printer friendly version

Putting a finger on multifactor authentication

Most major organisations employing some type of security access control employ badges. In the majority of cases, that badge is a passive proximity card. With it, employees can get through the front gate or door and into other rooms throughout the facility that do not rely on a high degree of security.

However, to gain access to more sensitive areas, such as the server room, laboratories or warehouses, these same organisations employ multifactor authentication, typically including biometrics. Such dual identify verification systems are also important for conducting important work on the computer system, such as making high value financial transactions and accessing confidential medical records.

Heightened security applications

Using a combination of authentication methods provides a stronger assurance that users are who they say they are. First of all, it is much harder for hackers to steal or intercept more than one authentication method, such as a card and a password. More importantly, while many authentication methods, such as cards and passwords, can be passed from one to another to breach a system, it is more than difficult to loan someone your finger.

Thus, in heightened security applications already using passive proximity throughout the organisation, site administrators configure their systems to require users to use both their proximity card and a fingerscan to enter these special areas or gain access to the computer or exclusive files. The proximity card reader is simply integrated into the fingerscan reader so that the card and finger are read simultaneously, resulting in a one-touch-and-you-are-in operation.

If the organisation is using active RFID or smartcards, the operation is equivalent with one major difference. Instead of the template for the fingerscan residing in the reader, it can be kept on the card as a travelling database, one that needs no administration or memory. Upon reaching the reader, the template is transmitted into the fingerscan unit for comparison.

Smartcards

When using contact smartcards, the user inserts the smartcard into the unit and the template is transferred. The user then places a finger and the comparison is made. If the fingerscan matches the template on the card, then, and only then, the employee gains access.

If the system employs contactless smartcards, the ID number and template are transferred as the user approaches the reader, eliminating the need and time to insert a card. The authorised user simply has to touch the fingerscan reader to gain access.

For further details contact Hi-Tec Laboratory, (011) 958 0703.

Share this article:

Further reading: