printer friendly version

Biometric loan application system 'squares up' bank

A multimillion rand biometric programme to facilitate and manage a nationwide loan application system has been designed and implemented for the headquarters of a major bank by the Square One Solutions Group, which specialises in providing niche, IT-based, business-enabling solutions.

With branches countrywide, the credit bank wanted to enable branches to approve loans but with responsibility for this assigned only to specific individuals. The system had to be enforceable and the bank needed to be sure that only the selected individuals would be able to approve loans.

"So the bank developed a software program to facilitate and manage loan applications," says Square One's business development manager, Lisa Jackson. "This was the first step towards ensuring that the approval of loans within the system could be executed only by those persons assigned to take responsibility.

"Conventional password systems weren't secure enough and were fraught with other weaknesses such as users forgetting their passwords, or passwords falling into the hands of other unauthorised staff who could abuse the system."

The costs associated with maintaining and managing a password system were another factor that influenced the decision to go biometric. A recent IDC study put annual password management costs at between R1500 and R3000 per user, which in large organisations adds up to huge sums. At the same time passwords do not really present much of a barrier to an experienced hacker.

To achieve the required security level, the solution had to apply biometric technology as well as fully interface with the bank's web-based loan application program. Square One built a solution incorporating biometrics with SAFLink middleware and the solution seamlessly integrates with the bank's Microsoft Active Directory Policy Manager.

"The system provides each user with specific rights and responsibilities assigned according to their individual profile, position, experience, and seniority," says Jackson. "These profiles are managed through Microsoft Active Directory. In a conventional system users would activate their rights through a password. With the biometric system, SAFlink locks into Active Directory, and allows each user's unique biometric imprint to act as the password."

The biometric 'password' requires a fingerprint at various points within the loan application to denote authorisation. So the staff assigned with loan approval authority will approve loans with their fingerprints.

Square One is the only accredited Platinum Integrator and VAR in South Africa for middleware from multibiometric security software provider SAFLink Corporation of Washington and can apply biometric security and authentication solutions to workstation, network and enterprise environments using SAFLink middleware.

"No password or user name is required with a biometric system. Users merely sign on with their finger or thumbprints. It is quick, highly secure and cost-effective because it eliminates all the administrative support work demanded by a password system. Also, the system is not affected by human frailties - there is no password to forget and input or processing errors do not apply," says Jackson.

SAFLink middleware products are based on open-system industry standards and enable organisations to install clear-cut access profiles for employees from the lowest to the highest levels using a variety of hardware and other devices.

"It is not just about single sign-on," adds Jackson. "For most organisations the control of internal access to information or to certain production or research areas, is critical. At the time that each employee's biometric sign-on is implemented, the access rights to company information and to physical areas is managed - not just as an add-on - but as an integrated part of Novell's e-directory, Microsoft's Active Directory and Computer Associates' e-Trust directory network platforms.

Share this article:

Further reading: