Presence establishment - the art of integrating where I am with what I am doing

Access & Identity Management Handbook 2007 Access Control & Identity Management

The establishment of presence can be defined as the verification of a subject or item’s presence at a specific location, at a specific point in time.

This presence can be the physical presence of a user at the specific location, or a virtual presence such as the presence of a laptop user in Mauritius logged into a VPN mainframe in Dubai. Virtual presence is a field of study all on its own, and will fall outside of the scope of this article. As such the focus will be on the verification of physical presence through subject interactive methodologies.

There are several technologies that facilitate the establishment of user presence. The uses of these techniques are determined by the challenge at hand, and differ greatly in their application. The common denominator of all the available solutions remains the efficiency and accuracy of the verification process. All of the techniques used require the use of a form of unique identification, either through a fact known only to the relevant user, or through the use of a device or physical feature unique to the user.

Protection via password

The most common method of proving presence is through the use of passwords. This method is cheap, easy to implement and requires very little user acceptance as it is non-intrusive and a traditional way of achieving identification. The reasoning behind the use of passwords is that only the relevant user knows the password and that the entry of the password at, for instance, a numeric keypad controlling an access point, proves the presence of the user at that point. This principle is, of course, flawed, as several factors defeat this objective. These factors include the problem that users can distribute their passwords to other users, making it common knowledge and defeating the purpose of such a system. There are also the more romantic issues such as electronic password compromise through system hacking, password injection and password prediction. These factors combine to prove that the establishment of presence through the use of passwords does not completely solve the challenge at hand.

It is commonly believed that the way to enhance the password-based identification method is by issuing the user with a password that the user does not actually need to memorise or even know. This is achieved through the use of mobile password storage devices such as smartcards, radio frequency tags and other such portable smart storage technologies. The user is required to carry the issued device and present the stored password at the specific location by interacting with a device related to the storage medium used – a user carrying a smartcard will swipe the card against a smartcard reader that will read the password stored on the card and initiate certain actions based on business rules.

The principle seems solid, as the user does not need to know the password stored on the card and, thus, cannot compromise the system by distributing the password to other subjects. In addition to this, longer and more complex passwords can be used, as the user is not required to memorise the codes, making it harder to compromise the system electronically. Unfortunately, this method also has some very serious flaws: the clearest of these are that the password is now situated on a physical object that can be stolen, ‘borrowed out’, or lost. A user can wilfully compromise the system by simply handing the card over to another subject. The card can also easily be stolen or lost and later found by another user. All of these factors challenge the use of portable passwords as a solution.

Protection passwords

Simple compromises to address these issues do exist, such as the combination of a password stored on a smartcard with a password known only to the user, but even these techniques are still dependant on user honesty, and can failed all too easily.

The most secure method to date is the use of a technology that cannot be communicated between system users, cannot be stolen or lost and cannot be easily duplicated or electronically compromised. This train of thought led to the creation of the biometric field of science, in which the principle is simple: find a physical trait of the relevant user that is unique and identifiable through electronic means.

This field of study has yielded several biometric technologies that include methods such as electronic fingerprint scanning, facial topology recording, facial feature recording, hand geometry calculation, optical vein mapping, iris vein pattern recording and even the use of voice harmonics. All of these technologies have already proven their worth in the market, and each carry arguments for and against the use of each. The field of biometrics does address the challenges outlined before by ensuring that the identity of the user cannot be mistaken or faked. The feature used to identify the user is a unique physical characteristic that cannot be removed or copied, and will always accompany the user, negating the problem of the user losing the identification mechanism. The technology does, however, face challenges as well: the average user experiences a sense of resistance against the use of these devices, as it is felt that it is intrusive. It also typically requires a more elaborate user enrollment or registration process than the alternative techniques. The informatics and architectural requirements of using biometric systems also require more elaborate, and will as a rule require a longer and more challenging commissioning phase.

Benefits of biometrics

Biometric identification does present the best solution for the establishment of user presence. Among the subset of technologies in this field, fingerprint recognition has the highest cost to efficiency ratio as it offers dependency for a price tag significantly cheaper than the other more sophisticated biometric technologies. It is also easier to implement, and less intrusive than, for instance, iris recognition.

