Biometrics is inevitable

September 2010 Access Control & Identity Management

The uptake of biometric identification in the financial world may take time, but it is sure to happen.

The uptake of biometric identification in the financial world may take time, but it is sure to happen.

There are many myths surrounding the Knights Templar and their sometimes legendary, sometimes suspect pursuits. The reason the Templars live on in history is that they became rich and powerful by offering what we call banking services to thirteenth-century customers, and the fact of their grisly demise in the early 1300s.

In those days, travelling between towns and countries was a dangerous affair as there were bandits around every corner ready to carry your valuables away. The Templars allowed travellers to deposit their ‘stuff’ at one monastery and collect the amount from another monastery after showing your proof of deposit – minus a small fee, of course.

Not much has changed. Today’s bandits are still around every corner and inside our financial houses, which still consider their fees small. And while there are many more outlets, from banks themselves, ATMs, credit and debit cards, and the Internet to choose from; the idea is that if you can offer some proof that you are a certain person you can help yourself to that individual’s money.

Things have changed in that criminals today have a broader range of tools and technologies to choose from when helping themselves to other people’s money. In fact, you can steal identities and raid bank accounts from the safety of your computer thousands of kilometres away. Unfortunately, many problems with identity theft and fraud happen in financial companies, perpetrated by the people who work there.

Of course banks try to curb internal crime by trying to ensure only the right people have access and authority to conduct specific transactions and access certain areas and information. Unfortunately, this is normally accomplished using identity cards and, for very secure processes, a combination of cards and PINs or passwords.

Marius Coetzee, COO of Ideco Biometric Security Solutions, is adamant that the use of cards and PINs is an inherently faulty process as they can be shared, copied and stolen. Few employees would consider it fraud to lend their card or access code to someone popping out for lunch. Not much damage in that? One local bank recently paid a R2,5 million price through passwords being shared.

“Using biometric identification is a non-repudiable process that links one identity to whatever business process the person associated with that identity is doing,” Coetzee explains. “You cannot lend your fingerprint, and it cannot be stolen and used without you noticing. So, when a biometric is used to authorise a transaction, that evidence will stand up in court; a lost card or forgotten password will not.

“We will see the use of biometrics increasing in the financial world over the next decade, eventually replacing insecure cards and PINs completely. This will not only happen for financial staff, but the physical and logical transactions of customers as well. Someone can easily steal your card and observe your PIN, but faking a fingerprint or iris is not that easy.”

To ensure security, there are processes surrounding biometrics that must be adhered to in order to ensure biometrics is 100% reliable. The products used must be proven to be reliable and secure, while being easy to use – you do not want people scanning their fingers four or five times before being recognised.

Additionally, the question of interoperability is also crucial. If a customer’s biometric works at one bank’s ATMs, for example, it must work at ATMs from all banks. This means that vested interests need to be put aside and the standards that already exist in the market must be accepted and implemented by all. There will still be brand and application flexibility, but within globally accepted standards.

Coetzee notes that globally accepted and proven standards are also crucial when it comes to privacy concerns in biometrics. All organisations will be happy to have a foolproof method of identifying people, but they need to ensure that their customers can be securely identified in multiple situations without exposing their private details. “This is not all that difficult; it simply means the financial institutions need to be careful in implementing their identification processes.”

The bottom line is that mindsets need to change if an effective identity chain is to be developed. This is not an access control solution that is expanded to include logical sign-on, but an holistic solution covering the enterprise and beyond. There may be resistance from many quarters that will lengthen the process, but to put a barrier between criminals and their targets biometrics is inevitable.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Paxton opens first experience centre in South Africa
Paxton News Access Control & Identity Management
The new Paxton Experience Centre in Johannesburg is now open and welcoming security installers and end users who want to see Paxton’s products in action.

Read more...
Securing a luxurious residential estate
Turnstar Systems Residential Estate (Industry) Access Control & Identity Management
Turnstar Systems recently partnered with Balwin Munyaka Residential Estate to secure the entrance to its Crystal Lagoon, ensuring only authorised residents and guests can access the site.

Read more...
Visitor management via QR code
ATG Digital Access Control & Identity Management Products
ATG Digital has launched its QR Code Reader to enhance access control's security and efficiency. The new QR Code Reader enables seamless, contactless access control, creating an efficient user journey.

Read more...
District secures activity centre
Paxton Access Control & Identity Management Products
Paxton’s Net2 access control solution is a user-friendly and flexible networked access control system, which made installing and managing access control security at an activity centre straightforward.

Read more...
GardaWorld partners with Gallagher
Gallagher Access Control & Identity Management
Access control via facial recognition was at the top of GardaWorld’s wish list, and Gallagher's integration with IDEMIA's VisionPass played a crucial role in delivering a seamless experience.

Read more...
ZK-IWB Series
ZKTeco Products Access Control & Identity Management
Experience the ultimate virtual meeting solution with ZKTeco’s ZK-IWB system. Featuring a built-in 13-megapixel UHD camera and 6-microphone array, the solution ensures clear audio and video experiences with an 8 metre pickup distance.

Read more...
Security for critical industries
ZKTeco Government and Parastatal (Industry) Access Control & Identity Management
The traditional reliance on human observation and physical presence for security is being complemented and, in many cases, replaced by biometric technology to enhance risk management and ensure comprehensive protection.

Read more...
Access to nuclear plants
Suprema Access Control & Identity Management
Korea Hydro & Nuclear Power was in need of a fully redundant access control system that should provide enhanced performance while still being able to interoperate with existing equipment.

Read more...
Secure your site during outages
Paxton Access Control & Identity Management
The PaxLock Pro range is our collection of wireless, battery powered smart door handles. They are efficiently designed to consume minimal energy to operate, and the batteries generally last around two years.

Read more...
Securing data centres and control rooms
Access Control & Identity Management
The demand for data centres and control rooms to store and manage digital information is at an all-time high, however, the rise in cyber threats and physical security risks has raised concerns about how companies can effectively protect these vital infrastructures.

Read more...