The World of Biometrics
Key Benefits:
Security
BioPassport™ Secure Communication uses the highest encryption
standards in combination with Biometrics to encrypt email and its
attachments. A Digital Signature is a
standard feature of this module.
It does not store the image of your
fingerprint. Rather, it creates a digital template which is your secure
BioPassport™ Profile. It is not
possible to recreate your intitial
fingerprint image to avoid the risk of
“cloning”.
Flexibility
BioPassport™ Secure Communication can secure also all files on
your local PC with a right mouse
click.
SDK for all proprietary email
software is available
Easy Integration
BioPassport™ Secure Communication is a plug-in for Microsoft
Outlook. A separate utility is available for other email clients.
RSA Encryption
Once an email has been written,
with a click of a single button it will
be encrypted with a 512 to 4096bit
Key.
Choice of Biometrics
Currently BioPassport™ Secure
Communication supports Face
recognition, Finger Recognition and
a combination of both. BioPassport™ Secure Communication will
automatically request a live image
from the connected sensor/camera,
depending on which biometric technology was enrolled by the user
onto the BioPassport™ Enterprise
AD Server.
IdentAlink
Rudower Chaussee 29
12489 Berlin
Germany
Phone: +49 30 63926970
Fax: +49 30 63926971
Email: [email protected]
© 2003 IdentAlink Limited. All Rights Reserved. IdentAlink, the IdentAlink logo,
BioPassport and its Client Modules are trademarks or registered trademarks of IdentAlink
Limited. All other trademarks and
registered trademarks are property of their respective owners.
Do you have a Communication/ Security Problem?
BioPassport™ Secure Communication uses the highest
RSA encryption standards in using a combination of PKI
and Biometrics to encrypt email. A Digital Signature is a
standard feature of this module and handled by the BioPassport™ Enterprise AD Server.
Higher Security
All BioPassport™ Enterprise Security products comply with privacy
standards for industry and government.
Digital Signature
BioPassport™ Secure Communication includes a Digital
Signature that can be controlled by your organisation. The
Digital Signature both verifies the originator of the email
and confirms that the email has not been tampered with.
BioPassport™ Enterprise Product Family
Specifications:
Laptop/PC/Client Applications
Minimum System Requirements
• Supported operating systems
– Windows XP
– Windows 2000
– Windows NT4 SP6
– Linux
• Hardware requirements
– Pentium III processor
– 50 MB avail hard disk space
– USB Port or serial on NT4
Biometric Support
• Biometric software features
IdentAlink Fingerprint recognition algorithm
Facial Recognition algorithm
Further biometric technologies on request
– Local- or server-based (except Face Recognition,
server based only)
Authentication
• Supported fingerprint sensors
Hitachi/BMF
Atmel thermal
Shimizu
STMicroelectronics TouchChip®
Infineon
Authentec
Biometrica (optical)
Testech
Polaroid
TST
Any other on request
– CHERRY Keyboard (Fingerprint/smartcard)
OS Logon
• Logon to local PC account
– User identification/ authentication
– Windows XP, 2000, Me and 98
• Logon to network account
User identification/ authentication
Windows 2000 AD
Novell network
Sun Solaris
• User authentication
– Username and credential(s)
– Fingerprints and/or other biometrics and/or
Windows password
– Administrative policy control
Application Logon via Module Secure Application
• Logon to Applications
- Choice of single sign on
– Fingerprint verification and/or other biometrics
and/or password and/or smartcard of current
Windows user
– Integrated in Win 32 logon screens
– Supports any application or db as well as web
site logon
– No scripting or programming required (plug
and play)
PC Unlock
• Lock Windows session
– Windows lock command
– Windows screen saver lock
• Unlock Windows session
– User identification/ authentication
– By current user or administrator
– Enforces logon authentication policy
File Encryption via Module Secure Communication
• Encrypt/decrypt files and directories
- Fingerprint and/or other biometric verification or
single sign on of current Windows user
– upto 8198-bit encryption
– Integrated into “right-click” menus
– Recovery utility
Deployment Support
• Custom installation
– Select applications
• Remote installation
– Supports MSI-compatible installers
– Supports Windows 2000 GPO installation
• Deployment options
– Standalone PC
– Networked workstation
– Networked workstation or NET PC with server
– Laptop PC (docked/undocked)(Standalone or
networked)
Server Software
Minimum System Requirements
• Supported operating systems
– Windows net 2003 Server
– Windows 2000 Server
-- Windows 2000 Advanced Server
-- Linux
-- Sun Solaris
– Installs on domain controller(s)
• Hardware requirements
– Pentium IV processor
– 10 MB avail hard disk space
– DB space depending on number of registered
– users
Database Support
• Active Directory
– Windows user record extension
– Schema extension for Single Sign on
-- Schema extension for Secure Application
-- Schema extension for Secure Communication
-- Schema extension for Time & Attendance
– Schema extension for Access control
Fault Tolerance
• System data replication
– Active Directory replication services
• Authentication services
– Automatic failover
Scalability
• Unlimited users depending on HW capability
• Load balancing
Security
• Server-based authentication
• Own PKI infrastructure
• Own Digital Signature infrastructure
• Data encryption
– User data (pswrds, FPs, etc)
– All client/server communications 128bit SSL
– up to 8198 bit RSA encryption
Auditing
• Centralized, remote configurable audit logs
– multi Domain support
– Windows Server security and system event logs
Deployment Support
• Schema extension utility
– Applies to entire AD forest
• Server discovery
– Domain-based
– DNS registration
– Server to Workstation
– Server to server
System Administration
Administrator user interface
• Native Windows Server
• Admin Tool for Workstation
• Admin Tool for Domain wide Support TCP/IP
Administrator access rights
• Supports Win 2000 delegated administration
Security settings
• Cached credentials
• Authentication policies
• Server authentication
Performance settings
• Logon identification list
• Max 8 fingers per user
• Face Recognition
• multi-layered biometrics
• combine biometrics with password
• combine biometrics with smartcard
• combine biometrics with 2D barcode
Auditing
• Windows event log
• customised reports for all db
• Supports report filtering
Fingerprint Sensors
Min Performance for all integrated sensors
• Self-calibrating
• Auto image capture
• Image captured trigger
Security
• Encrypted image transmission
Deployment Support
• Plug and play USB device
• Own USB driver for all FP sensors
• Own Linux USB driver