NFC works well with biometrics

October 2013 Access Control & Identity Management

Multiple factors of authentication, including biometrics, can increase the probability that an individual presenting a card to a reader is the same person to whom the card was initially issued. Biometrics authenticates identity by measuring and verifying an individual’s unique physical characteristics, such as fingerprints, hand and face geometry, or patterns found in the eye’s iris. Since these identifiers can’t be borrowed or stolen, biometrics provide identity authentication with a strong degree of confidence.

Until recently, biometric templates, such as those for iris recognition, were carried on a plastic credential and presented for authentication by holding the card in front of an iris recognition camera. Now, these same templates can be carried inside an NFC-enabled smartphone along with other digital ID credentials for physical and logical access control.

John Fenske, VP of product marketing with HID Global.
John Fenske, VP of product marketing with HID Global.

Going mobile

Several trends are driving the adoption of physical and logical access control on smartphones and other mobile devices. The first is the inclusion of NFC technology on smartphones, which provides an industry-standard short-range wireless link for exchanging access control data across a several-centimetre distance so users can “present” credentials carried on their phones to a reader. As the NFC mobile payment model grows in popularity, it drives further demand for NFC phones which can also be used in physical access control applications. Smartphones that do not feature NFC technology can be securely upgraded to this capability by using an NFC-enabled add-on device such as a microSD card.

Additionally, there is now a new type of identity representation that operates within a trusted boundary and uses the NFC-enabled smartphone’s secure element -- usually an embedded tamper-proof integrated circuit, or a plug-in module version called a subscriber identity module (SIM). This setup ensures that all transactions between NFC-enabled smartphones, SIM cards and other secure media devices can also be trusted inside the access-control managed network.

Within this trusted boundary, organisations can provision mobile access control credentials in either of two very secure and convenient ways. One is to connect the mobile device to the network via a USB or Wi-Fi-enabled link and use an Internet portal, similar to how traditional plastic credentials are provisioned. The second option is to issue digital credentials over-the-air via a mobile network operator, in much the same way that today’s smartphone users download apps and songs. To do this, the NFC-enabled smartphone communicates with a Trusted Service Manager (TSM), which interfaces either directly to the mobile network operator (MNO) or to its TSM so that a key can be delivered to the smartphone’s SIM card.

The mobile access model offers a number of benefits. It eliminates credential copying, and makes it easier to issue temporary credentials as needed, cancel credentials if a device is lost or stolen, and monitor and modify security parameters when required. The mobile model is also ideal for converged physical and logical access, enabling smartphones to be used for multiple applications including cashless vending, opening residential locks, accessing an on-line physical access control reader, entering a building protected by an NFC-enabled electromechanical lock, logging on to a PC, generating OTP software tokens to log onto network devices, and implementing biometric authentication.

How biometrics work

Biometrics verify that a card holder has been bound to his or her card, using something that can only be possessed by the person to whom the card was issued. Biometric data is unique to each individual and cannot be forgotten, lost or stolen. Because of this, biometric technology offers enhanced security as compared to conventional identification methods. It does not rely on passwords, pin codes or photographic ID, and is too complex to forge. Biometrics are generally used as part of a verification system (which checks a biometric that has been presented by an individual against the biometric in a database linked to that person’s file – also known as a one-to-one system), or an identification system (referred to as one-to-many systems because they are used to identify an unknown person or biometric).

Biometrics has long been used by the federal government and is a key element of the latest federal identity standards. For instance, the Department of Defence (DoD) has incorporated biometrics into the common access card (CAC) that controls entry to DoD facilities and information systems. Biometrics is also an integral part of the latest identity credentials for federal agency employees and contractors.

In 2005, the National Institute of Standards and Technology (NIST) released Federal Information Processing Standards Publication 201 (FIPS 201), which defined the identity vetting, enrolment and issuance requirements for a common, highly secure identity credential called the Personal Identity Verification (PIV) card that leverages both smart card and biometric technology. In 2006, FIPS 201-1 further specified that a facial image, as well as fingerprint biometrics, be included on PIV cards.

https://www.hidglobal.com/blog/biometrics-move-smart-cards-and-smartphones-access-control

For more information contact HID Global, +27 (0)82 449 9398,

rtruter@hidglobal.com, www.hidglobal.com




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

HID addresses identification challenges at ID4Africa
August 2019 , News, Access Control & Identity Management, Government and Parastatal (Industry)
Being able to verify people’s identities is critical for a nation’s growth and prosperity and yet HID says nearly half of all African citizens can’t prove who they are to vote, travel freely and receive government benefits and services.

Read more...
Came acquires Turkish company Özak
August 2019, CAME BPT South Africa , News, Access Control & Identity Management
Came broadens its market horizons and signals growth and consolidation in the Middle East.

Read more...
The benefits of electronic visitor management
August 2019, Powell Tronics , Access Control & Identity Management, Residential Estate (Industry)
Access control is a critical aspect of estate security as it represents the controls put in place to restrict entry (and possibly exit) along the outer boundary of the location.

Read more...
Addressing risks by means of access control layout and design
August 2019 , Access Control & Identity Management, Security Services & Risk Management
In order to develop a suitable, practical and appropriate security system for any organisation, it is essential to first develop a master security and life safety plan strategy.

Read more...
Secure hands-free access
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

Read more...
MorphoAccess Sigma Extreme
August 2019, IDEMIA , Products, Access Control & Identity Management
MorphoAccess Sigma Extreme from IDEMIA is a touchscreen device with multiple recognition device interfaces (NFC chip reader, PIN and BioPIN codes, contactless card readers).

Read more...
Outdoor access terminals
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry), Products
Rugged, dust- and weather-proof access control solutions that provide exceptional durability in extreme conditions is a strong requirement for many residential estates.

Read more...
MorphoWave Compact
August 2019, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact captures and matches four fingerprints on either the right or left hand in any direction. It is robust to environmental factors such as extreme light or dust.

Read more...
MorphoAccess Sigma Lite
August 2019, IDEMIA , Products, Access Control & Identity Management
IDEMIA’s MorphoAccess Sigma Lite and Lite + are fingerprint access control terminals, offering time and attendance in and out function keys.

Read more...
Eliminating forced gate opening scenarios
August 2019, ET Nice , Home Security, Access Control & Identity Management
When activated by the gate forced open alarm feature, the transmitter transmits a wireless alarm signal up to 750 metres in any direction.

Read more...