WHITE PAPER. Let s do BI (Biometric Identification)

Similar documents
White paper. Biometrics and the mitigation of card-related fraud

May For other information please contact:

Achieving Universal Secure Identity Verification with Convenience and Personal Privacy A PRIVARIS BUSINESS WHITE PAPER

CHOOSING THE RIGHT PORTABLE SECURITY DEVICE. A guideline to help your organization chose the Best Secure USB device

Two-Factor Authentication over Mobile: Simplifying Security and Authentication

Oracle Enterprise Single Sign-on Technical Guide An Oracle White Paper June 2009

Biometrics is the use of physiological and/or behavioral characteristics to recognize or verify the identity of individuals through automated means.

W.A.R.N. Passive Biometric ID Card Solution

Biometrics: Advantages for Employee Attendance Verification. InfoTronics, Inc. Farmington Hills, MI

Take the cost, complexity and frustration out of two-factor authentication

Digital Identity & Authentication Directions Biometric Applications Who is doing what? Academia, Industry, Government

Application of Biometric Technology Solutions to Enhance Security

HARDENED MULTI-FACTOR AUTHENTICATION INCREASES ENTERPRISE PC SECURITY

Opinion and recommendations on challenges raised by biometric developments

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD

Multi-Factor Authentication

Assignment 1 Biometric authentication

Framework for Biometric Enabled Unified Core Banking

SCB Access Single Sign-On PC Secure Logon

Entrust IdentityGuard

Strong Authentication for Secure VPN Access

An Oracle White Paper December Leveraging Oracle Enterprise Single Sign-On Suite Plus to Achieve HIPAA Compliance

What the Future of Online Banking Authentication Could Be

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

Reaching the Tipping Point for Two-Factor Authentication

Physical Security: A Biometric Approach Preeti, Rajni M.Tech (Network Security),BPSMV preetytushir@gmail.com, ratri451@gmail.com

Where Identity Matters

Introducing... The Word's Most Advance. Biometric Time Attendance Door Access Security System

Account Access Management - A Primer

IDENTITY MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

The Convergence of IT Security and Physical Access Control

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Token Security or Just Token Security? A Vanson Bourne report for Entrust

French Justice Portal. Authentication methods and technologies. Page n 1

Guide to Evaluating Multi-Factor Authentication Solutions

The Benefits of an Industry Standard Platform for Enterprise Sign-On

Enhancing Organizational Security Through the Use of Virtual Smart Cards

Enova X-Wall LX Frequently Asked Questions

Information Technology Branch Access Control Technical Standard

Advanced Authentication

The Convergence of IT Security and Physical Access Control

User Behaviour Analytics

The 4 forces that generate authentication revenue for the channel

BIOMETRIC SOLUTIONS 2013 ISSUE

300% increase 280 MILLION 65% re-use passwords $22 per helpdesk call Passwords can no longer protect you

AUTHENTICATION AND ACCESS CONTROL BEST PRACTICES FOR HEALTHCARE SYSTEMS

Biometric Authentication Platform for a Safe, Secure, and Convenient Society

Two Factor Authentication - A Simple Way to Compare Costs and Risks

Multi-factor authentication

Remote Access Securing Your Employees Out of the Office

The Essentials Series: Enterprise Identity and Access Management. Authentication. sponsored by. by Richard Siddaway

True Identity solution

Digital identity: Toward more convenient, more secure online authentication

solutions Biometrics integration

Securing Remote Vendor Access with Privileged Account Security

XYPRO Technology Brief: Stronger User Security with Device-centric Authentication

Mobile multifactor security

Microcontroller Based Smart ATM Access & Security System Using Fingerprint Recognition & GSM Technology

CWBdirect Business Online Banking. User Guide

Good Afternoon! Since Yesterday we have been talking about threats and how to deal with those threats in order to protect ourselves from individuals

Enterprise Data Protection

DigitalPersona, Inc. Creating the authentication infrastructure for a digital world.