Fingerprint recognition requires some basic technologies to support the implementation of this science. These support infrastructures typically comprise a user registration database, an information backbone of some nature, and the use of computer hardware to facilitate user registration and management. The user presents a finger to a fingerprint scanner, the finger is scanned and either transmitted across the ICT backbone, or verified on the device itself. The fingerprint presence consists of a unique user identification detail (such as an employee code or system generated ID), an indication of which presence point the device is situated at, and an accurate time stamp. This is communicated to a management system, recorded, and used as reference for various business activities. The most common uses of these records are in the areas of physical facility access control and the creation of time and attendance records.

Integration

The integration of biometric establishment of presence technology into human resource management systems was a logical step in addressing user time fraud in the work environment. Fingerprint recognition records are migrated into the timesheet aspect of the client’s existing human resources system and embedded in a format that allows the standard processes to execute with limited or no alteration to established systems. The client gains the benefit of accurate user presence verification without extensive system review and redesign. The use of intelligent support technologies augmenting the deployed biometric technologies have led to the creation of sophisticated capabilities to the benefit of the client. These include the ability to enrol a biometric user in the Cape, but have his records active in Pretoria. Fingerprints are migrated from local sites to central management centres at regional offices, which allow full propagation through the system from any remote point to another. The inclusion of active, realtime business rule sets also allows the client to exert control over user presence and movement with the click of a computer mouse – a person moving into a turnstile can be locked into that turnstile by clicking an icon on a computer generated schematic of the site.

It is clear that the establishment of user presence offered serious challenges in the past, but that the application of biometric identification technologies addresses these challenges very easily. Biometric devices will evolve in future, and as new methods of recognition and digital sensing are created this field of science will offer the user more and more benefits.

For more information contact Alchemist IT, +27 (0)83 418 4939, [email protected], www.alchemistit.co.za





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Palm-vein biometric kiosks secure SAP at Transnet Engineering
Access Control & Identity Management Transport (Industry) Videos
Securing access to SAP is essential to avoid fraud or corruption. Ensuring that users can access the software quickly, easily, and conveniently to do their jobs is also essential.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
Security industry embraces mobile credentials, biometrics and AI
AI & Data Analytics Access Control & Identity Management Integrated Solutions
As organisations navigate an increasingly complex threat landscape, security leaders are making strategic shifts toward unified platforms and emerging technologies, according to the newly released 2025 State of Security and Identity Report from HID.

Read more...
Nice launches DC Blue Astute garage door motor
Nice Group South Africa Technews Publishing News & Events Access Control & Identity Management Perimeter Security, Alarms & Intruder Detection
Nice Systems SA has launched the Nice DC Blue Astute, a garage door motor for the South African market featuring a pre-installed lithium-ion battery instead of traditional lead-acid batteries.

Read more...
Towards a global digital passport?
Access Control & Identity Management
In a world where borders are more connected and closely monitored, the idea of a universal digital passport could revolutionise how we travel, work, and even perceive citizenship.

Read more...
Empower individuals to control their biometric data
Information Security Access Control & Identity Management Security Services & Risk Management
What if your biometrics, now embedded in devices, workplaces, and airports, promising seamless access and enhanced security, was your greatest vulnerability in a cyberattack? Cybercriminals are focusing on knowing where biometric data is stored.

Read more...
A platform for access and identity at Securex 2025
Securex South Africa Access Control & Identity Management Facilities & Building Management
South African companies involved in supplying access control technology, security services, and data management are well-positioned to tap into the expanding access control market at Securex 2025.

Read more...
Background checks: risk levels and compliance
iFacts Access Control & Identity Management Security Services & Risk Management
Conducting background checks is a vital step in the hiring process for employers or when engaging service providers; however, it is crucial to understand the legal framework and regulations governing these checks.

Read more...
Insurance provider uses Net2 For access management
Paxton Access Control & Identity Management Integrated Solutions Healthcare (Industry)
BestMed selected Paxton Net2 for its access control requirements because of its simplicity of installation and ease of navigation for end users, as well as the 5-year warranty.

Read more...
Identity is a cyber issue
Access Control & Identity Management Information Security
Identity and access management telemetry has emerged as the most common source of early threat detection, responsible for seven of the top 10 indicators of compromise leading to security investigations.

Read more...