Finger Vein digital biometric signature: use cases



Similar documents
Authentication Levels. White Paper April 23, 2014

Biometric Electronic Signaturein a Bank Biometryczny podpis elektroniczny w kontekście banku

esign Online Digital Signature Service

The Convergence of IT Security and Physical Access Control

Trends in Finger Vein Authentication and Deployment in Europe

View from a European Trust Service Provider Server Signing: Return of experience and certification strategy

The Convergence of IT Security and Physical Access Control

CoSign by ARX for PIV Cards

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

Advanced Authentication

Security Model in E-government with Biometric based on PKI

French Justice Portal. Authentication methods and technologies. Page n 1

Moving to Multi-factor Authentication. Kevin Unthank

esign FAQ 1. What is the online esign Electronic Signature Service? 2. Where the esign Online Electronic Signature Service can be used?

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Electronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust

Strong authentication of GUI sessions over Dedicated Links. ipmg Workshop on Connectivity 25 May 2012

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

Using Entrust certificates with VPN

solutions Biometrics integration

Mobile OTPK Technology for Online Digital Signatures. Dec 15, 2015

Strong Authentication: Enabling Efficiency and Maximizing Security in Your Microsoft Environment

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

A brief on Two-Factor Authentication

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

22 nd NISS Conference

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

Guide to Obtaining Your Free WISeKey CertifyID Personal Digital Certificate (Personal eid) WISeKey 2010 / Alinghi 2010 Smartcards

A Conceptual Model of Practitioner Authentication Prior to Providing Telemedicine Services in Developing Countries

TouchPay Enabling the Future of Payments. Concept Document Stadium Ticketing and Registration Solutions

Biometric SSO Authentication Using Java Enterprise System

Hospital Certified Electronic Health Record (EHR) Technology Questionnaire

Enhancing Web Application Security

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Card Management System Integration Made Easy: Tools for Enrollment and Management of Certificates. September 2006

Jrsys International Corp.

MyKey is the digital signature software governed by Malaysia s Digital Signature Act 1997 & is accepted by the courts of law in Malaysia.

SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

EXPLORING SMARTCARDS: AN INDEPENDENT LOOK TO TECHNOLOGIES AND MARKET

Managed Portable Security Devices

Page 1. Smart Card Applications. Lecture 7: Prof. Sead Muftic Matei Ciobanu Morogan. Lecture 7 : Lecture 7 : Smart Card Applications

Aadhaar. Security Policy & Framework for UIDAI Authentication. Version 1.0. Unique Identification Authority of India (UIDAI)

Strong Authentication for Secure VPN Access

Authentication Scenarios India. Ramachandran

PostFiles. The file sharing and synchronization solution dedicated to professionals.

SAFE Digital Signatures in PDF

Improving Online Security with Strong, Personalized User Authentication

Multi-Factor Authentication of Online Transactions

ENHANCING ATM SECURITY USING FINGERPRINT AND GSM TECHNOLOGY

Physical Security: A Biometric Approach Preeti, Rajni M.Tech (Network Security),BPSMV preetytushir@gmail.com, ratri451@gmail.com

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Biometrics: Advantages for Employee Attendance Verification. InfoTronics, Inc. Farmington Hills, MI

Electronic Citizen Identities and Strong Authentication

Document Digital Signature

DIGIPASS KEY series and smart card series for Juniper SSL VPN Authentication

The concept of biometric digital signatures based on Hitachi activities in Japan

Secure Web Access Solution

CryptoNET: Security Management Protocols

QR Code for Digital Signature Online/Offline Payment. James Wu 1

Executive Summary P 1. ActivIdentity

Arkansas Department of Information Systems Arkansas Department of Finance and Administration

Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Shakambaree Technologies Pvt. Ltd.

AADHAAR E-KYC SERVICE

Multifactor authentication systems Jiří Sobotka, Radek Doležel

NFC & Biometrics. Christophe Rosenberger

MEDITECH CUSTOMERS & THE OIG QUESTIONNAIRE

Two-Factor Authentication: Tailor-Made for SMS

id center definitely with biometrics strong authentication

FBZ General Information. Cloud Mobile Banking 13,10,14-5. Copyright FBZ All rights reserved

Secured Signing for Documents

Deploying Smart Cards in Your Enterprise

IDRBT Working Paper No. 11 Authentication factors for Internet banking

A Guide to New Features in Propalms OneGate 4.0

Secure Data Exchange Solution

Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology

VeriSign PKI Client Government Edition v 1.5. VeriSign PKI Client Government. VeriSign PKI Client VeriSign, Inc. Government.

RAPIDS Self Service User Guide

ISM/ISC Middleware Module

PalmSecureID for the EDUCATION MARKETPLACE

How Secure is Authentication?