Electronic Prescribing of Controlled Substances: Establishing a Secure, Auditable Chain of Trust

Biometrics for payments. The use of biometrics in banking

Brainloop Secure Dataroom Version QR Code Scanner Apps for ios Version 1.1 and for Android

Improving Online Security with Strong, Personalized User Authentication

Security+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 10 Authentication and Account Management

White Paper 2 Factor + 2 Way Authentication to Criminal Justice Information Services. Table of Contents. 1. Two Factor and CJIS

DigitalPersona Pro Enterprise

White Paper: Managing Security on Mobile Phones

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

SAMAY - Attendance, Access control and Payroll Software

Electronic Commerce and E-wallet

PCI Data Security Standard

RSA SecurID Two-factor Authentication

FREQUENTLY ASKED QUESTIONS

EMC Physical Security Enabled by RSA SecurID Two-Factor Authentication with Verint Nextiva Review and Control Center Clients

BlackShield Authentication Service

A Survey on Untransferable Anonymous Credentials

Entrust Secure Web Portal Solution. Livio Merlo Security Consultant September 25th, 2003

More effective protection for your access control system with end-to-end security

MOBILE VOICE BIOMETRICS MEETING THE NEEDS FOR CONVENIENT USER AUTHENTICATION. A Goode Intelligence white paper sponsored by AGNITiO

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Enabling Fast and Secure Clinician Workflows with One-Touch Desktop Roaming W H I T E P A P E R

22 nd NISS Conference

3D PASSWORD. Snehal Kognule Dept. of Comp. Sc., Padmabhushan Vasantdada Patil Pratishthan s College of Engineering, Mumbai University, India

CSR Breach Reporting Service Frequently Asked Questions

Audio: This overview module contains an introduction, five lessons, and a conclusion.

User Authentication: A Secure Networking Environment Ellen Bonsall Payoff

Moving to Multi-factor Authentication. Kevin Unthank

White paper. CRM with Big Data

Protecting Microsoft Internet Information Services Web Servers with ISA Server 2004

Vulnerability Management Policy

Online Gaming: Legalization with Protection for Minors, Adult Players, Problem Gamers

Accelerate Innovation. Get a 360 view of customers Finacle CRM Solution

AADHAAR E-KYC SERVICE

MODERN THREATS DRIVE DEMAND FOR NEW GENERATION MULTI-FACTOR AUTHENTICATION

Keywords: fingerprints, attendance, enrollment, authentication, identification

Intralinks Best Practices in Security: Risk-Based Multi-Factor Authentication

Whitepaper MODERN THREATS DRIVE DEMAND FOR NEW GENERATION TWO-FACTOR AUTHENTICATION

Transcription:

WHITE PAPER Let s do BI (Biometric Identification) Fingerprint authentication makes life easier by doing away with PINs, passwords and hint questions and answers. Since each fingerprint is unique to an individual, it is a lot more reliable than tokens, PINs and what you know methods. It also makes transacting more convenient. A shopper can authorize payment for purchases with their fingerprint at an EFTPOS terminal, after which the money is debited from their account, and credited to the merchant s in a fraction of second. While we have used the fingerprint illustration, it is just one aspect of biometric identification. It is proven that different aspects of human behaviour and physiology can also be used for authentication.

