Presence establishment - the art of integrating where I am with what I am doing

Access & Identity Management Handbook 2007 Access Control & Identity Management

The establishment of presence can be defined as the verification of a subject or item’s presence at a specific location, at a specific point in time.

This presence can be the physical presence of a user at the specific location, or a virtual presence such as the presence of a laptop user in Mauritius logged into a VPN mainframe in Dubai. Virtual presence is a field of study all on its own, and will fall outside of the scope of this article. As such the focus will be on the verification of physical presence through subject interactive methodologies.

There are several technologies that facilitate the establishment of user presence. The uses of these techniques are determined by the challenge at hand, and differ greatly in their application. The common denominator of all the available solutions remains the efficiency and accuracy of the verification process. All of the techniques used require the use of a form of unique identification, either through a fact known only to the relevant user, or through the use of a device or physical feature unique to the user.

Protection via password

The most common method of proving presence is through the use of passwords. This method is cheap, easy to implement and requires very little user acceptance as it is non-intrusive and a traditional way of achieving identification. The reasoning behind the use of passwords is that only the relevant user knows the password and that the entry of the password at, for instance, a numeric keypad controlling an access point, proves the presence of the user at that point. This principle is, of course, flawed, as several factors defeat this objective. These factors include the problem that users can distribute their passwords to other users, making it common knowledge and defeating the purpose of such a system. There are also the more romantic issues such as electronic password compromise through system hacking, password injection and password prediction. These factors combine to prove that the establishment of presence through the use of passwords does not completely solve the challenge at hand.

It is commonly believed that the way to enhance the password-based identification method is by issuing the user with a password that the user does not actually need to memorise or even know. This is achieved through the use of mobile password storage devices such as smartcards, radio frequency tags and other such portable smart storage technologies. The user is required to carry the issued device and present the stored password at the specific location by interacting with a device related to the storage medium used – a user carrying a smartcard will swipe the card against a smartcard reader that will read the password stored on the card and initiate certain actions based on business rules.

The principle seems solid, as the user does not need to know the password stored on the card and, thus, cannot compromise the system by distributing the password to other subjects. In addition to this, longer and more complex passwords can be used, as the user is not required to memorise the codes, making it harder to compromise the system electronically. Unfortunately, this method also has some very serious flaws: the clearest of these are that the password is now situated on a physical object that can be stolen, ‘borrowed out’, or lost. A user can wilfully compromise the system by simply handing the card over to another subject. The card can also easily be stolen or lost and later found by another user. All of these factors challenge the use of portable passwords as a solution.

Protection passwords

Simple compromises to address these issues do exist, such as the combination of a password stored on a smartcard with a password known only to the user, but even these techniques are still dependant on user honesty, and can failed all too easily.

The most secure method to date is the use of a technology that cannot be communicated between system users, cannot be stolen or lost and cannot be easily duplicated or electronically compromised. This train of thought led to the creation of the biometric field of science, in which the principle is simple: find a physical trait of the relevant user that is unique and identifiable through electronic means.

This field of study has yielded several biometric technologies that include methods such as electronic fingerprint scanning, facial topology recording, facial feature recording, hand geometry calculation, optical vein mapping, iris vein pattern recording and even the use of voice harmonics. All of these technologies have already proven their worth in the market, and each carry arguments for and against the use of each. The field of biometrics does address the challenges outlined before by ensuring that the identity of the user cannot be mistaken or faked. The feature used to identify the user is a unique physical characteristic that cannot be removed or copied, and will always accompany the user, negating the problem of the user losing the identification mechanism. The technology does, however, face challenges as well: the average user experiences a sense of resistance against the use of these devices, as it is felt that it is intrusive. It also typically requires a more elaborate user enrollment or registration process than the alternative techniques. The informatics and architectural requirements of using biometric systems also require more elaborate, and will as a rule require a longer and more challenging commissioning phase.

Benefits of biometrics

Biometric identification does present the best solution for the establishment of user presence. Among the subset of technologies in this field, fingerprint recognition has the highest cost to efficiency ratio as it offers dependency for a price tag significantly cheaper than the other more sophisticated biometric technologies. It is also easier to implement, and less intrusive than, for instance, iris recognition.