Secure web transactions system

PrivateServer HSM Integration with Microsoft IIS

Frost & Sullivan. Publisher Sample

Secure your Privacy. jrsys, Inc. All rights reserved.

White Paper. The risks of authenticating with digital certificates exposed

IBM Security Access Manager for Enterprise Single Sign-On Version User Guide IBM SC

Global network of innovation. Svein Arne Lindøe Arnfinn Strand Security Competence Center Scandic Siemens Business Services (Norway)

Your responses will be saved every time you click the NEXT button.

ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management

Biometric Authentication using Online Signature

eid Security Frank Cornelis Architect eid fedict All rights reserved

Transcription:

Finger Vein digital biometric signature: use cases Arkadiusz Buroń Presales & Account Director Information Systems Group Serock, 2015-09-23

Agenda 1. Introduction to Finger Vein technology 2. Digital biometric signature and its applications 3. Finger Vein BioPKI server-based biometric signature 4. Finger Vein B-1 card-based biometric signature 5. Summary 1

1. Introduction to Finger Vein technology 2

Why Finger Vein in banking? Technology made for banking (Japan, 2004) Highest security level (FAR < 0,0001%) Fully protects customers privacy High acceptance by bank s customers (>85%) Positive feedback from personal data protection organizations as for use in banking Complete solution, fully adapted to the needs of banks in Europe (security, working conditions) The biggest amount of references in Europe and the world (hundreds of banks, millions of users) Compatibility of implemented solutions (templates, system) possibility to connect systems The world s first biometric technology allowing electronic signing of the documents

The way Finger Vein works During acquisition the comparison of the template, individual differences, varation of width of blood veins and differences in the positioning of the finger are taken into account. Comparison of the finger with registered reference template takes place on the Finger Vein biometric reader on on the chip card. Comparison of the finger with registered reference template takes place in real time (is not based on vector comparison, as in the case of fingerprints) 4

Finger Vein applications in banking Long-time presence on the market allowed to develop a range of readers allowing the implementation of Finger Vein technology in wide range of banking services, wherever strong authentication of the identity declared by customer is required. BRANCHES ATMs CORPORATE BANKING FRANCHISE BRANCHES ACCESS CONTROL BIOMETRIC SIGNATURE DEPOSIT BOXES POS VTM 5

Security level Comparison with other authorization methods Finger Vein + PKI Complete identity confirmation Finger Vein / iris Complete identity confirmation Token (SecurID) One-time passwords (OTP) login / pass Fingerprint (np.. Apple Pay) NFC Payment volume 6

Selected references in financial sector BPS Group / SGB Group Biometric withdrawals from ATMs (including social benefits) in Polish cooperative banks (Poland) Bank BPH Biometric authentication of identity (branch without ID), cash transactions and operations in bank branches (Poland) Turkiye IS Bankasi The largest network of 3000 ATMs with biometric authentication - the Biyokilmlik service (Turkey) Getin Bank Biometric authentication of identity and transactions in new Getin Up branches and Getin Point self-service branches (Poland) Banque Accord Implementation of Finger Vein biometric payments in Auchan stores (France) Planet Cash Europe s first ATM network enabling biometric withdrawals to the customers of various banks (Poland) Barclays Bank Finger Vein authentication system in corporate and internet banking in Barclays Bank (UK) Finger Vein in Japan The largest biometric project in the world over 80 thousand ATMs, over 80% of Finger Vein share in the market (Japan) New York s Shinkin Central Bank Implementation of Finger Vein biometric access control to most protected areas (USA) 7

2. Digital biometric signature and its applications 8

Definition of digital biometric signature Digital biometric signature is a combination of biometric technology with PKI infrastructure, to ensure the integrity of the signed document by the use of biometrics to authenticate access to cryptographic keys by which the classic electronic signature is made. Biometric signature can be implemented in two models: Server-based Model Private key of the user is stored on bank s servers or servers of trusted thord party Finger Vein BioPKI Card-based Model Private key of the user is stored on the chip card Finger Vein B-1 9

Finger Vein biometric signature models Server-based Model Finger Vein BioPKI Area of application: bank s own branches network partner s branches network mobile advisor self-service bank branches (VTM) Scope of application: signing of documents between Bank and Customer (agreements, applications, etc.), both by the Customer and employee of the Bank signing of internal documentation by the employye of the Bank Example of implementation: Getin Bank Authorization of access to the private keys, stored in the central HSM in the Bank, through the Finger Vein biometric technology. Card-based Model Finger Vein B-1 Area of application: corporate banking (corporate customers and SME) internet banking for retail and private banking customer Scope of application: Login to electornic banking platform Authorization of transactions and signing of documents in the remote channels (on the electronic banking platform) Example of implementation: Barclays Bank Authorization of access to the private keys, stored on the user s chip card, through the Finger Vein biometric technology. 10

