Give passwords the finger

May 2017 Financial (Industry), Access Control & Identity Management

Biometrics in its many forms has become standard in many organisations, especially for access control and time and attendance (T&A) functionality. But biometrics can be used for much more.

In a few companies, fingerprint biometrics is also being used to control which employees have access to sensitive areas and sensitive functions where rogue employees are able to fiddle with a company’s finances. Yet, most companies still rely on passwords and ‘traditional’ virtual access control methods to protect bank accounts and accounting packages (and for virtual access on the whole) – most of them without managing the passwords people use or how they go about remembering them.

A few companies have taken the plunge and now use fingerprint biometrics to control access to their premises as well as their virtual premises. Instead of logging on with a password, a swipe of the finger is all it takes. Perhaps the growth of fingerprint access on smartphones has made people more aware of the possibilities.

Yet, despite the obvious security benefits of biometrics, many companies have no plans to change their operational systems to incorpor-ate them, even in sensitive positions. Hi-Tech Security Solutions asked ViRDI SA’s Deon Janse van Rensburg for his take on why this is happening despite the growing global awareness of fingerprint biometrics.

Janse van Rensburg says that he is finding more companies enquiring about the convergence between physical and virtual access control systems. However, the enquiries seldom turn into a rollout. He says there are two main issues preventing virtual biometric access from becoming mainstream: cost and an understanding of how these systems work.

“Any converged system becomes an expensive capex exercise due to the complexity of the system, resulting in many man-hours in configuration and training,” Janse van Rensburg explains. “Users rarely have an idea of this complexity and rarely understand the impact that the deployment of such a solution will have on their businesses from a capex, administration, maintenance, infrastructure layout and IT infrastructure point of view.

“I call it the ‘Hollywood Effect’ and many other disciplines are experiencing the same where expectation rarely meets reality.“

More secure access?

Janse van Rensburg is clear that biometrics does add to the level of security. “As any IT security specialist will tell you, passwords to access computer systems are predictable due to users using passwords that they can remember and that are familiar to them. I recently read an article that provided examples of such predictable passwords which include names of pets, family members, birthdays etc.

“Another issue is that passwords are shared with other people, rendering the security features virtually useless. With fingerprint biometrics and the way the extraction technologies work, this becomes exponentially more difficult as fingerprint templates are extremely complex and should be encrypted to an AES standard.”

Additionally, he notes that since the same optics and algorithms are used for both physical and virtual access control, the virtual systems are as secure as the systems being used for access control and T&A. “The challenge is that physical access control systems, i.e. the biometric terminals, are very rarely the object of targeted malicious software and hacking attacks. This is where the difference lies, virtual systems are under constant hacking attacks and the safeguarding thereof cannot be handled by the biometric devices. If the network security can be breached then the system is vulnerable.”

ViRDI’s virtual access devices

When it comes to the options customers have from ViRDI for virtual access, Janse van Rensburg says the company supplies various PIV/AFIS types of devices – dependent on the application. “Normally we would supply our FOH02 USB reader, but if the client has the requirement for FBI approved PIV/iAFIS devices they would be looking at the FOH04 and V-ScanFB series of devices.

“Our off-the-shelf software is actually a combination of packages. V-Bioguard interacts with Active Directory and replaces the password functionality with fingerprints. It provides a GUI for rights assignment, monitoring and reporting functionality. The second portion of the software solution is the MASS-Server, which allows the identification of a 1:1 000 000 (1:N) fingerprints in under 1 second.”

For more information contact ViRDI Distribution, +27 (0)11 454 6006, deon@virditech.co.za, www.virditech.co.za



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Wireless access control technology
Residential Estate Security Handbook 2020, Salto Systems Africa , Products, Access Control & Identity Management
SALTO has released the NEO Cylinder for doors where fitting an electronic escutcheon is not possible or required.

Read more...
Secure touchless access
Residential Estate Security Handbook 2020, Suprema , Products, Access Control & Identity Management
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes. Secure touchless access.

Read more...
Frictionless fingerprint access
Residential Estate Security Handbook 2020, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact acquires four fingers in 3D for maximum accuracy, with one pass of the hand over the sensor.

Read more...
New products from Boomgate
Residential Estate Security Handbook 2020, BoomGate Systems , Products, Access Control & Identity Management
Boomgate Systems has capitalised on its 21 years of design and manufacturing experience and come up with a range of new products.

Read more...
Facial and palm verification terminal
Residential Estate Security Handbook 2020 , Products, Access Control & Identity Management
Upgraded touchless terminal supports both facial and palm verification with large capacity and speedy recognition, as well as improved performance.

Read more...
Outdoor access terminals
Residential Estate Security Handbook 2020, Suprema , Products, Access Control & Identity Management
Most residential estates require rugged, dust- and weather-proof access control solutions that provide exceptional durability and superior performance in extreme conditions.

Read more...
Integrating security with financial operations
Issue 3 2020, Technews Publishing, Hikvision South Africa, Cathexis Technologies, Axis Communications SA , Financial (Industry)
Hi-Tech Security Solutions approached a number of companies to find out what they are doing to enhance the value their security technology provides to financial companies.

Read more...
Physical access you can bank on
Issue 3 2020, Turnstar Systems , Financial (Industry)
The Citadel Security Portal is designed for use in high-security installations with standard features including automatic operation as well as bullet-resistant glass.

Read more...
T&A for Bank of Ceylon
Issue 3 2020, ZKTeco , Financial (Industry)
Bank of Ceylon deploys ZKTeco technology to centrally manage time and attendance for more than 8500 employees at 628 branches.

Read more...
Know your customer’s face
Issue 3 2020, ZKTeco , Financial (Industry)
Biometric facial recognition is becoming the most powerful way to secure identity verification and authentication.

Read more...