Face as password and data breach control: biometric identification in information systems with Id-Logon
In recent years biometric technologies have become widespread both in the daily life of society and in various sectors of the economy and business.
The primary task of biometrics remains to ensure physical security. However, nowadays when data is often the main value, information security is equally important. Thus, biometrics can also be an effective solution.
The Id-Logon software product from RecFaces allows you to carry out a free check of access rights to information systems using biometric identification and verification. A webcam installed on a computer or mobile device reads the user's biometric data, and then checks for compliance with templates in the company's employee profile database. Based on the results of the verification, a person is either authorized in the enterprise system or is denied in access. Today we discuss what kind of gaps in the company's information security can be filled using Id-Logon, and also examine possible product use cases.
Content
- Fewer passwords — higher security
- Third party protection and access setting
- Additional functions — additional protection
- Two-factor authentication
- Data Breach Control
- Confirm identity before making significant operations
- Additional Software Benefits
- Mobility
- Quick and easy to install
- Integration with key directory services
- Violation analytics
- Quick authentication
- Reliability of facial recognition algorithms
- Protection against illegal photo access
- From the business center to the fuel and energy complex: use cases of biometric identification
Fewer passwords — higher security
Using too simple or standard passwords is one of the main “headaches” of information security specialists. The selected character combinations are often compromised and can be easily disclosed by rapidly guessing different passwords. According to statistics, in 85% of cases, accounts do not pass breach tests, both in small or medium-sized, and in large corporates.
In most cases, the company's password policy is also associated with a lot of inconvenience for employees. With the aim of securing corporate systems, organizations are putting forward increasingly rigid password conditions. Complex combinations of uppercase and lowercase letters, numbers and special characters — few people can remember at least one such password. So, when passwords are changed with fixed periodicity, on systematic memorized even the brain of people with good memory “breaks”. As the result, employees have one way: to write passwords on a piece of paper. At best, a person keeps this piece of paper around in the future, and at worst, right at the computer for all people to see. The security information policy of a company loses miserably to the trivial human element.
Id-Logon allows you to secure your organization's information systems by introducing password-free biometric user identification. Face authentication eliminates the possibility of password theft or hacking, many times reducing the risk of unauthorized entry into the corporate system. The software solution also provides the function of notifying security officials about an attempt to log in to the account by a third party. At the same time, Id-Logon not only provides a high level of authenticity of identification, but also eliminates the need to remember complex passwords. This means that it makes the procedure convenient and fast for company employees.
Third party protection and access setting
Perhaps no one spends 100% of his working time on a computer. At the same time, leaving a workplace, employees often forget to exit the system or turn off the computer. This is another “gap” in the security of the company that intruders can use. You can also solve this problem using Id-Logon.
The software solution ensures periodic checks on the user's presence at the computer. Without “finding” the employee, the system increases the frequency of checks, and after a fixed period of time automatically locks the device. In addition, if, after successful biometric verification of one person at a computer, his or her colleague or an unauthorized person begins to work at that computer, the system will promptly notify the employees of the information security department. It can also block access to all information corporate resources, if necessary.
Id-Logon allows you to configure different device use cases. So, using a software solution, you can set a ban on the simultaneous presence of two or more employees at the computer or vice versa — to give the right to access the account to several employees. For this purpose, when registering in the base of biometric profiles, a person is “attached” to one or more specific devices.
Additional functions — additional protection
Working with certain information resources or conducting important operations, the usual procedure of identifying and verifying the user often is not enough. Therefore Id-Logon also provides the following functions.
Two-factor authentication
The combination of password or PIN entry and user biometric verification provides an additional level of protection and excludes unauthorized access to the system even if the password has been compromised.
Data Breach Control
Id-Logon can work in tandem with protection from data breach (DLP-systems). By registering suspicious activity or performing certain operations, the DLP-system conducts an additional biometric verification of the user in the background. If the presence of an unauthorized person at the device is confirmed, Id-Logon will notify the security service.
