business plan 2011 - bcs.org · dna biometric authentication - options . biometric authentication -...
TRANSCRIPT
Specialising in Biometric Authentication
Founded 2003 by Trevor Swainson
UK and Ireland Distributor Fingerprint vendors such as Authentec (UPEK), Crossmatch, L1, DigitalPersona, Futrionics,
M2SYS, Softex Inc, Neurotechnology & SecuGen
Vein vendors such as M2SYS, Fujitsu-PFU & Hitachi
Currently growing at 300% per annum
Paul Guckian, CEO
Background in IT Audit & Assurance - CISA, CISM, MSc, BSc
Worked primarily in financial services, Big4 and larger audit
consultancies
About Delaney Secure
Business drivers for better authentication
Business Values
• IT Cost savings (ROI)
• Staff Efficiency
• Regulatory Compliance & Security
• Increased Revenue
IT Cost Reductions
• Single multi-factor authentication platform
• Self Reset & Helpdesk support for PWD reset
• User/Application administration under one management console
• Leverage current directory infrastructure
Security & Compliances
• Multi-Factor Authentication
• SSO/eSSO
• Integrated Encryption
• Integrated Management Console
Efficiency & Ease of Use
• No delays because of PWD reset
• Access anywhere via Roaming sessions
• Reduced session start-up time
Something that you know, e.g. password, bank PIN It has the problem that things that you know can be accidentally or deliberately passed to someone
else. The potential damage of such transfer may be limited by the possibility of rendering the
transferred knowledge useless by changing the password, PIN etc.
Something that you have, e.g. smart card, bank card, token
key fob. Again, it may accidentally or deliberately be transferred. Again, the damage done by such transfer
can be remedied by cancelling the device, or physically recovering it.
Something that you are, e.g. your fingerprints, iris, voice. This
is biometric authentication. This cannot easily be transferred to someone else, so in theory it is the ideal means of
authentication. It has some other problems, however.
Strong Authentication
Wide variety of applications throughout consumer, commercial and government organisations.
Biometric Authentication
Enterprise Government Consumer
… focus on the commercial applications
Convenience Convenience & Security Security
1. Biometrics is a new idea Evidence of biometric identification used in the building of the pyramids
Huge quality improvements in the last 10 years especially
2. Iris recognition devices use lasers to scan your eyes First company to produce such a system called itself IrisScan (now Iridian Technologies)
Iris recognition camera takes a black and white picture from up to 24 inches away and uses non-invasive, near-infrared illumination
3. Stolen body parts will work Most biometric devices there is an element of liveness detection, which can measure many variables, from a finger
pulse to a pupil response.
Extracted (or enucleated) eyeball quickly begins to decompose, with the cornea clouding over and obscuring the iris.
A severed finger also dies rapidly – typically becoming useless after around 10 minutes.
4. Inability to enrol or verify children or Asian women Recent advances in imaging have led to greater resolutions being achieved by fingerprint sensors
At least 1,300 primary schools in the UK are using fingerprint technology to replace old-fashioned password-based systems in their libraries
5. Commercial fingerprint system could be used by police Stems from a misunderstanding of how a biometric system typically works in a commercial environment.
Systems use a limited template which is typically encrypted, and cannot be reverse engineered
The feeding of identical template data to a fingerprint system’s matching engine by a hacker will normally fail, as this is almost a sure indication that the data has been stolen and that a replay attack is underway.
6. Biometrics are the silver bullet that will rid the world of terrorism/evil they are only able to confirm whether this is the same person that initially enrolled into the system e.g. if a
government doesn’t have a quality photograph of a known terrorist suspect, then the chances of stopping that person at a checkpoint using facial recognition are slim.
