet to the South African market.

Surveillance augmented by technology and people
November 2019, Technews Publishing , CCTV, Surveillance & Remote Monitoring, Conferences & Events
iLegal 2019 examined how the surveillance industry is being enhanced through the intelligent integration of the latest technology and the best people have to offer.

Cloud-based access control
November 2019, Elvey Security Technologies , Access Control & Identity Management
Hattrix is a flexible and scalable security platform that marks a shift toward outsourcing security, similar to other services such as IT, HR, and legal services.