Finger Vein biometric signature and handwritten signature biometrics 11

3. Finger Vein BioPKI server-based biometric signature 12

Business case Reduction of paper documents workflow at the Bank (paperless) - reducing the cost of printing, scanning, indexing, transport, archiving and culling the paper documents Increased security comparing to traditional handwritten signature verification No after-sales forwarding, dropping, abuse documents Short sales processes (time-to-cash) - to increase sales effectiveness by reducing the duration of the signing documents procedure and gain time for advisory services The possibility of moving FTE used for the processing of documents for the sales processes Automatic control of Who (completeness of signatures), Where (location in which signature was made) and When (time stamp) signed the document, enabling streamlining of audit procedures (no change since the signing of the document). 13

Principle of functioning Finger Vein BioPKI biometric signature solution allows for issuance and management of customer certificates, and for the ability to sign documents / agreements at the branch using Finger Vein reader. The signed document in electronic form may be submitted to the bank repository. Bank may offer to the customer placing the signed agreement in electronic form on customer s internet account. 14

Sulotion elements Finger Vein Server central software (heart of the system) Obrazowanie wzorców FingerVein Finger Vein BioPKI Server and Finger Vein CA biometric signature software FV Monitor Management Module and FV Content Management Module monitor s software network (ethernet) Finger Vein reader network (ethernet) Finger Vein monitor (12 ) 3 Finger Vein infrastructure 2 FV 1 15

4. Finger Vein B-1 card-based biometric signature 16

Business case Reduction of frauds in remote channel, caused by users sharing the access to their account, by introducing the strongest method of user identity authentication Reduction of frauds in remote channel, caused by the action of hackers, through the introduction of technology, which allows for 100% authentication of identity of the user who confirm the operation in the electronic banking system Faster and easier support for users of corporate banking system by eliminating the access codes (PIN) Reduction of costs associated with the issuance, personalization and distribution of smart cards to corporate customers, as well as handling the claims related to PIN codes, comparing with the standard card-based PKI 17

Change of approach Unique combination of established technologies Security and Customer Experience Links the individual clearly to the transaction Replaces the PIN with high performance biometric identifier. Secure biometrics (Finger Vein) Cryptographic SIM Achieves individual non-repudiation Eliminates card-sharing.. Gives the possibility to eliminate the necessity of sharing the date, including personal data, ssimplify card management and lower costs Generate keys and certificates onsite, at user enrolment Possible no pre-personalisation of cards Low impact on current infrastructure build on standard authentication platforms and protocols such as PKCS11 minimal impact on endpoints Sign What You See 18

Solution components Banking portal 1. Finger Vein B-1 biometric PC (customer) Finger Vein reader 2. CAP card applet (PKI + Finger Internet browser PLUG-IN 4 Vein biometrics) 3. LIB middleware PKCS#11 3 LIB CCID driver (Windows) library 4. PLUG-IN plug-in to the browser (fo the purpose of integration) Bank Hitachi 1 SIM card CAP 2 Others PIN 19

Card personalisation modes (workflow) Key Generic blank SIM card SIM with keys and finger vein CA Hitachi PKI+FV CAP CardCo1 CardCo2 blank SIM Bank blank SIM Customer1 Customer2 Customer3 POST-PERSONALISATION MODE Certificate Key SIM with keys and PIN CA PIN Customer1 Bank CardCo Customer2 Certificate PIN Customer3 PRE-PERSONALISATION MODE Registration 20

Customer HTTPS PKCS#7 UTF8 Bank Transaction signing workflow Create parameters for signing application Check signature and payload Store and log transaction data Checks and compiles business txn Create signing web page Internet Send txn data to back-end Presents SWYS window SHA256 digest Build signed data package Verify finger Data is signed Create transaction Click Sign Place finger 21

5. Summary 22

Summary The use of biometric signature technology enables fully to implement the idea of "paperless" and "digital banking" in the Bank. Security of biometric signature is mainly based on the level of security of the used biometric technology (necessity to use biometrics with the highest security factors available on the market => Finger Vein) Depending on the area of using the biometric signatures necessary is to select the appropriate fuctioning model of the biometric signature: 1. Server-based model (Finger Vein BioPKI) - ideal for applications in the relationship with the retail customer (bank branches) 2. Card-based model (Finger Vein B-1) - dedicated to internet banking, with an indication on corporate banking The necessity of use of the card-based model of digital biometric signature (Finger Vein B-1) in the corporate banking channel stems from the fact that the Bank has repeatedly does not have a direct relationship with the user of the system (employee of a company that uses the services of the Bank). Such situation generates controversy for a central processing and storage of biometric templates of the user. 23

Thank you for attention Arkadiusz Buroń Presales & Account Director Information Systems Group Serock, 2015-09-23 24

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information