Fingerprint recognition requires some basic technologies to support the implementation of this science. These support infrastructures typically comprise a user registration database, an information backbone of some nature, and the use of computer hardware to facilitate user registration and management. The user presents a finger to a fingerprint scanner, the finger is scanned and either transmitted across the ICT backbone, or verified on the device itself. The fingerprint presence consists of a unique user identification detail (such as an employee code or system generated ID), an indication of which presence point the device is situated at, and an accurate time stamp. This is communicated to a management system, recorded, and used as reference for various business activities. The most common uses of these records are in the areas of physical facility access control and the creation of time and attendance records.

Integration

The integration of biometric establishment of presence technology into human resource management systems was a logical step in addressing user time fraud in the work environment. Fingerprint recognition records are migrated into the timesheet aspect of the client’s existing human resources system and embedded in a format that allows the standard processes to execute with limited or no alteration to established systems. The client gains the benefit of accurate user presence verification without extensive system review and redesign. The use of intelligent support technologies augmenting the deployed biometric technologies have led to the creation of sophisticated capabilities to the benefit of the client. These include the ability to enrol a biometric user in the Cape, but have his records active in Pretoria. Fingerprints are migrated from local sites to central management centres at regional offices, which allow full propagation through the system from any remote point to another. The inclusion of active, realtime business rule sets also allows the client to exert control over user presence and movement with the click of a computer mouse – a person moving into a turnstile can be locked into that turnstile by clicking an icon on a computer generated schematic of the site.

It is clear that the establishment of user presence offered serious challenges in the past, but that the application of biometric identification technologies addresses these challenges very easily. Biometric devices will evolve in future, and as new methods of recognition and digital sensing are created this field of science will offer the user more and more benefits.

For more information contact Alchemist IT, +27 (0)83 418 4939, gregory@alchemistit.co.za, www.alchemistit.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Elvey exclusive Aiphone distributor
Issue 3 2020, Elvey Security Technologies , Access Control & Identity Management
Aiphone has appointed the Elvey Group as its official distributor in South Africa with effect from 1 April 2020.

Read more...
HID Global unveils new line of readers
Issue 3 2020, HID Global , Access Control & Identity Management
HID Global announced the launch of HID Signo, its signature line of readers that creates an adaptable, interoperable and secure approach to access control.

Read more...
Secure cash with biometrics
Issue 3 2020, Suprema , Access Control & Identity Management
Instead of relying solely on PINs, keys and passwords, integrate biometrics into cash handling solutions, such as cash vaults, safes, cash drawers, ATMs and cash-in-transit vehicles.

Read more...
The future of biometrics
Issue 3 2020, ViRDI Distribution SA , Access Control & Identity Management
Deon Janse Van Rensburg discusses the impact of COVID-19 on the biometric market and how it may change biometrics in the future.

Read more...
Frictionless access control
Issue 3 2020, IDEMIA , Access Control & Identity Management
IDEMIA integrates MorphoWave Compact with Digicon dFlow speedgates to secure employees’ access with contactless fingerprint recognition.

Read more...
A door to fresh produce
Issue 3 2020 , Access Control & Identity Management
Maxiflex’s electrically operated sectional doors, swing lip dock levellers and strip curtains streamline traffic flow and deliver temperature control at Evergreens Fresh Market.

Read more...
Facial recognition in under one second
Issue 3 2020, ZKTeco , Access Control & Identity Management
The upgraded ProFace product line is designed to deal with all kinds of scenarios, powered by the latest ZKTeco customised CPU.

Read more...
Are your employees at work?
Issue 3 2020, Secutel Technologies , Access Control & Identity Management
Organisations, big or small, often find that managing the time and attendance of their employees is a tedious, time-consuming and costly exercise.

Read more...
SALTO KS reaches 100 000 access points
Issue 3 2020, Salto Systems Africa , Access Control & Identity Management
SALTO Systems has reached a milestone of 100 000 access points for its cloud-based KS Keys as a Service solution.

Read more...
XDS offers Web-based facial recognition
Issue 3 2020 , Access Control & Identity Management
Xpert Decision Systems has launched a web-based facial recognition customer on-boarding solution, reducing the potential of third-party fraud.

Read more...