|
For network authentication, user name/password, one-time
password, PKI certificates and biometrics are various methods
for validating a person?s identity and the legitimacy of a user
connecting to a network. Biometric authentication uses a
physical human characteristic such as a person?s fingerprint,
voice pattern or retina images for identity verification.
Compared to other authentication methods, biometric credentials
are more difficult to steal, misplace and share which makes them
more convenient and easier to manage.
Biometric authentication enhances the overall level of
security when combined with other authentication factors ? a
smart card or token (something you have) or a password or PIN (something
you know). Because smart cards are designed to be highly secure
and tamper-proof, processing biometric credentials directly on
the card is safer than other methods of biometric authentication.
The fingerprint information never leaves the card and is never
stored in a database, thus protecting users? digital identities.
Privacy issues and security risks associated with other
biometric authentication methods are mitigated because the
fingerprint credentials are stored and validated on the smart
card which is constantly in the user?s possession.
A multifactor authentication system that uses smart cards and
biometrics compares a live biometric credential, for example a
fingerprint scan, to a stored biometric credential that was
captured when the user was enrolled. This comparison is made
within the secure environment of the smart card using an onboard
cryptographic processor. For additional security and flexibility,
some systems have the capability to store and manage multiple
biometrics credentials.
Smart card-based biometric authentication has several
advantages for end-users and issuing organizations that include:
- Portability: Biometric credentials and digital
certificates are stored on the user?s smart card; thus, these
users can freely and securely roam, log on and use any computer
on the corporate network.
- Convenience: By replacing a password or PIN with their
fingerprint, users no longer need to remember ? or type in ?
long, frequently changing passwords.
- Privacy: Securing the biometric identity credentials on the
smart card lets users control access to their personal
information and eliminates the need for database access during
the authentication process.
- Security: Biometrics with smart cards enhances
security by enabling the use of a third factor of authentication.
For corporations interested in the deployment of biometric
technology for user identification, it provides secure storage
and verification of the biometric credentials inside the smart
card.
- Cost Savings: The majority of Help Desk calls are
related to forgotten passwords or user PINs. Smart card-based
biometric authentication delivers a secure alternative that
greatly reduces the need for password resets, helping to lower
Help Desk support costs.
More info:
http://www.globalplatform.org/documents/BiometricWhitePaper_March09.pdf
|
