2003 Increased Security while protecting Privacy True or
- Slides: 27
2003 Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics 1
2003 I will talk about. . . Precise Biometrics (very brief) Biometrics. . ? Smart Card & Smart ID Card Fingerprint matching on card ”Increased Security, while protecting Privacy? True or False? 2
2003 This is Precise Biometrics World leading security solutions based on fingerprint Holds world’s first patent within “Match -on-Card” Founded in 1997 in Lund, Sweden Offices in Lund (40), Stockholm (2) and Washington DC (6) Listed on the Stockholm Stock Exchange O-list since 2000 3
2003 What we do We create fingerprint-based security solutions for companies, organizations, authorities and private individuals that replaces PIN: s, passwords and keys. 4
2003 Biometrics. . ? 5
2003 Trends that fuel the need for biometrics • Market trends: – Globalization – Mobility and flexibility – Digitalization • Technology enablers: – Internet – Wireless – e-business and smart cards All driving a cumbersome growth of PIN -codes and passwords 6
2003 Problems • Concern that sensitive data is accessed by unauthorized users • e-business without trust – who’s at the other end of the Internet? • Passwords, PIN-codes, keys, etc are a hassle => security is often cheated, or upheld at high admin cost 7
2003 Solutions • • Confidentiality – encryption Authentication – digital certificates Non-repudiation – digital signatures Convenience + personal security – biometrics Digital identity management, smart cards and biometrics enables security and convenience by making the digital identity personal 8
2003 Why biometrics? • Uniquely linked to a person, who is present • Secure and convenient – “No more passwords” (or “Post-It” stickers…) – Convenient = it will be used – Cannot be borrowed, stolen or forgotten • Saves money – Less fraud – Less cost for password administration 9
2003 What is biometrics? 10
2003 Market share by technology 11
2003 What biometrics, and how ? Surveillance vs. Access to a service Identification vs. Authentication 1 -to-many vs. 1 -to-1 Enrollment & Verification Fingerprint Image vs. Biometric Template Traditional Feature (Minutia) Matching More advanced pattern or hybrid matching Match-on-Server, Match-on-PC or Match-on Card Security or Privacy or Both ? ! 12
2003 What is Smart Card ? 13
2003 Smart Cards - A small computer and a crytographic token • Contains and handles sensitive data • transactions / e-cash / identity / health profiles • secret codes and keys • biometric templates • Performs cryptographic computations for • • authentication / digital signatures confidentiality by encryption key management protocols biometric match-on-card 14
2003 Smart ID Card = Smart Card + ID Card Active Duty Johnson, Jane Marie U. S. Navy Social Security Number Date of Birth 742 -76 -0064 1969 JAN 09 Issue Date Expiration Date 1999 SEP 03 2003 SEP 01 Pay Grade Geneva Conv. Cat. LTCOL VI Rank A 1 DMDC Geneva Conventions Identification Card 15
2003 Privacy or Security 16
2003 Factors affecting privacy in ID systems High Very High Privacy concerns Amount of data Low High Sensitivity of data 17
2003 Unique security solutions Something You Have + Something You Know + Something You Are Relative Security Level + + Something You Have + Something You Are + Biometric Something You Have + Something You Know ID Card Something You Have + Something You Know PIN, Password Key or Card Solutions 18
2003 Fingerprint matching on card 19
2003 Match-On-Card technology Fingerprint matching on smart cards and SIM / WIM cards Brings biometrics and PKI together Make digital signatures and encryption of e-mails or documents more secure and convenient Makes it possible to replace PIN: s with fingerprints and to store and match the fingerprint on a smart card instead of a less secure computer 20
2003 PKI & Fingerprint Match On Card PKI with PIN-codes 4563 Secure INTERNET 6437 PKI with Biometrics Secure INTERNET 21
2003 Match-On-Card 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 Capture Enrollment Reference Storage 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 S N U 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 E R CU E PC Hard Drive e l b la a c S ot N 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 Network Server Smart Card Verification 22
2003 Match-On-Card • Reference template is exposed during verification • Best practices require template to be encrypted and signed — Secret shared by all workstations • Card independent • Sensor independent • Compatible with Do. D Common Access Card • Available for Java Card and Multos Reference Storage 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 S N U 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 E R CU E PC Hard Drive c S t o N 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 e l b a al Network Server Smart Card Verification Matching to reference template 23
2003 Why Match-on-Card? Scalability The matching is performed locally on the card – the system scalability doesn’t have any limit – the matching is fast and independent of open networks Security Two factor authentication – demanding both a valid smart card, where fragments of your fingerprint are securely stored – and your fingerprint Privacy The template never leaves the secure environment – it cannot be copied or stolen – the privacy issue is radically resolved 24
2003 How it works Match-on-Card™ 25
2003 Privacy and Security ! 26
2003 Increased Security, while protecting Privacy ? True ! Thank you! christer. bergman@precisebiometrics. com 27
- Cvs privacy awareness and hipaa privacy training
- Yehuda lindell
- Private security
- Hipaa privacy and security awareness training
- Chapter 9 privacy security and ethics
- Cyberextortionist definition
- Chapter 9 privacy security and ethics
- Chapter 9 privacy security and ethics
- Azure security privacy compliance and trust
- Do loop adalah
- While true python
- While true python
- While true python
- Chapter 9 obtaining and protecting your credit
- Chapter 20 civil liberties protecting individual rights
- John procter quotes
- Single species approaches to protecting biodiversity
- Reactions of aldehydes and ketones summary
- Chapter 9 obtaining and protecting your credit
- Species diversity
- Primary aldehyde
- Protecting student data
- Obtaining and protecting your credit
- Chapter 20 civil liberties protecting individual rights
- Carbamate protecting group
- Protecting consumers savers and investors examples
- Chapter 20 civil liberties protecting individual rights
- True or false true or false