Let s get smarter Smart seems to be the operative prefix in today s world, qualifying everything from phones to cards and cars. So it is logical to ask if we humans can also become smarter, specifically in the way we go about our financial transactions. Biometric Identification (BI) enables us to do that by mitigating the threat of theft, manipulation, forgery and spoofing. By using fingerprints for authentication, biometric devices ensure secure access to payments and transactions and eliminate the need to carry plastic cards and cash. Fingerprint authentication makes life easier by doing away with PINs, passwords and hint questions and answers. Since each fingerprint is unique to an individual, it is a lot more reliable than tokens, PINs and what you know methods. It also makes transacting more convenient. A shopper can authorize payment for purchases with their fingerprint at an EFTPOS terminal, after which the money is debited from their account, and credited to the merchant s in a fraction of second. While we have used the fingerprint illustration, it is just one aspect of biometric identification. It is proven that different aspects of human behaviour and physiology can also be used for authentication. The major issue that most financial institutions face today arises from the huge volume of data which is frequently overwritten that must be dealt with. So knowledge-based data, be it a password or PIN needs to be reset more often because of its vulnerability to hacking. On the other hand, something unique and belonging to a user and which cannot be copied, such as a fingerprint, offers a much more secure method of authentication. Two Es of biometric identification The two Es stand for Easy and Effective, characteristics of biometric identification. Easy: It s easy to install a biometric fingerprint reader in any outlet. The device has a sensor to scan and read fingerprints, and the read data is then stored in a database. Software logic compares the data captured with the data present in the enterprise to match the fingerprint. Within the database, the process brings together a fingerprint and a reference or PIN number. A comparison with a person s name or account takes place, which depending on the purpose, allows or disallows access, updates a time clock, or even enables payroll access. A biometric device basically works on three factors: a) Human b) Device c) Algorithm Human: It is essential that the finger is placed properly, in contact with the sensor surface to ensure reliable data assessment. Device: Biometric devices must be kept in moderate temperatures; too much heat can affect the sensor surfaces and may result in wrong assessment. Algorithm: The logic used for biometric identification is based on three factors, namely enrolment, evaluation and decision making. Enrolment, as the name suggests, is about reading the fingerprint, recording the data and passing it for evaluation through a baseline template. It s the most important stage and the data needs to be captured accurately without the slightest error. During evaluation, the data captured as above is compared with the corresponding data in the bank s database. When the comparison results in a match, it signifies the print is genuine. The results are then passed on to the decision-making component. The decision-making component uses the result (score) from evaluation to decide its authenticity based on two algorithms, Matching and Ranking. It publishes the result to the device which acts on it by displaying a success or error message as the case may be. Effective: In the digital era, data theft and copyright issues are rising day by day. As customers switch to electronic banking, they must remember a bunch of PINs and passwords, and change these often in the interest of security. On their part, banks must provide a mode of authentication that is easy, yet robust. Authentication can be done in three ways : a) Knowledge-based, where something that the user knows, like a PIN, password or secret question is used b) Device-based, where authentication is done with a smartcard, security token or other gadget and c) Biometric, which relies on a user characteristic like a fingerprint, retina scan, psychological behaviour etc. Let s look at it one by one. Knowledgebased techniques are useful because they make it possible to define a large number of combinations of numbers, alphabets, and special characters, but are very cumbersome to remember and manage. When the same password is not used for more than one account, it defeats the notion of Single Sign On. A security token or smartcard can mitigate the pain of remembering passwords and 2 Infosys External Document 2015 Infosys Limited

