Ediport Safeguard biometrics

Products:

  products
  EDI products
  PKI products
  Meta directory products
Mail products

Contact

Ediport Ltd.
Phone:
+36-1-392-22-40
Fax:
+36-1-392-25-71
Email:
ediport@ediport.hu
Our other weblinks:
www.ediweb.hu
www.notebookvedelem.hu
www.internetszolgaltatas.hu

SafeGuard Biometrics

Biometrics as the Key to your smart card

SafeGuard Biometrics is a hardware and software solution-enabling authentication of users by their fingerprints, which are stored on their smart cards. Not only does it make system access convenient and secure but it can be combined with other applications from Utimaco Safeware as well as from third party vendors like Microsoft and Netscape, to cover virtually all aspects of IT security. A single smart card that is activated by the fingerprint of its rightful owner allows digital signature, encryption, single sign on and much more.

The Challenge

   Today as ever, passwords are still the critical keys underlying access authorization, encryption and digital signature. But sometimes users forget their passwords, and when this happens a new password needs to be assigned, involving time and effort. Another problem with passwords is the tendency for staff in senior positions - for the sake of an easy life - to lend their smart cards plus associated passwords to staff working for them, who can then "sign" documents in their names. The result is that these documents can no longer be attributed to their "real" owner and hence do not have to be accepted.
   The way to eliminate forgetting and disclosure of passwords is to use an authentication system, which is able to recognize the authorized user from his biometric characteristics.
   The fingerprint is ideally suited for this: It cannot be separated from its owner, it can be read in with little effort and, when combined with the correct scanning technology, it offers a high- level of security.
   Specialized providers in the area of biometrics are today offering procedures which guarantee high accuracy of recognition combined with relatively inexpensive scanning devices. Reason enough for Utimaco Safeware to integrate this security technology into its cryptographic and digital signature applications.

The Product

    SafeGuard Biometrics consists of a smart card reader with integrated fingerprint sensor and a biometrics capable smart card, together with the software that is necessary for integration of biometric authentication into the other products of the Utimaco Safeware SafeGuard range as well as in standard applications like Microsoft Internet Explorer, Netscape Communicator or Microsoft Outlook.
   Additionally, SafeGuard Biometrics, provides a biometric smart card logon to the operating system, incorporating single sign on (SSO) and desktop lockout for unauthorized users.

Password replaced by Fingerprint
   SafeGuard Biometrics uses special smart cards on which biometric data relating to the user is stored. These smart cards support the Match On Card function (MOC) and for authentication the fingerprint of the user is checked directly on the card instead of a password. Of course the cards also offer all the other functionality commonly found on smart cards such as RSA encryption and secure data storage.

High Protection against Forgery
    The sensor used to scan the fingerprint measures the capacitance between sensor surface and fingertip, and with the results it recognizes the actual profile of the fingerprint. A procedure which recognizes the "genuine" finger and cannot be outwitted by reproduction of the fingerprint.

Characteristics

Unique Identification
   Every fingerprint is unique and identifies the user with extremely high accuracy. So creating digital signatures by using cards that have been handed over together with the PIN is no longer possible.

Security and Data Protection
   The biometric template data is not stored externally in databases, but only on the user’s smart card, in a form that cannot be read back.

Reduction of Help-desk Costs
   Independent estimates suggest that between 25 and 50 % of all calls to help-desks are caused by users having forgotten their passwords. An enormous workload, which is avoided with SafeGuard Biometrics.

Independent of Location
   Integration of user key, biometric data and Match On Card functionality on the same smart card means that the user is not tied to any particular workstation but can log on to the system from different locations (including logons via a notebook over the Internet). The system administrator does not have to bother about distribution and protection of biometric template databases.

PKI Integration
   smart cards which are used in SafeGuard Biometrics can be personalized in PKI systems with X.509 certificates. To connect up to external applications, a PKCS#11 and CSP module is available.

Phased Migration
   SafeGuard Biometrics behaves towards operating system and applications in exactly the same way as other smart card-based security systems. It is also possible to use a mixture of the two solutions (smart cards with and without biometrics), thus permitting a smooth, phased migration from conventional password to biometrics.

Numerous Applications already available
   Most biometric applications offered today focus on logon purposes, but provide no cryptographic functionality. By contrast, SafeGuard Biometrics offers a whole range of real IT security applications. The solution complements not only the other products in Utimaco Safeware’s SafeGuard product range in an ideal fashion by adding biometric authentication but also common applications like Web browsers (Microsoft Internet Explorer, Netscape Communicator) or e-mail clients. In this way it forms an integral part of a complete system environment for encryption, access protection and digital signature.

System Requirements

Hardware
PC with Intel or compatible processor, CD-ROM drive for installation on a single-user computer, free parallel (ECP) or USB connection (depending on card reader)

Operating Systems
        • Microsoft Windows NT version 4.0 (SP 6)
        • Microsoft Windows 2000 (Service Pack 1)
        • Microsoft Windows XP
        • Microsoft Windows 98*
        • Microsoft Windows Me*
Remark:
        *integration in Internet Browser or e- mail system via PKCS# 11/ CSP. no logon to the operating system.

Network
   All networks supported by Windows

Interoperability/Technical Data

Utimaco Safeware Products
   SafeGuard Biometrics complements the following products by adding biometric smart card support: SafeGuard Advanced Security, SafeGuard LAN Crypt, SafeGuard Sign&Crypt for Outlook and Office Cards can be issued with SafeGuard PKI and provided with certificates

Third-party Suppliers
   Integration for digital signature and encryption in all CSP-or PKCS#11-based applications e.g. Microsoft Internet Explorer, Microsoft Outlook, Outlook Express, Netscape Communicator etc. X.509 certificates on the biometric smart cards may be issued by any Web-enabled PKI or the Microsoft CA

smart cards
32KB or 64KB EEPROM, 1024 bit RSA encryption, support for multiple RSA keys per user. Optional key generation in the card. Up to four alternative fingerprints can be stored. Alternative logon using PIN optionally possible Biometric PKCS#11 module and Cryptographic Service Provider (CSP) for integration in common Internet browser, e-mail clients or customer applications available

Card Reader
Precise Biometrics PB 100 SC or 100 MC Alternatively available integrated in keyboard, PC/SC-compatible, parallel, (Microsoft Windows 98/Me/NT/2000) or USB connector (Microsoft Windows 98/Me/2000/XP), integrated fingerprint sensor

PKI products:

	PKI systems

	Authorized systems with PKI:
	digital signature securized client (MS,Notes,SAP)
	digital signature securized web
	computer protection
	network protection
	internet protection
	PKI toolkit

	disk, notebook protection
	palmtop protection
	biometrics
	cards, card readers