Breakthrough in biometric token replay

August 2003 Access Control & Identity Management

The RAU-Standard Bank Academy for Information Technology recently achieved a breakthrough in the replay of biometric tokens. One of the major problems of sending any biometric token over a network, and specifically a public network like the Internet, is that if the token is intercepted (sniffed), it can be replayed even if the token had been encrypted.

This possibility of replaying such a token, of course gives rise to serious risks, because the user cannot replace the token or choose a new one - the specific biometric token is uniquely linked to the user. If a user's right thumb biometric token is compromised he cannot choose another right thumb - the token is permanently compromised.

To date it was not possible to recognise a replayed biometric token as such. This is one of the main reasons why biometric tokens (fingerprints, iris prints, retinal prints, palm prints, etc) are not yet used as widely as the technology of biometrics deserves. The Academy's system, known as BioVault, aims to solve this inherent problem. A recent product demonstration showed how a biometric token, in this case a fingerprint, was sent over a network, and compromised by being intercepted (sniffed) during transmission without the knowledge of the user.

The intercepted biometric token was then replayed. When this sniffed token was replayed with BioVault switched off, the replayed (masquerading) token was accepted as an original. When BioVault was switched on, the replayed (sniffed) token was immediately rejected as a replay.

The RAU has taken out a provisional patent on the underlying algorithm used in BioVault. At least two advanced post graduate projects are presently active to thoroughly test the characteristics of BioVault, and then to expand its use.

For more information contact Prof Basie von Solms, RAU, 011 489 2843, basie@rkw.rau.ac.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Smart intercoms are transforming access control
Access Control & Identity Management Products & Solutions
Smart intercoms have emerged as a pivotal tool in modern access control. They provide a seamless and secure way to manage entry points without the need for traditional security guards to validate visitors before granting them access.

Read more...
Easy, secure access for student apartments
Paxton Access Control & Identity Management Surveillance
Enhancing Security and Convenience at Beau Vie II Student Accommodation, a student apartment block located at Banghoek Road, Stellenbosch, with Paxton's access control and video management solution

Read more...
Invixium acquires Triax Technologies
News & Events Access Control & Identity Management
Invixium has announced it has acquired Triax Technologies to expand its biometric solutions with AI-based RTLS (Real-Time Location Systems) offering for improved safety and productivity at industrial sites and critical infrastructure.

Read more...
ControliD's iDFace receives ICASA certification
Impro Technologies News & Events Access Control & Identity Management
The introduction of Control iD's iDFace facial biometric reader, backed by mandatory ICASA certification, underscores the commitment to quality, compliance, and innovation.

Read more...
The future of workplace access
HID Global Access Control & Identity Management
Mobile credentials are considerably more secure than physical access control, because they eliminate the need for physical cards or badges, support multiple security protocols, and add layers of protection on top of basic card encryption.

Read more...
Integrated, mobile access control
SA Technologies Entry Pro Technews Publishing Access Control & Identity Management
SMART Security Solutions spoke to SA Technologies to learn more about what is happening in the estate access world and what the company offers the residential estate market.

Read more...
Bespoke access for prime office space
Paxton Access Control & Identity Management Residential Estate (Industry)
Nicol Corner is home to a six-star fitness club, prime office space, and an award-winning rooftop restaurant. It is also the first building in South Africa to have its glass façade fully incorporate fritted glazing, saving 35% on energy consumption.

Read more...
Next-generation facial recognition access control system
Enkulu Technologies Products & Solutions Access Control & Identity Management Residential Estate (Industry)
With a modern and innovative design, iDFace is the ideal device for monitoring and controlling people entering and exiting a building using facial recognition technology, including liveness detection, for enhanced security.

Read more...
Long-distance vehicle identification
Products & Solutions Access Control & Identity Management Residential Estate (Industry)
The STid SPECTRE reader can identify vehicles up to 14 metres away, across four traffic lanes, ensuring secure access to an estate without disrupting the traffic flow.

Read more...