Presence establishment - the art of integrating where I am with what I am doing

November 2007 Access Control & Identity Management

The establishment of presence can be defined as the verification of a subject or item’s presence at a specific location, at a specific point in time.

This presence can be the physical presence of a user at the specific location, or a virtual presence such as the presence of a laptop user in Mauritius logged into a VPN mainframe in Dubai. Virtual presence is a field of study all on its own, and will fall outside of the scope of this article. As such the focus will be on the verification of physical presence through subject interactive methodologies.

There are several technologies that facilitate the establishment of user presence. The uses of these techniques are determined by the challenge at hand, and differ greatly in their application. The common denominator of all the available solutions remains the efficiency and accuracy of the verification process. All of the techniques used require the use of a form of unique identification, either through a fact known only to the relevant user, or through the use of a device or physical feature unique to the user.

Protection via password

The most common method of proving presence is through the use of passwords. This method is cheap, easy to implement and requires very little user acceptance as it is non-intrusive and a traditional way of achieving identification. The reasoning behind the use of passwords is that only the relevant user knows the password and that the entry of the password at, for instance, a numeric keypad controlling an access point, proves the presence of the user at that point. This principle is, of course, flawed, as several factors defeat this objective. These factors include the problem that users can distribute their passwords to other users, making it common knowledge and defeating the purpose of such a system. There are also the more romantic issues such as electronic password compromise through system hacking, password injection and password prediction. These factors combine to prove that the establishment of presence through the use of passwords does not completely solve the challenge at hand.

It is commonly believed that the way to enhance the password-based identification method is by issuing the user with a password that the user does not actually need to memorise or even know. This is achieved through the use of mobile password storage devices such as smartcards, radio frequency tags and other such portable smart storage technologies. The user is required to carry the issued device and present the stored password at the specific location by interacting with a device related to the storage medium used – a user carrying a smartcard will swipe the card against a smartcard reader that will read the password stored on the card and initiate certain actions based on business rules.

The principle seems solid, as the user does not need to know the password stored on the card and, thus, cannot compromise the system by distributing the password to other subjects. In addition to this, longer and more complex passwords can be used, as the user is not required to memorise the codes, making it harder to compromise the system electronically. Unfortunately, this method also has some very serious flaws: the clearest of these are that the password is now situated on a physical object that can be stolen, ‘borrowed out’, or lost. A user can wilfully compromise the system by simply handing the card over to another subject. The card can also easily be stolen or lost and later found by another user. All of these factors challenge the use of portable passwords as a solution.

Protection passwords

Simple compromises to address these issues do exist, such as the combination of a password stored on a smartcard with a password known only to the user, but even these techniques are still dependant on user honesty, and can failed all too easily.

The most secure method to date is the use of a technology that cannot be communicated between system users, cannot be stolen or lost and cannot be easily duplicated or electronically compromised. This train of thought led to the creation of the biometric field of science, in which the principle is simple: find a physical trait of the relevant user that is unique and identifiable through electronic means.

This field of study has yielded several biometric technologies that include methods such as electronic fingerprint scanning, facial topology recording, facial feature recording, hand geometry calculation, optical vein mapping, iris vein pattern recording and even the use of voice harmonics. All of these technologies have already proven their worth in the market, and each carry arguments for and against the use of each. The field of biometrics does address the challenges outlined before by ensuring that the identity of the user cannot be mistaken or faked. The feature used to identify the user is a unique physical characteristic that cannot be removed or copied, and will always accompany the user, negating the problem of the user losing the identification mechanism. The technology does, however, face challenges as well: the average user experiences a sense of resistance against the use of these devices, as it is felt that it is intrusive. It also typically requires a more elaborate user enrollment or registration process than the alternative techniques. The informatics and architectural requirements of using biometric systems also require more elaborate, and will as a rule require a longer and more challenging commissioning phase.

Benefits of biometrics

Biometric identification does present the best solution for the establishment of user presence. Among the subset of technologies in this field, fingerprint recognition has the highest cost to efficiency ratio as it offers dependency for a price tag significantly cheaper than the other more sophisticated biometric technologies. It is also easier to implement, and less intrusive than, for instance, iris recognition.

