Security professionals using card-based front ends for access control systems are getting worried about the security of their proximity systems. They know that these systems can be violated with equipment costing less than US$200. The problem is that proximity systems do not offer a challenge response: they only use passive authentication. The card simply sends the exact same 32 bits each time, and is easy to mimic. Just record an AM broadcast and replay it – and AM transmitters only cost $30 to build. It is easy to read a proximity card from close range, even with standard lab equipment. The card can also be easily read from several feet away. Inexpensive card “sniffing” devices can be bought online that will effortlessly pull the card number and replay it at critical access points. However, if companies have a slew of proximity readers the CFO is not going to be happy to hear they need to be torn out and replaced. Add a PIN numbers would also need some type of switch – and everyone knows – PINs have security issues of their own.Adding biometrics will help secure the facility – but, at what cost?Biometrics are a better solution for authenticating users and preventing card “sniffing”. In a perfect world, every that door needs higher security would have a biometrics reader. But this still might mean having to budget for new readers – plus the investment of making sure that the biometric integrates into the present access control system. But what if the biometric was put directly on the card? The proximity card credential with on-card fingerprint reading would provide all the assets of the proximity card and eliminate its most glaring deficiencies. A biometric card can read the user's fingerprint in less than a second. The wirelessly powered biometric card lets users authenticate themselves directly on the card through something they are, a fingerprint or thumbprint.This is much more secure than simply using a standard proximity card, which verifies only something the user carries and can easily be duplicated. The precept is simple. An on-card fingerprint scanner with 3D capacitive technology resides on the contactless card which has universal compatibility with all ISO 14443 readers (the standard contactless card reader) from the leading brands.Without having to change out an organization's existing readers, a biometric card provides an easy, low cost way for security manager to provide an upgrade to access control systems using card readers.The biometric card is more secure to use than other available ID and authentication solutions on the market today. Fingerprint data is captured by the on-card fingerprint scanner and is stored only inside the card. No exchange of data is conducted with external systems. This provides secure template management since the fingerprint never leaves the card. It also eliminates user concerns with privacy issues. The card is unique to the user and only the authorized card holder can activate card communication with the reader. When a positive match occurs, the biometric card activates communication with the lock or reader in the same way as other ISO 14443 contactless smart cards.Biometric cards can be issued to key staff and personnel providing the enhanced security benefits of two-factor biometric authentication without any changes to their existing access control system software or proximity readers. Administrators simply add the biometric card into their system in the same way they incorporate their present proximity cards, all the while extending the life and return on investment for their installed proximity card systems.Kim Humborstad is CEO of Zwipe

Also in the news:

Default ThumbnailEtihad Airways and SITA trial facial biometric check-in for cabin crew Default ThumbnailSamsung still planning in-glass sensor: Report Default Thumbnailartec technologies notes interest in high-performance face recognition