Six Common Myths
Feature Government Commercial
Objective “Beyond reasonable
doubt” “On the balance of
probability”
Stored Image Full Templates
Security vs. Convenience
Security Balanced
Testing Requirements
Rigorous Reasonable
Hardware Specifications
Detailed High Level
No of enrolled users
Large Limited
Commercial vs. Government Systems
Fingerprint
Finger Vein (Hitachi)
Palm Vein (Fujitsu)
Iris
Face Recognition
Hand Geometry
Keystroke Dynamics
Retina
Signature
Voice
DNA
Biometric Authentication - Options
Commerical Uses of Biometric Authentication
Quick Launch
File/Folder Lock
Secure Your Device
Touchpad
Navigation Unlock NFC- Based Mobile
Wallet
E-Commerce Transactions
Application Lock
OTP Soft Token
Password Replacement
SECURITY
CONVENIENCE Turbo
Scrolling
Network Access (Windows Domain) Single or multi-factor options (passwords, biometric, smartcards, token, OTP)
Easy to integrate as standalone or Windows AD integrated solutions
Looks and feels like Windows AD administration
Application Authentication (via SDKs) Particularly payment applications
Non-repudiation of user authentication
Free or low cost SDKs
Physical Access Control Integrated with door entry or club membership systems
Single or multifactor (PIN, smartcard and iris recognition)
Time and Attendance Stops ”buddy” punching
Typical Commercial Applications
Embedded biometric readers driving growth
Top 9 Laptop OEMs Shipping Models in 2011
Over 13 Million Phones Shipped with Biometric Sensors
Maturity of the fingerprint technology
It works
Its cheap
Its convenient
Growth in Commercial Biometric Authentication
Convenience Cannot forget, lose or share biometric data easily
Reduces costs and risks of password resets
Little user education
Improved security - address the weak ‘human’
element Users never ‘know’ their password
Cannot be easily socially engineered via remote methods
Complex passwords without user education
Non-repudiation of transactions Unequivocally link an individual to a transaction or event.
Varying quality of proof (e.g. vein vs. fingerprint)
Cost Lower cost of ownership than other multi-factor solutions
Full integrated platforms with biometric, smartcard and token options
Key Advantages
User Enrolment needs to be robust Systems provide authentication, not identification
Need good quality template for matching
Replay Attacks Biometric templates don’t change over time, but can change algorithm
Some systems don't have a replay detection mechanism, and some do.
Forgery Biometric templates are difficult but not impossible to duplicate
Fingerprints are left behind, but typically not good enough quality. Vein,
Iris and others leave no residual trace
Scalability Huge advances in fingerprint matching algorithms, but some progress
required for vein and other larger templates to scale to national level
Key Limitations
21
Template Verification in action
Fingerprint Sensor CAPTURE
FEATURE
EXTRACTION Mathematical
Function ∫
139645004596032
873946450487472
Template
TEMPLATE
REGISTRATION Touch Sensor
4 Times 739645754596032
673946450487333
Store in Database
Registration Template
Template Matching in Action
DigitalPersona Company
CONFIDENTIAL
22
MATCH (verification) Touch
Sensor
739645754596032
673946450487333
Registration
Template
Template
139645004596032
873946450487472
FEATURE
EXTRACTION
COMPARE (Mathematically)
OK
Enable Authentication
FAIL
NO Authentication
Hardware Features
• Technique: reads live skin, improving capture reliability and quality
• Performance: Delivers excellent performance: FMR, FRR, FTE
• Operation: Works for many finger types (wet/dry/damaged) and capture conditions e.g. light
• Protection: SteelCoat protective coating for better sensor durability
• Security: Eliminates the capture of latent images & replay attacks
• Certification: FBI Certified or FIPS-201 Certified readers
(508 dpi)
RF signal
Injection
finger
FIPS 201 certified
Image Quality vs. Fingerprint Pressure
Image Quality (NFIQ) vs Finger Pressure (N)
3.12.9
2.1
2.5
2.3
1.31.31.4 1.3 1.31.0
2.0
3.0
4.0
5.0
Finger Pressure (N)
NFIQ
(1=Best,
5=Poor
CrossMatch V300 UPEK TCS1-EIM
3N (v.soft) 5N(soft) 7N (med) 9N (hard) 11N (v. hard)
Ref: Purdue University study: Dr Eric Kukula Aug 2007
Image quality score consistently better,
over wide range of finger capture pressures
Impact of light on fingerprint readers
Optical Fingerprint Sensors
Images wash out (Effected)
Placement Fingerprint Sensors
Keeps image quality (Unaffected)
Dynamic range: 184 (meets FIPS-201) Dynamic range: 59 (not meet FIPS-201)
Application Authentication: Biometric SDKs
Consumer market software suite
AP
P Packaged Application
Full Application Software
High level SDK (identity infrastruct.