Confirm identity before making significant operations
When an operation in an enterprise system requires additional identity confirmation, Id-Logon starts additional active verification of the person. Thanks to this function, the management of the company can be sure that the operation will be carried out by an authorized employee. It is also possible to save a confirmation archive, which allows you to check when and who carried out a particular operation.
Additional Software Benefits
Besides improving the security of information systems through biometric identification and flexible access rights settings, the use of Id-Logon provides the organization a number of other advantages.
Mobility
Id-Logon allows you to verify and identify users not only on desktop computers, but also on mobile devices: tablets and smartphones. Depending on the settings, biometric authentication can be applied both to the device and to an application. This function is especially useful for companies where employees work remotely and are not depend on one particular workplace.
Quick and easy to install
It takes only 20 minutes to install Id-Logon. The open API of the software solution allows integration with various information systems. Service devices are equipped with a biometric authentication application and biometric sensors. These can be both simple and specialized web cameras with an increased level of control and the ability to work in poor illumination conditions.
Integration with key directory services
Id-Logon has advanced integration with Microsoft Active Directory. If it is necessary, the product can also be integrated with LDAP directories. For example, Oracle Internet Directory or IBM Tivoli Internet Directory Server. Deep integration with directory services allows you to expand the functionality of classic biometric verification authentication systems “by face” and further increase the level of information security of the organization.
Violation analytics
The software solution allows you to generate reports on user authentication in enterprise systems and maintain statistics on detected violations. So, you can analyze violations by a specific group of devices or by a certain device. Also, it is possible to check the data on the type of violations of interest.
Quick authentication
On average, it takes no more than 1.5 seconds to verify the access right by face
Reliability of facial recognition algorithms
Modern facial recognition algorithms are characterized by high reliability of results even in complex use cases (e.g. when the room is not sufficiently illuminated or when a person wears a mask). The probability of providing access to a third party (false positive event) is less than 0.0001%, and access denial of an authorized employee (false negative event) is no more than 3%.
Protection against illegal photo access
Id-Logon completely excludes the risks of providing access to the company device to third parties, even if they use photos or videos of a person with access rights. For this purpose, the software solution provides a developed Liveness algorithm, which ensures that access is gained only by an authorized employee.
From the business center to the fuel and energy complex: use cases of biometric identific
We see that password-free biometric authentication in enterprise systems not only allows you to achieve a higher level of information security, but also makes the procedure more convenient for end users. Therefore, in a broad sense, the Id-Logon software solution can be useful to any company, regardless of the field and number of people in the staff. However, for some organizations the use of biometric authentication in the short term should become ubiquitous and obligatory tool for ensuring information security. First of all, we are talking about companies in the financial sector, fuel and energy facilities and industrial enterprises.
For banks improvement of data protection mechanisms today is one of the primary tasks. Against the background of the growth of cybercrime and the development of information attack technologies, specialists in this area have to “stay ahead”. In addition, the work of banks implies a large number of different operations in different areas, which also requires the introduction of a wide range of appropriate solutions in information security.
There is also the need to increase the level of information security in fuel and energy facilities and industrial facilities. Here, the focus is not on administrative staff working in the central office or department, but on-site staff. At the same time, the consequences of violations in these industries are not only reputational or financial, but can also lead to serious emergencies. Thus, the absence of a dispatcher, operator or employee of security service in the workplace during an emergency situation at a nuclear or thermal power plant is fraught with destruction of the strategic infrastructure of cities and regions, an environmental disaster, a threat to the life and health of the population.
Business centers are increasingly interested in password-free biometric authentication. For example, the implementation of Id-Logon is planned in the office space of the new generation of MULTIPACE by the Pridex Group. The use of this solution in conjunction with other biometric software RecFaces products allows you to implement the concept of “seamless” access of employees to the entire office space infrastructure, when employees do not need to remember passwords or carry access cards during their stay in the business center. Entrance to the building, receiving services, booking meeting rooms, authorization at the working computer — all these actions are implemented using facial recognition technology.
The introduction of Id-Logon allows organizations to ensure reliable and fast access of employees to enterprise systems, confirm important operations using additional biometric authentication, limit access of unauthorized persons to company devices, and monitor the presence of employees in the workplace.
