Smart Cards and Biometrics
The identification cards and biometrics are, actually, intensely used as methods for identification and authentication of people in numerous systems, in different sectors.
The authentication methods vary in principle and are categorized into three major groups:
- The person has!
Is provided a physical element to the person that allows to identify itself before a given system. Normally a shaped card or tag. The cards are compared to traditional keys, there are transmissible, so the is no guarantee that the person to be authenticated is the one to whom the card was delivered.
- The person knows!
Private data, in most of the cases is defined by the person and only she knows. Usually in the form of password or PIN without the existence of any physical support. Gives a higher security level. Also, in this case, there is the possibility of private data transmitted to someone else, compromising authentication.
- The person is!
Unique features that allow uniquely identify the person through their biometrics: fingerprint, facial recognition or voice.
The selection of the authentication method, for use in a system, must take into account the following factors:
- Required level of safety;
- Risks and impact of transmission;
- Needs and operational constraints;
- Cost of the technology to implement.
The EGAPI solutions for access control and attendance support the authentication methods described above. Supports, also, multi step authentication protocols to suit the security policies and operational processes, such as: Card + PIN, Card + Biometrics, Card + Biometrics + PIN. This latter is the most extreme, witch is validated that the person has, the person is, and the person knows. At our solutions we implemented anti fraud mechanisms. As an example in fingerprint validation requires a validation of living fingers.
Our solution can authorize a person based on:
- User group to which it belongs;
- Operation or access area;
- Time for access;
- Facility security level.
This flexibility allows implementations that meets, nearly all, security policies and procedures with guaranteed performance and scalability.