level)
HIG
H
Application Bolt-On PBA + user
authentication
Mainstream library (SDK)
MID
Tight Integration With Software
Application
Suitable for 3rd party application
development on all major OS; Access to
most commonly required features (image capture, enroll, match)
Low level, device dependant interface
LOW
Tight Integration with Hardware
Basic Biometric Operations & Low level access to the
sensor/module features
DR
V
Device Driver USB
Ma
ins
tre
am
SDK’s
Standard Description Details
FIPS 140-2 (NIST)
Cryptographic modules produced by private sector vendors that collect, store, transfer, share and disseminate sensitive but unclassified (SBU) information.
L1: cryptographic only; L2: cryptographic & anti-tampering L3: cryptographic & anti-tampering and data deletion L4: Protection of critical security parameters
FIPS 201-2 (NIST)
Architecture and technical requirements for a common identification standard for Federal employees and contractors
- Assurance provided by the issuer of an identity credential that the individual in possession of the credential has been correctly identified - Protection provided to an identity credential stored within the PIV Card and transmitted between the card and the PIV issuance and usage infrastructure - Protection provided to the identity verification system infrastructure and components throughout the entire life cycle.
IAFIS (FBI) Integrated Automated Fingerprint Identification System (IAFIS) Image Quality Specifications (IQS)
The certification process is not intended to endorse one product over a competitor's product but merely to certify that the product meets FBI standards
Common Biometric Standards
Enrolment The step with ensures ‘identification’ of the end user, and registration of a high quality template. Check the FTER rate. TIP: Use you best quality reader here
Data Storage Storage of the template in a data repository (e.g. SQL database or Active Directory) TIP: Use FIPS-401 compliant software
Data acquisition The user input to the matching process. Need a good quality, consistent and ‘clean’ input for best matching
Transmission Check the security of the data transmission between hardware and the software. Encryption is highly recommended.
Signal processing Matching algorithm which matches and validates the data. Ensure that the right level of sensitivity is set
Decision The output of the matching algorithm – leads to FAR and FRR statistics
Biometric System Functions
Measurement Description Calculation Improvements
False Rejection Rate (FRR)
A valid subject is rejected by the system
Number of false rejections / Number of attempts
Re-enrol the user - Better hardware - Better environment - Better biometric characteristic
Improve user input Adjust software sensitivity
False Acceptance Rate (FAR)
A invalid subject is accepted by the system
Number of invalid user acceptances / Number of attempts
Failure to Enrol (FTER)
User not registered by the system
No of failed enrolments / Number of attempts
Enrolment Time Time to register new user
Time from submission to confirmation
Improved matching algorithm Throughput Rate Time taken to
validate Time from submission to confirmation
Performance Measures
Security of the template transmission and storage is key (think
RSA security breach)
Considerations between local (cached storage) and
centralised storage Speed
Security
Resilience
Scalability of solutions Key decisions about system architecture
Consider size of templates and speed of matching
Protect the templates for replacement, tampering, loss and
destruction
Data Storage
Trial-and-error attack Classic way of measuring biometric
strength
Digital spoofing Transmit a digital pattern that mimics that
of a legitimate user’s biometric signature
Similar to password sniffing and replay
Biometrics can’t prevent such attacks by
themselves
Physical spoofing Present a biometric sensor with an image
that mimics the appearance of a legitimate
user
Three types of attacks
Note: Assumes that token is not stolen
Example
Type of Attack
Average Attack Space
Reusable Passwords Interactive or Off-Line
21 to 2
45
Biometrics Team 26 to 2
19
One-Time Password Tokens Interactive or Off-Line
219
to 263
Public Key Tokens Off-Line 263
to 2116
Selecting & Acquiring the Biometric System Risk analysis of security controls
User acceptance of the biometric characteristic selected
Operation and Maintenance of the Biometric System User access management – enrolment, updating and removal
System interface with other applications
User Training & Acceptance User enrolment procedures, and template quality scores
