printer friendly version

Standard forms of security cannot keep up with market development

Devices such as access cards, PINs and passwords, designed to protect end-users, are not only ineffective against modern day threats, they often end up being used to perpetrate crime.

The use of PINs and passwords requires an individual to enter a specific code to gain access, but who actually entered the code cannot be determined as PINs and passwords can also be shared, forgotten or stolen. Card-based systems will only control the access of authorised pieces of plastic, but not who is in possession of the card. It is for this reason that they are easily used by criminals to commit insider fraud.

One of the benefits of a biometric system is that only authorised people - not merely their credentials - are granted access to, for example, a building, a specific part of a building or even a computer or an account.

“Insider fraud - crimes committed from within an organisation or company - is the most significant threat to the modern business,” says Vhonani Mufamadi, CEO of Ideco Group, the market leader in identity management solutions.

Mufamadi points to research, such as the PricewaterhouseCoopers (PwC) Global Economic Crime Survey (www.pwc.com/za/gecs) and 2010 Report to the Nations on Occupational Fraud and Abuse, initiated by the Association of Certified Fraud Examiners (http://www.acfe.com/rttn/2010-rttn.asp), which details the magnitude and impact of the problem of insider fraud.

With reference to the impact of occupational fraud, The 2010 Report to the Nations on Occupational Fraud and Abuse states that “the typical organisation loses 5% of its annual revenue to fraud. Applied to the estimated 2009 Gross World Product, this figure translates to potential global fraud losses of more $2,9 trillion.”(http://www.acfe.com/rttn/2010-highlights.asp)

Ideco believes the demand for more effective security has fuelled an increase in investment in biometric applications, such as fingerprint sign-on for example.

Fingerprint sign-on is widely regarded as the next level in the protection of consumers. The term fingerprint sign-on describes a biometric-based system that requires the user to authenticate him/herself by way of fingerprint identification.

The system comprises a fingerprint reader which first takes a reading of the fingerprint and then identifies and verifies the user according to the information captured from the print. This process must be successfully completed before a user is granted access to either data or an information technology infrastructure or to a building or location.

Not only does it provide true identification of the person accessing the service, but also an accurate audit trail with real evidence should a breach end up in court

Fingerprint biometric readers are used by a growing number of organisations to help control access to their premises. This technology is being widely used in the residential, retail and manufacturing sectors and is gaining popularity within other sectors such as finance and hospitality.

Biometric technology holds value as a proven, efficient method to regulate access and, because it works off fingerprint identification, it is difficult for employees to breach company rules with transgressions such as buddy-clocking or borrowing another person’s access card, says Mufamadi.

“In addition to the increase in demand for biometric-based infrastructures for access control to physical locations, there is also a strong demand for the technology within a cyber or digital environment. Security methods such as passwords and PINs to safeguard access to online information are equally prone to abuse, theft or loss.

“Biometric technology enables the formation of identity chains: the building of binding audit trails that detail who did what, where and when. It is a fact that any organisation is susceptible to IT-based insider fraud and data loss. Controlling access to computer systems with biometrics presents a compelling solution for strengthening IT security,” Mufamadi concludes.

Share this article:

Further reading: