HID Global exec discusses biometrics and smart cards
Following the acquisition of Lumidigm, HID Global strategically integrated the Lumidigm biometrics technology with its Omnikey contactless smart card readers to provide an accurate and reliable identity validation solution.
The company’s biometric identity and access management solutions are used in a range of applications, including citizen identification, financial services, healthcare, and border security.
HID Global’s Lumidigm biometrics sensors are often used in combination with an airport’s access control system, such as in the case of Baltimore/Washington International (BWI) Airport’s deployment of HID Global’s Lumidigm multispectral fingerprint sensors to control access to the tarmac.
The high-performance fingerprint sensors help simplify the identity verification process and ensure that authenticated users are, in fact, the same people who were originally issued the cards.
BiometricUpdate.com recently talked to Phil Scarfo, VP Worldwide Marketing, Biometrics at HID Global, who discussed combining biometrics with PIV to improve airport security, the surge in biometrics adoption by the financial industry, and implementing a biometric identification card system for Angolan citizens.
Why do biometrics play an integral role in advancing access control?
Phil Scarfo: Biometrics plays a unique role in identity and access control as it is the only technology that binds a myriad of digital identities to a person. Cards, tokens, PINs and passwords are simply aliases for personal identity. They can easily be lost, stolen or used by an imposter and therefore represent the weakest links in the chain of trust. The primary purpose of any identity and access management (IAM) system is to ensure that access, rights, roles and privileges are intelligently and reliably linked to a true user identity. There is no intelligent access control without strong user authentication, and there is no stronger and convenient user authentication than biometrics.
How can combining biometrics with PIV improve airport security?
The two most important considerations in strong authentication, at the airport or any other environment where security is critical, are to have more than one factor and to ensure that at least one of those factors is linked to a specific identity. This linkage to a user’s true identity is something only a biometric can provide. Regretfully, there is always the potential of the fraudulent use of an identity if the identity-proofing methodology or vetting process is not robust. However, if an IAM solution has the ability to verify that the card or other credential is genuine, that the credential is issued by the legitimate authority and that the person presenting the credential is the legitimate owner, then the security level is certainly enhanced and the solution merits strong consideration.
HID Global offers biometric technologies for various industry applications. Has there been one specific industry that you have seen a significant rise in adoption throughout 2015?
The most significant adoption of biometrics in 2015 has been in financial services, particularly in developing markets like Latin America and Africa. The real and present threats associated with user fraud in both public and private sector banks as well as entitlement programs in these regions continue to drive the adoption of biometrics. Moreover, customers in financial services are looking for more than just a biometric sensor. They are looking for a very robust and reliable end-to-end solution that ensures that the person is legitimate, the transaction is trusted and that the system is impervious to either internal or external hacks. The right authentication solution delivers superior biometric performance, liveness detection (spoof protection), robust encryption and exceptional tamper protection.
The company previously partnered with DGM to enable Angolan government’s Ministry of Justice to implement a biometric identification card system for citizens. What were the main challenges on this project?
As with all civil or national identity programs, there are many logistics and deployment issues that need to be intelligently managed and overcome. But on the technical front the two big challenges in large-scale ID programs are: a) to produce an identity card or document that is both secure and easily authenticated, and b) to intelligently and securely bind that credential to the legitimate citizen or holder. Another major challenge of course is in the identity proofing, particularly in regions of the world where reliable data or history on identities are weak or non-existent. Ultimately, there must be a process set up to ensure that the true identity of an individual is established prior to issuing them a citizen ID or card. Once issued, there has to be a means of authenticating the card and the card holder.
To date, many government programs have invested heavily in designing in both overt and covert security features that allow for visual and machine-readable authentication. This generally is the reason why many government issued documents (like currency) have reflective holograms, secure lamination, micro-printing, etc. That said, it is becoming increasingly important to have more automated and robust means of both document and user authentication. HID is well positioned today to provide both as the company can not only produce the most advanced and secure documents, but can also provide a reliable and affordable means of authenticating that the document is GENUINE and that the person presenting the document is who they claim to be.
What products are HID Global currently developing for release in 2016?
We don’t like to pre-announce products that will be commercially introduced next year. But we can say that because of the major impact of mobile- and cloud-based services and technologies, we want to continue to be in the position of offering our customers the broadest range of choices. We realize that today’s environment is one where users will want and expect greater security and convenience. The world of identity and access management has become even more complex and challenging for organizations, government and users. We fully expect to deliver more complete, more robust solutions that meet today’s needs as well as the bridge to meet tomorrow’s needs for identity and access management.