.NET Bio   In Production
 
Biometric Match on Card Solution on Windows XP and Seven, based on Protiva .NET smart cards  
 

Gemalto .NET Bio Solution is an innovative software solution that provides fingerprint biometric support for Gemalto .NET smart cards integrated with Microsoft Windows XP and Windows 7.

Gemalto .NET Bio Solution enables fingerprint Match-on-Card user authentication as an alternative or complement to smart card PIN verification. This in turn gives access to the digital certificates on the card, that can then be used for logon, digital signature, file encryption, secure VPN access among other services. This solution provides a secure two or three factor authentication system that is convenient for users, easy to deploy and manage, and fully compatible with the smart card security components available in Windows Operating Systems. It is also compatible, with the vast majority of fingerprint sensors available in the market.

Features and Benefits
Features:
  • Fingerprint storage and fingerprint verification performed on-card
  • 4 different modes modes for card authentication: PIN only, Fingerprint Only, PIN or Fingerprint, PIN and Fingerprint
  • Storage for up to 10 fingerprint templates
  • Compatible with standard fingerprint sensors
  • Integrated with Microsoft Operating Systems, Microsoft applications and 3rd party applications that support Microsoft's Windows Smart Card Framework (and Windows Biometric Framework of Windows 7)
  • User experience consistent with Microsoft OS
  • Compliant with the Microsoft Minidriver specifications version 7

 

Benefits:

  • Security: Optional Three-Factor Authentication: Token, PIN and Fingerprint
  • Security: Biometric credentials securely stored on smart card. Not susceptible to service outages and Man-in-the-middle attacks
  • Convenience: Roaming --> User can use fingerprints and certificates stored on the card to authenticate on any computer
  • Convenience: Fingerprints used instead of the smart card PIN – Easier to use, no forgotten PIN issues --> Better user acceptance and adoption
  • Privacy: Match performed on the card: Biometric credentials never leave the card
  • Non repudiation: User cannot deny having operate the application or the transaction
  • Compliancy: Certain countries have regulations preventing storage of biometric data in central repositories.
  • Technology: Maturity, accuracy and performance
  • Cost-savings: Eliminating expensive and complex password administration.
News
February 2012 Release of a new .NET Bio card version:
 - Same card for Windows XP and Seven. The Vista version is obsolete and would be available on specific request only. Same .NET OS v3.0 and Minidriver v7.2.1 as the standard .NET card.
- New versions of the .NET Bio middlewares for Windows XP and Seven available at Download / Libraries
- OTP becomes a free-of-charge option.The standard profile of the webstore cards will not include the OTP assembly anymore.
- Update of the technical documentations. See Download / Technical documents
December 2011 New version of the Gemalto vSEC:CMS T Series Card Management System (CMS) that manages the biometric properties of the .NET Bio card. More details.....
November 2011 New video about the .NET Bio Solution for Windows 7 benefits and use-cases
See Download / Product Demonstration
June 2011 Release of the PKCS#11 libraries v2.2.0.8 and v2.2.0.9 for Windows:
- New functions: Performance improvement, multi slot management, SetCardProperty command. More details in the Release Notes included in the zip package.
- V2.2.0.9 is the latest version. V2.2.0.8 is the version validated with the Opentrust SCM v4.4.3 Card Management System.
- The libraries zip package and the User's Guides are available from Download / Libraries.
April 2011  The .NET Bio cards for Windows XP and Vista are pre-obsolete. They will be replaced by the .NET Bio card for Windows 7 in Q3 2011. So the same .NET Bio card will work on all the Windows OS from XP to Seven. A new middleware will be released on XP and Vista to support this card.

Technical Specifications
  Characteristics
Difference with the standard .NET card Card components Gemalto .NET OS, Minidriver and Biometric assemblies
Free EEPROM (approx) 54 KB without OTP (recommended)
38 KB with OTP
Number of certificates and key pairs (2048 bit) 13 without OTP (recommended))
8 with OTP


System requirements:

• Windows XP, Windows 7 or Windows Server 2008 R2
• Gemalto .NET  Bio smart card, minidriver dll and Bio middleware
Biometric readers drivers from their supplier
Gemalto does not offer the biometric readers, but has validated the following ones:
         - Precise Biometrics Precise Sense series and MC200: Biometric sensor + smart card readers
         - AuthenTech Eikon series: Biometric sensors only. Requires an additionnal PC/SC compliant smart card reader.
         - Zvetco Px500 series: Under test: Biometric sensor + smart card readers
         - Other biometric readers can be tested by Gemalto on request
 

Compatibility
 

The following applications have been successfully tested. All the other applications that use the Windows Base CSP architecture should work properly as well.

SOLUTION TYPE PARTNER SOLUTION
Operating System logon Microsoft Windows 7
Microsoft Windows Server 2008 R2
Microsoft Windows XP
Desktop applications Microsoft Word
Microsoft Excel
Microsoft PowerPoint
Adobe Acrobat
E-Mail clients Microsoft Outlook
Web browsers Microsoft Internet Explorer
Google Chrome
CMS
Gemalto vSEC:CMS T Series
File / Volumes encryption Microsoft EFS
Microsoft Bit Locker,
Bit Locker To Go
VPN Microsoft UAG,
Direct Access
Certification Authority Microsoft CA Cert Srv
 
Next Steps

Useful links

Exclusive information for Gemalto Enterprise Partners