February 9, 2018 -
Software-as-a-Service (SaaS) has revolutionized how we use software and technology. Companies like Salesforce, Microsoft, Adobe, and countless others have been able to dramatically scale their businesses by gaining customers otherwise difficult to serve by a traditional enterprise software model. The broadly applicable utility of biometric technology for identity related security applications makes it appealing for a potentially huge number of businesses to consume as a service; all of the benefits of SaaS apply to biometrics.
SaaS costs are funded as an operating expense, as compared to the capital expenses of traditional enterprise software licenses. SaaS can therefore make products available for small and midsize organizations otherwise out of reach due to factors such as upfront licensing costs, unpredictable maintenance costs, integration complexity, obsolescence risk, and other formidable barriers that at one time made enterprise software accessible to only the largest corporations. SaaS also enables businesses to avoid costly technology refresh cycles; the provider deals with the server hardware updates and provides bug fixes and feature improvements instantly to all of its customers.
As with other enterprise software, “Biometrics-as-a-Service” (BaaS) is becoming “a thing,” due to the applicability of the SaaS model to biometrics, and the identity and security applications that can leverage them. Aware recently launched “Indigo,” its BaaS offering, to extend biometric search capabilities to businesses that have been unable to adopt them without the option of a cloud-based subscription.
Beyond authentication applications, biometrics are also uniquely useful for identity duplicate detection, such as part of an identity proofing process. Identity proofing is a critical step in granting credentials to employees or accounts to customers to prevent the creation of fraudulent identities.
Indigo, Aware’s BaaS Platform
The cloud-based Indigo platform enables businesses to adopt biometrics using the BaaS model. By subscribing and hooking up a fingerprint scanner, and optionally a camera, businesses can immediately use it to enroll fingerprints and facial images through a browser-based interface. The biometrics are used to search previously enrolled records for duplicates.
Indigo does not need to store personal biographic information, such as name and date of birth; only a unique identifying number such as a customer or employee ID number is stored with the biometrics. This makes the biometric data stored in Indigo virtually useless to someone who improperly gains access. When a duplicate is found, that ID number is used to manually investigate the duplicate using data from a separate system storing biographic information.
“Many organizations want to leverage biometrics to reduce fraud and improve their security, but don’t have the scale to justify the upfront costs and ongoing maintenance,” Aware VP of Marketing and Product David Benini told Biometric Update in an exclusive interview. “Just as with other SaaS offerings, Indigo lowers the barriers to adoption, enabling organizations to leverage the unique power of biometric search technology without their IT staff having to become experts in it.”
While the Indigo platform is a new offering, it is built upon Aware’s mature core technologies, Benini explains, including its “BioSP” biometric services platform, “WebEnroll” browser-based enrollment, and “Nexa” face and fingerprint matching algorithms.
Aware’s WebEnroll is built to leverage the security features of HTML5. Its unique design makes it possible to easily hook up peripheral cameras and fingerprint scanners to capture biometrics from within a browser, as opposed to installing a thick-client software application, Benini says. Eliminating application software on the client vastly simplifies the solution deployment and use; it’s the key to enabling software-as-a-service. But operating biometric peripherals through an HTML5 browser requires some tricks. Aware has been honing its offering here for years; its technology is behind the deployment of browser- based biometric enrollment by the US Department of Defense. WebEnroll also incorporates all the lower-level imaging, hardware abstraction, and data processing technology Aware is well known for; things like real-time fingerprint and face quality analysis, device interface, and NIST file data validation.
A workflow for deduplication upon onboarding of customers and employees
Indigo|Onboard is the first workflow configuration available in the Indigo product family. It uses fingerprints to perform a one-to-many search to identify previously-enrolled customers or employees. According to Benini, it’s ideal for any company that wants to ensure that no customer or employee can be represented more than once in its identity database. In this way, fraudulent identities can be prevented.
Indigo|Onboard provides role-based access to various screens and capabilities, and treats enrollment and adjudication as separate workflows; together these two features enable the processes of enrollment and adjudication to be divided between different personnel. For example, human resources can enroll new employees, and security staff can be responsible for investigating duplicates and signing off on issuance of credentials or accounts.
“Indigo doesn’t require integration into other systems to be really useful,” he says. “A business can subscribe to Indigo|Onboard, and begin enrolling and searching biometric records the same day.”
Aware has plans to offer other workflows designed for specific applications on the Indigo platform in the near future, Benini says.
As identity proofing becomes more broadly recognized as a critical element of security, we are likely to see biometric identification and duplicate identity detection rise in profile, as we have seen with mobile biometric authentication. A subscription model makes the capability accessible to virtually any company, just as SaaS has done for other enterprise software categories.