Give digital the finger

August 2012 Access Control & Identity Management

Regular readers will have read countless articles in Hi-Tech Security Solutions dealing with access control and the dangers of traditional means of access, in other words, cards, passwords, tokens and PINs. We have also carried a few articles of logical access control, where we look at the current ease with which people can log into corporate computers and access sensitive applications, such as accounting systems, for their own nefarious purposes.

You will also have read some articles expounding how useless passwords and PINs are as an identification and authentication mechanism. In fact, in this issue we have an article highlighting the enormous amounts stolen, seemingly with ease, by insiders in companies globally. One of the startling facts in the article is that more than half of the stolen money is never recovered – so much for insurance.

SuperVision Biometric Systems has come up with a solution to this problem that costs about R100 per user per month. The solution, SuperSign, is a biometric logon application that works with most biometric readers. The software, developed by SuperVision, streamlines the process of registering users and authorising applications and transactions via a fingerprint.

In the demonstration Hi-Tech Security Solutions attended, SuperVision’s partner, BCX put SuperSign through its paces. The biometric device used was the MorphoSmart 1300 fingerprint reader which can be easily attached to a computer via a USB port.

BCX’s Alexander Botha explains that the system works with the normal directories companies use, such as Active Directory or Novell’s eDirectory. To keep these corporate assets safe, the SuperSign software handles the capturing of users’ biometrics and the assignment of permissions. Everything is controlled by biometric scans to ensure the accuracy of the process.

Biometric verification

Assigning permissions and access to specific digital assets is done via a drag and drop process, or users can be assigned the same permissions as other users with a click. Additionally, when a user needs to be loaded onto the system, two additional, authorised employees will have to verify the process.

For example, when the user is enrolled, someone will need to authorise the process and permissions assigned to the individual and capture their biometrics, while a third party will act as a witness, again via biometrics, before the process is complete.

When the user logs on for the first time, the system changes his default password to ensure that nobody knows what it is, preventing criminals from bypassing the biometric logon. Naturally, the administrators have overall control as usual, but also through their own biometrics. This process ensures there are no passwords written on Post-It notes or pasted under keyboards where they can be easily accessed.

SuperSign goes further in that it will also apply the same logon process to any applications the user opens that need an additional password, such as the accounting system. Once again the initial password assigned to the user is changed to ensure nobody can use his/her credentials to access the system as that user. All these logon processes are controlled from the SuperSign software.

In addition, companies can also apply these processes to Web applications, such as Internet banking or even social media sites like Facebook if they feel the need to track who uses these applications.

Clear audit trail

Botha says the system not only ensures that passwords cannot be copied, stolen or given to someone else, but by using fingerprints, a clear identity trail is created and stored in case it is needed. When using passwords, tokens, PINS or cards to log onto applications and authorise transactions, users verify the traditional ‘something you have’ and/or ‘something you know’ (both for two-factor authentication), but they do not verify who they are.

SuperVision’s Mark Eardley notes that when people are called onto the carpet after fraud has been committed with their password or card credentials, they can simply say they didn’t do it and there are few ways to prove they were there when the credentials were entered.

With biometric logon processes, the person can’t claim innocence as it is impossible to steal someone’s finger. In extreme cases where people may do so, the better biometric readers can detect if a finger is not attached to a living person. This leaves an indisputable identity chain, showing everything the user did on the system, time and date stamped.

The software is also tiered, meaning the user must first logon to Windows before they can access an application if the company so desires. This will prevent someone leaning over a colleague’s shoulder to authorise a transaction or other activities that have stringent security protocols.

When linked to physical access control systems, security is even tighter. The system can be extended to ensure that people can’t logon to their workstation if they haven’t entered the building and it can even automatically log them out when they leave the building.

As noted, the system can be leased at around R100 per month per user. This includes the full service of software, hardware, installation, training and maintenance. The SuperSign software is light on resources meaning a laptop attached to the server will suffice for medium-sized organisations.

SuperSign has already been installed in a few organisations, such as the Department of Agriculture and Fisheries, as well as the Department of Rural Development and Land Reform.

Given that a 2009 survey found that 62% of economic crime in South Africa was committed by insiders, Eardley advises that the cost of the system should not be compared to free password authorisation, but against potential losses. Some of the areas in which biometric logons can prevent losses are:

* Fraudulent EFT payments,

* Modifying billing and procurement data,

* Theft of sensitive information,

* Corruption and deletion of data, and

* Costs of downtime, recovery and restoration.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Palm-vein biometric kiosks secure SAP at Transnet Engineering
Access Control & Identity Management Transport (Industry) Videos
Securing access to SAP is essential to avoid fraud or corruption. Ensuring that users can access the software quickly, easily, and conveniently to do their jobs is also essential.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
Security industry embraces mobile credentials, biometrics and AI
AI & Data Analytics Access Control & Identity Management Integrated Solutions
As organisations navigate an increasingly complex threat landscape, security leaders are making strategic shifts toward unified platforms and emerging technologies, according to the newly released 2025 State of Security and Identity Report from HID.

Read more...
From the editor's desk: Interesting times
Technews Publishing News & Events
We certainly live in interesting times. From delaying the budget speech because the ANC doesn’t see any reason why VAT shouldn’t be increased by 2%, to crime fighters being set up and prosecuted in ...

Read more...
World-first safe K9 training for drug detection
Technews Publishing SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Nice launches DC Blue Astute garage door motor
Nice Group South Africa Technews Publishing News & Events Access Control & Identity Management Perimeter Security, Alarms & Intruder Detection
Nice Systems SA has launched the Nice DC Blue Astute, a garage door motor for the South African market featuring a pre-installed lithium-ion battery instead of traditional lead-acid batteries.

Read more...
Towards a global digital passport?
Access Control & Identity Management
In a world where borders are more connected and closely monitored, the idea of a universal digital passport could revolutionise how we travel, work, and even perceive citizenship.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
A platform for access and identity at Securex 2025
Securex South Africa Access Control & Identity Management Facilities & Building Management
South African companies involved in supplying access control technology, security services, and data management are well-positioned to tap into the expanding access control market at Securex 2025.

Read more...
Background checks: risk levels and compliance
iFacts Access Control & Identity Management Security Services & Risk Management
Conducting background checks is a vital step in the hiring process for employers or when engaging service providers; however, it is crucial to understand the legal framework and regulations governing these checks.

Read more...