2003 Increased Security while protecting Privacy True or

2003 I will talk about. . . Precise Biometrics (very brief) Biometrics. . ?

2003 This is Precise Biometrics World leading security solutions based on fingerprint Holds world’s

2003 What we do We create fingerprint-based security solutions for companies, organizations, authorities and

2003 Trends that fuel the need for biometrics • Market trends: – Globalization –

2003 Problems • Concern that sensitive data is accessed by unauthorized users • e-business

2003 Solutions • • Confidentiality – encryption Authentication – digital certificates Non-repudiation – digital

2003 Why biometrics? • Uniquely linked to a person, who is present • Secure

2003 What biometrics, and how ? Surveillance vs. Access to a service Identification vs.

2003 Smart Cards - A small computer and a crytographic token • Contains and

2003 Smart ID Card = Smart Card + ID Card Active Duty Johnson, Jane

2003 Factors affecting privacy in ID systems High Very High Privacy concerns Amount of

2003 Unique security solutions Something You Have + Something You Know + Something You

2003 Match-On-Card technology Fingerprint matching on smart cards and SIM / WIM cards Brings

2003 PKI & Fingerprint Match On Card PKI with PIN-codes 4563 Secure INTERNET 6437

2003 Match-On-Card 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 Capture Enrollment Reference Storage 100101010001010100100110101010010

2003 Match-On-Card • Reference template is exposed during verification • Best practices require template

2003 Why Match-on-Card? Scalability The matching is performed locally on the card – the

2003 Increased Security, while protecting Privacy ? True ! Thank you! christer. bergman@precisebiometrics. com

Slides: 27

Download presentation

2003 Increased Security, while protecting Privacy ? True or False ? Christer Bergman, President and CEO, Precise Biometrics 1

2003 I will talk about. . . Precise Biometrics (very brief) Biometrics. . ? Smart Card & Smart ID Card Fingerprint matching on card ”Increased Security, while protecting Privacy? True or False? 2

2003 This is Precise Biometrics World leading security solutions based on fingerprint Holds world’s first patent within “Match -on-Card” Founded in 1997 in Lund, Sweden Offices in Lund (40), Stockholm (2) and Washington DC (6) Listed on the Stockholm Stock Exchange O-list since 2000 3

2003 What we do We create fingerprint-based security solutions for companies, organizations, authorities and private individuals that replaces PIN: s, passwords and keys. 4

2003 Biometrics. . ? 5

2003 Trends that fuel the need for biometrics • Market trends: – Globalization – Mobility and flexibility – Digitalization • Technology enablers: – Internet – Wireless – e-business and smart cards All driving a cumbersome growth of PIN -codes and passwords 6

2003 Problems • Concern that sensitive data is accessed by unauthorized users • e-business without trust – who’s at the other end of the Internet? • Passwords, PIN-codes, keys, etc are a hassle => security is often cheated, or upheld at high admin cost 7

2003 Solutions • • Confidentiality – encryption Authentication – digital certificates Non-repudiation – digital signatures Convenience + personal security – biometrics Digital identity management, smart cards and biometrics enables security and convenience by making the digital identity personal 8

2003 Why biometrics? • Uniquely linked to a person, who is present • Secure and convenient – “No more passwords” (or “Post-It” stickers…) – Convenient = it will be used – Cannot be borrowed, stolen or forgotten • Saves money – Less fraud – Less cost for password administration 9

2003 What is biometrics? 10

2003 Market share by technology 11

2003 What biometrics, and how ? Surveillance vs. Access to a service Identification vs. Authentication 1 -to-many vs. 1 -to-1 Enrollment & Verification Fingerprint Image vs. Biometric Template Traditional Feature (Minutia) Matching More advanced pattern or hybrid matching Match-on-Server, Match-on-PC or Match-on Card Security or Privacy or Both ? ! 12

2003 What is Smart Card ? 13

2003 Smart Cards - A small computer and a crytographic token • Contains and handles sensitive data • transactions / e-cash / identity / health profiles • secret codes and keys • biometric templates • Performs cryptographic computations for • • authentication / digital signatures confidentiality by encryption key management protocols biometric match-on-card 14

2003 Smart ID Card = Smart Card + ID Card Active Duty Johnson, Jane Marie U. S. Navy Social Security Number Date of Birth 742 -76 -0064 1969 JAN 09 Issue Date Expiration Date 1999 SEP 03 2003 SEP 01 Pay Grade Geneva Conv. Cat. LTCOL VI Rank A 1 DMDC Geneva Conventions Identification Card 15

2003 Privacy or Security 16

2003 Factors affecting privacy in ID systems High Very High Privacy concerns Amount of data Low High Sensitivity of data 17

2003 Unique security solutions Something You Have + Something You Know + Something You Are Relative Security Level + + Something You Have + Something You Are + Biometric Something You Have + Something You Know ID Card Something You Have + Something You Know PIN, Password Key or Card Solutions 18

2003 Fingerprint matching on card 19

2003 Match-On-Card technology Fingerprint matching on smart cards and SIM / WIM cards Brings biometrics and PKI together Make digital signatures and encryption of e-mails or documents more secure and convenient Makes it possible to replace PIN: s with fingerprints and to store and match the fingerprint on a smart card instead of a less secure computer 20

2003 PKI & Fingerprint Match On Card PKI with PIN-codes 4563 Secure INTERNET 6437 PKI with Biometrics Secure INTERNET 21

2003 Match-On-Card 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 Capture Enrollment Reference Storage 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 S N U 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 E R CU E PC Hard Drive e l b la a c S ot N 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 Network Server Smart Card Verification 22

2003 Match-On-Card • Reference template is exposed during verification • Best practices require template to be encrypted and signed — Secret shared by all workstations • Card independent • Sensor independent • Compatible with Do. D Common Access Card • Available for Java Card and Multos Reference Storage 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 S N U 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 E R CU E PC Hard Drive c S t o N 100101010001010100100110101010010 110101110101101010011 101111010100100100011 100101010010011010010 110101101010011 101111010100100100011 1001010100100 e l b a al Network Server Smart Card Verification Matching to reference template 23

2003 Why Match-on-Card? Scalability The matching is performed locally on the card – the system scalability doesn’t have any limit – the matching is fast and independent of open networks Security Two factor authentication – demanding both a valid smart card, where fragments of your fingerprint are securely stored – and your fingerprint Privacy The template never leaves the secure environment – it cannot be copied or stolen – the privacy issue is radically resolved 24

2003 How it works Match-on-Card™ 25

2003 Privacy and Security ! 26

2003 Increased Security, while protecting Privacy ? True ! Thank you! christer. bergman@precisebiometrics. com 27