PINs and of completing the reset logic and generating new PINs as per business rules. While this sounds good there is a huge operational cost specialized hardware, infrastructure support, shipping involved for the financial institutions and banks implementing it. Biometric identification has always been considered a fool proof, or at least difficult to forge or spoof, authentication solution. The concept of system identification based on physical characteristics used earlier for guarding mainframe access or restricting entry to select users was sluggish, intrusive and expensive. With innovations in technology, things have taken a giant leap. Now the networks are faster, movement of data to and from the server takes microseconds, and to top it all, biometric devices are very cheap to install. These reasons have made fingerprint authentication popular. Today, many laptops and PCs are inbuilt with fingerprint readers at hardly any cost to the manufacturer. Users can be allowed a password or PIN option as the second factor after fingerprint authentication. The solution and its benefits Customers opening an account register their fingerprint along with other personal data with the bank. They request Single Sign On access and transaction processing based on their fingerprint and perhaps additionally, a PIN. This two-factor authentication can be extended to three or four factors, or downgraded to a single one, using a business rule that can be set based on customers requests. It can be done in a branch or online (using devices where this feature is enabled) depending once again on the customers convenience. Benefits To banks: Financial inclusion: A massive number of people, mostly in Africa, Asia and the Middle East, aren t currently unbanked because they re unbankable, but because most simply cannot comply with the identification requirements of financial institutions. In fact, about 60% of the world s citizens do not have national ID cards, passports, driver s licenses or other government-issued identity credentials. Other inhibiting factors include distance from banking locations and illiteracy. A step towards security: Consumers complete a relatively simple enrolment process, which generates a unique and secure identity for each. Because the identity is biometrics-based, it s virtually impossible to duplicate or forge. The resulting database could be used to authenticate the identity of consumers when they want to access financial services, such as payments etc. in the absence of governmentissued credentials. They can simply scan a fingerprint and their identity will be confirmed by matching it to the biometric data stored in their file. Affordability and simplicity: In addition to greater certainty in the identification process, biometrics-based systems also bring simplicity and affordability. The scanners and software used to read, capture, manage and confirm fingerprints and other biometrics have demonstrated reliability and performance in a variety of demanding applications around the world. They also tend to be affordable, which contributes to the financial viability of microfinance and other relatively new initiatives. To end users: Security: Fingerprint (biometric) authentication is highly secure as fingerprints are the hardest to forge. Overcomes language and literacy barriers: Biometric identification overcomes barriers of illiteracy and language and circumvents the lack of government-issued credentials. Once enrolled (opening an account) with the bank, transacting is easy and hassle free. Does away with multiple passwords Biometric or fingerprint authentication relieves users from maintaining multiple passwords for multiple accounts in various banks. Ease and affordability: The convenience of fingerprint scanning versus secure cards or other tokens, is also a plus. Also, since many laptops and phones are now available with a built-in fingerprint reader, there is no need for their owners to buy a separate device. Biggest challenges Biometric data cannot change: While passwords and PINs are very easy to reset and can be changed as many times as needed, biometric data can t be altered. Be it a fingerprint or iris scan, the data remains the same, which can become an issue if it is compromised. The chances of that happening are rare though. 3 Infosys External Document 2015 Infosys Limited

Biometric systems can t be used by everyone: Fingerprint authentication is ruled out for people with certain disabilities. Amputees or those with certain congenital defects can t use biometric authentication systems. While it is proposed that an alternative system be established for such cases, Mark Ryan, Professor of Computer Security at the University of Birmingham suggests they might cause embarrassment to those who have to use them. Privacy concerns: Biometric systems will need big databases for obvious reasons. Since they access personal data, including that of senstitive agencies like law enforcement and private corporations, ensuring privacy is imperative. Conclusion Biometric identification has tremendous potential as a fool proof, secure and cost effective method of authentication, which may be used for all kinds of payment and monetary transactions. Reference http://www.brighthub.com/computing/ enterprise-security/articles/104563.aspx http://en.wikipedia.org/wiki/biometrics http://uidai.gov.in/biometric-devices.html Sankhanil Chakraborty Senior Consultant Infosys Finacle 4 Infosys External Document 2015 Infosys Limited

About Infosys Finacle Infosys Finacle partners with banks to simplify banking and arms them with accelerated innovation to build tomorrow s bank, today. For more information, contact 2015 Infosys Limited, Bangalore, India. All Rights Reserved. Infosys believes the information in this document is accurate as of its publication date; such information is subject to change without notice. Infosys acknowledges the proprietary rights of other companies to the trademarks, product names and such other intellectual property rights mentioned in this document. Except as expressly permitted, neither this documentation nor any part of it may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, printing, photocopying, recording or otherwise, without the prior permission of Infosys Limited and/ or any named intellectual property rights holders under this document.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information