Fingerprint recognition requires some basic technologies to support the implementation of this science. These support infrastructures typically comprise a user registration database, an information backbone of some nature, and the use of computer hardware to facilitate user registration and management. The user presents a finger to a fingerprint scanner, the finger is scanned and either transmitted across the ICT backbone, or verified on the device itself. The fingerprint presence consists of a unique user identification detail (such as an employee code or system generated ID), an indication of which presence point the device is situated at, and an accurate time stamp. This is communicated to a management system, recorded, and used as reference for various business activities. The most common uses of these records are in the areas of physical facility access control and the creation of time and attendance records.

Integration

The integration of biometric establishment of presence technology into human resource management systems was a logical step in addressing user time fraud in the work environment. Fingerprint recognition records are migrated into the timesheet aspect of the client’s existing human resources system and embedded in a format that allows the standard processes to execute with limited or no alteration to established systems. The client gains the benefit of accurate user presence verification without extensive system review and redesign. The use of intelligent support technologies augmenting the deployed biometric technologies have led to the creation of sophisticated capabilities to the benefit of the client. These include the ability to enrol a biometric user in the Cape, but have his records active in Pretoria. Fingerprints are migrated from local sites to central management centres at regional offices, which allow full propagation through the system from any remote point to another. The inclusion of active, realtime business rule sets also allows the client to exert control over user presence and movement with the click of a computer mouse – a person moving into a turnstile can be locked into that turnstile by clicking an icon on a computer generated schematic of the site.

It is clear that the establishment of user presence offered serious challenges in the past, but that the application of biometric identification technologies addresses these challenges very easily. Biometric devices will evolve in future, and as new methods of recognition and digital sensing are created this field of science will offer the user more and more benefits.

For more information contact Alchemist IT, +27 (0)83 418 4939, gregory@alchemistit.co.za, www.alchemistit.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

HID addresses identification challenges at ID4Africa
August 2019 , News, Access Control & Identity Management, Government and Parastatal (Industry)
Being able to verify people’s identities is critical for a nation’s growth and prosperity and yet HID says nearly half of all African citizens can’t prove who they are to vote, travel freely and receive government benefits and services.

Read more...
Came acquires Turkish company Özak
August 2019, CAME BPT South Africa , News, Access Control & Identity Management
Came broadens its market horizons and signals growth and consolidation in the Middle East.

Read more...
The benefits of electronic visitor management
August 2019, Powell Tronics , Access Control & Identity Management, Residential Estate (Industry)
Access control is a critical aspect of estate security as it represents the controls put in place to restrict entry (and possibly exit) along the outer boundary of the location.

Read more...
Addressing risks by means of access control layout and design
August 2019 , Access Control & Identity Management, Security Services & Risk Management
In order to develop a suitable, practical and appropriate security system for any organisation, it is essential to first develop a master security and life safety plan strategy.

Read more...
Secure hands-free access
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry)
Suprema’s facial biometric terminals bring no-touch access into secure residential estates, high-rise apartments and luxury homes providing fast, easy and intuitive user authentication with the added benefit of hygiene.

Read more...
MorphoAccess Sigma Extreme
August 2019, IDEMIA , Products, Access Control & Identity Management
MorphoAccess Sigma Extreme from IDEMIA is a touchscreen device with multiple recognition device interfaces (NFC chip reader, PIN and BioPIN codes, contactless card readers).

Read more...
Outdoor access terminals
August 2019, Suprema , Access Control & Identity Management, Residential Estate (Industry), Products
Rugged, dust- and weather-proof access control solutions that provide exceptional durability in extreme conditions is a strong requirement for many residential estates.

Read more...
MorphoWave Compact
August 2019, IDEMIA , Products, Access Control & Identity Management
The MorphoWave Compact captures and matches four fingerprints on either the right or left hand in any direction. It is robust to environmental factors such as extreme light or dust.

Read more...
MorphoAccess Sigma Lite
August 2019, IDEMIA , Products, Access Control & Identity Management
IDEMIA’s MorphoAccess Sigma Lite and Lite + are fingerprint access control terminals, offering time and attendance in and out function keys.

Read more...
Eliminating forced gate opening scenarios
August 2019, ET Nice , Home Security, Access Control & Identity Management
When activated by the gate forced open alarm feature, the transmitter transmits a wireless alarm signal up to 750 metres in any direction.

Read more...