User understanding of the use of templates (e.g. privacy concerns)
System Performance Monitoring of FRR, FAR and FTER, and review of system security parameters
Application & Database Controls Controlling access to the ‘back-end’ stored data and parameters
Audit Trails Ensuring the audit logs are secured and stored for review
Audit procedure using ISACA G36
Use certified hardware (e.g. FIPS-201, FBI)
Use certified software (e.g. FIPS-201, FBI)
Tightly control user enrolment with the best quality hardware
and environmental conditions
Ensure secure communication between the hardware and
software
Use as a multi-factor authentication, with token for external
and password internally for example
Consider the convenience, but don’t forget the security
Quick guides to better audit reports
Hardware
Usability – tightly control enrolment, no exceptions
Durability – pick the best hardware, not the most expensive, ask for independent reports
Security – consider certifications, consider communication security & tampering
Cost – more expensive doesn’t mean better, but cheap may undermine the entire project
Software
Features – balance convenience with security
Integration (Scalability) – select a biometric characteristic that scales suitably (1:N), or adapt
system to use 1:1 matching (e.g. using username)
Security – consider certification, ensure encryption of template and communications
Cost - more expensive doesn’t mean better, but cheap may undermine the entire project
Quick guide to better biometric projects
Soft or hard tokens
integrated with biometric
readers
Swipe releases or
enables a unique token
Can be used as part of a
soft-token generation
algorithm
Tokens and biometrics
Mobile Banking Enhancement to token only solutions
Replaces PIN numbers, or acts as 3rd factor
Secure Remote Access Enhancement to token only solutions
Replaces PIN numbers, or acts as 3rd factor
Payment Applications Enhancement to token only solutions
Replaces PIN numbers, or acts as 3rd factor
Biometric Tokens: Applications
Match-on-card Person's fingerprint and face templates on a smart card and performs template matching in a
microprocessor embedded in the card instead of matching biometric information on a PC
processor.
Biometric template stored on the card
Matching applet stored on the card
Match on terminal Person's fingerprint and face templates on a smart card and performs template matching in a
microprocessor embedded in the card instead of matching biometric information on a PC
processor.
Biometric template stored on the card
Matching applet stored on the terminal
The native level fingerprint matching implementation requires less than 8 kilobytes for algorithm code,
less than 1,700 bytes RAM for data and 1,300-1,700 bytes for template storage. The Java Card post-
issuance library for fingerprint matching requires less than 13 kilobytes for algorithm code, less than 600
bytes RAM for data and less than 1 kilobyte for template storage.
Smartcard and biometrics
Chip and PIN replacement ATM Machines (Deutsche Bank, Bank of Tokyo-Mitsubishi)
ePOS
PDQ machines
Age verification Nightclubs - Reduction in nightclub violence in Oz
Off-licence
Club membership Prevents membership ‘sharing’
Enables ‘unmanned’ gyms and other services
Biometric Card: Applications
Summary: Why biometrics?
• Addresses some of the ‘human weaknesses’ of password security and other two-factor solutions Convenient
• Eliminates insecure passwords that are used to protect operating systems, database access, server and client data, emails, applications and more Secure
• Designed to scale from one user to thousands of users with multiple types of authentication devices Scalable
• Available as single multi-factor platforms - costs of other “mix and match” solutions can cost much more. Cost effective
• Can be deployed on customer images and connected to a centralized Enterprise server at any time. Easy to Deploy
• Ties into standard tools used by IT managers to manage user information and users (e.g. Windows MMC) Manageable
• Can be adapted and re-engineered as required to meet customer requirements, with smartcards and tokens if required Integration
Questions & Discussion
Thank You Paul Guckian DelaneySecure Ltd W: www.delaneysecure.com T: (01342) 810 810 E: [email protected] Disclaimer: This presentation is intended for private entertainment and general educational purposes only in the context of the BCS IRMA group, and contains some references to restricted and copyright information. The information is of a general nature, and no reliance should be placed on the information contained herein.