The World of Biometrics
Key Benefits:
Security
BioPassport™ BioLogon Enterprise does not store the image of
your fingerprint. Rather, it creates a
digital template which is your secure
BioPassport™ Profile. It is not possible to recreate your intitial fingerprint image to avoid the risk of
“cloning”.
Flexibility
Fingerprint sensor independent. Use
a fingerprint sensor which suites
your environment or you trust in.
Easy Integration
The BioPassport™ BioLogon Module also supports passwords, which
allows the transition of users over a
period time, from logging in with
passwords to logging in with their
Biometrics.
Choice of Biometrics
Currently BioPassport™ BioLogon
supports Face recognition, Finger
Recognition and a combination of
both. BioPassport™ BioLogon will
automatically request a live image
from the connected sensor/camera,
depending on which biometric technology was enrolled by the user
onto the BioPassport™ Enterprise
Server.
IdentAlink
Rudower Chaussee 29
12489 Berlin
Germany
Phone: +49 30 63926970
Fax: +49 30 63926971
Email: [email protected]
© 2003 IdentAlink Limited. All Rights Reserved. IdentAlink, the IdentAlink logo,
BioPassport and its Client Modules are trademarks or registered trademarks of IdentAlink
Limited. All other trademarks and
registered trademarks are property of their respective owners.
Do you have a Password Security Problem?
Almost all enterprises face increasing problems to secure access
to their
VPN, Firewall, internet/intranet and ERP or other password secured applications. Their efforts are constrained by the practices of
users who create trivial passwords, write them down, stick them
to the monitor or use identical passwords for different
applications. Password-based user authentication remains the
weakest link in the security chain and a high cost factor for each
organisation.
Reduced Support Costs
Adding fingerprint authentication results in almost immediate
financial benefits and a ROI of under one year. By taking away
the burden for users to remember passwords or create new ones,
you never have to worry about
resetting those passwords or handling over-proportional support
requests for lost or forgotten passwords.
The benefits are obvious — dramatically increased customer and
partner satisfaction, increased employee uptime and reduced help
desk and support costs.
Higher Security
All BioPassport™ Enterprise Security products comply with privacy
standards for industry and government.
BioPassport™ Enterprise Product Family
Specifications:
Laptop/PC/Client Applications
Minimum System Requirements
• Supported operating systems
– Windows XP
– Windows 2000
– Windows NT4 SP6
– Linux
• Hardware requirements
– Pentium III processor
– 50 MB avail hard disk space
– USB Port or serial on NT4
Biometric Support
• Biometric software features
IdentAlink Fingerprint recognition algorithm
Facial Recognition algorithm
Further biometric technologies on request
– Local- or server-based (except Face Recognition,
server based only)
Authentication
• Supported fingerprint sensors
Hitachi/BMF
Atmel thermal
Shimizu
STMicroelectronics TouchChip®
Infineon
Authentec
Biometrica (optical)
Testech
Polaroid
TST
Any other on request
– CHERRY Keyboard (Fingerprint/smartcard)
OS Logon
• Logon to local PC account
– User identification/ authentication
– Windows XP, 2000, Me and 98
• Logon to network account
User identification/ authentication
Windows 2000 AD
Novell network
Sun Solaris
• User authentication
– Username and credential(s)
– Fingerprints and/or other biometrics and/or
Windows password
– Administrative policy control
Application Logon via Module Secure Application
• Logon to Applications
- Choice of single sign on
– Fingerprint verification and/or other biometrics
and/or password and/or smartcard of current
Windows user
– Integrated in Win 32 logon screens
– Supports any application or db as well as web
site logon
– No scripting or programming required (plug
and play)
PC Unlock
• Lock Windows session
– Windows lock command
– Windows screen saver lock
• Unlock Windows session
– User identification/ authentication
– By current user or administrator
– Enforces logon authentication policy
File Encryption via Module Secure Communication
• Encrypt/decrypt files and directories
- Fingerprint and/or other biometric verification or
single sign on of current Windows user
– upto 8198-bit encryption
– Integrated into “right-click” menus
– Recovery utility
Deployment Support
• Custom installation
– Select applications
• Remote installation
– Supports MSI-compatible installers
– Supports Windows 2000 GPO installation
• Deployment options
– Standalone PC
– Networked workstation
– Networked workstation or NET PC with server
– Laptop PC (docked/undocked)(Standalone or
networked)
Server Software
Minimum System Requirements
• Supported operating systems
– Windows net 2003 Server
– Windows 2000 Server
-- Windows 2000 Advanced Server
-- Linux
-- Sun Solaris
– Installs on domain controller(s)
• Hardware requirements
– Pentium IV processor
– 10 MB avail hard disk space
– DB space depending on number of registered
– users
Database Support
• Active Directory
– Windows user record extension
– Schema extension for Single Sign on
-- Schema extension for Secure Application
-- Schema extension for Secure Communication
-- Schema extension for Time & Attendance
– Schema extension for Access control
Fault Tolerance
• System data replication
– Active Directory replication services
• Authentication services
– Automatic failover
Scalability
• Unlimited users depending on HW capability
• Load balancing
Security
• Server-based authentication
• Own PKI infrastructure
• Own Digital Signature infrastructure
• Data encryption
– User data (pswrds, FPs, etc)
– All client/server communications 128bit SSL
– up to 8198 bit RSA encryption
Auditing
• Centralized, remote configurable audit logs
– multi Domain support
– Windows Server security and system event logs
Deployment Support
• Schema extension utility
– Applies to entire AD forest
• Server discovery
– Domain-based
– DNS registration
– Server to Workstation
– Server to server
System Administration
Administrator user interface
• Native Windows Server
• Admin Tool for Workstation
• Admin Tool for Domain wide Support TCP/IP
Administrator access rights
• Supports Win 2000 delegated administration
Security settings
• Cached credentials
• Authentication policies
• Server authentication
Performance settings
• Logon identification list
• Max 8 fingers per user
• Face Recognition
• multi-layered biometrics
• combine biometrics with password
• combine biometrics with smartcard
• combine biometrics with 2D barcode
Auditing
• Windows event log
• customised reports for all db
• Supports report filtering
Fingerprint Sensors
Min Performance for all integrated sensors
• Self-calibrating
• Auto image capture
• Image captured trigger
Security
• Encrypted image transmission
Deployment Support
• Plug and play USB device
• Own USB driver for all FP sensors
• Own Linux USB driver