ImageWare brings server-side approach to enterprise biometrics
ImageWare Systems Inc. has brought its signature government biometric authentication SaaS to the corporate market with the Monday launch of its GoVerifyID Enterprise Suite. The company say that the suite, which provides end-to-end, multi-modal, multi-factor authentication within the Microsoft enterprise ecosystem, using a hybrid cloud architecture that authenticates at the server level, is the first of its kind.
The ImageWare Biometric Engine-backed enterprise application represents the established government provider’s first big foray into the mass consumer and commercial markets, which have always been part of the company’s vision.
With enterprise security incidents making regular headlines, reputations, the jobs of C-level executives, and millions of dollars are under threat due to the disappearance of the traditional security perimeter due to BYOD, which ImageWare CEO Jim Miller refers to as “bring your own disaster.”
Disparate devices, constantly being replaced and upgraded, not to mention left in taxis and exposed to myriad vulnerabilities, provide not just a challenge, but also enabled mass out-of-band biometric enrollment and verification. The enterprise biometrics provider should offer the flexibility to leverage this ubiquity.
“The really big powerful factor that would enable mass adoption is that you would need a back end: a very powerful platform to run whatever biometric you want it to run,” ImageWare CEO Jim Miller told Biometric Update in an interview. “That’s because also rooted in our vision is our belief that biometrics are truly situational. Depending on the situation you’re in, you may need a different biometric.”
Enterprises pay $100 per person per year, on average, to allow password changes, IWS says, citing Info-Tech Research Group, but with nearly 80 percent reporting data breaches last year, the enterprise security market is ripe for change.
If biometric verification is to play a major role in that change, ImageWare contends enterprises will have to be given not just better security, but also more flexibility, scalability, and speed. Using a hybrid cloud approach in which the user identity is stored on the enterprise cloud, and the biometric template is secured in ImageWare’s cloud, GoVerifyID Enterprise can scale to process hundreds of millions of transaction and identities in real time, while avoiding transferring personally identifiable information (PII) to the end device, or even between the integrated clouds.
“The real power of this solution is the fact that it is at the authentication source, which is on the server. Which gives the ability to administer, manage, control, and secure that network perimeter,” ImageWare CTO Dave Harding said in the interview.
“What we did was we integrated directly into that existing domain security infrastructure and added out of band biometric verification,” said Harding. “So Microsoft Active Directory and active directory federated services, we simply plugged into those. From the IT administrator’s perspective, he or she gets to use all the same tools they already use, like the Microsoft management console where they create users, administer their network, manage groups, provision high value network assets and end points, and we, with the GoVerifyID Enterprise product, fit in right at the server level.”
The biometrics industry is largely comprised of companies providing algorithm and middleware, Harding says, while ImageWare’s approach is inherently different. The company’s proprietary database, which most of its patents deal with, was designed specifically for biometric data. The usual off-the-shelf alternatives, like SQL server or JSON, are more effective with numbers and text than they are with binary data like biometric templates or enrollments, according to Harding, who sat on the Microsoft SQL server steering committee prior to joining ImageWare.
GoVerifyID Enterprise is algorithm-agnostic, though most choose to use the algorithms its provides under licenses from partners ImageWare considers best-in-breed. Whatever algorithm plug-in is used, it is applied to the database, and ImageWare’s server sends back only a score, which gets associated with an identity on the enterprise server. While the company provides an SDK for developers, no coding is necessary, it is designed as a turnkey application, and can often be installed working in ten minutes, Harding says.
When the GoVerifyID Enterprise application is installed on the corporate network with the enterprises choice of biometrics, algorithms, and verification conditions, employees can access the network through a mobile device with the verification method deemed appropriate to the individual through a Microsoft management console plugin. That means those with limited network access can be granted access with their choice of biometric, or none at all, to reduce friction, while individual users with higher-risk privileges can be forced to authenticate with a specific biometric or multiple factors.
“It’s your organization, you set the rules,” said Miller. “Our whole premise was, give you economic and operating flexibility to the maximum amount possible while still preserving your security.”
Four regional implementations, each with their own cloud to reduce latency, are available in app stores now.