1 / 23

Biometrics/SmartCard Workshop

Biometrics/SmartCard Workshop. 28 th International Traffic Records Forum August 4, 2002 Orlando, Florida. Identification Technology. Verification of all three elements. X. Authentication Domains. Document- holder. Document. Data. General Principles. Document Authentication

viviana
Télécharger la présentation

Biometrics/SmartCard Workshop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Biometrics/SmartCard Workshop 28th International Traffic Records Forum August 4, 2002 Orlando, Florida

  2. Identification Technology Verification of all three elements X Authentication Domains Document- holder Document Data

  3. General Principles Document Authentication • Is this a genuine document? • Addressed by anti-counterfeit technologies • Was it issued legitimately • Unique personalization security • Authenicatable data

  4. General Principles Data Authentication • Has data been altered? • Classical card security techniques • Tamper evident features • Authenticatable data

  5. General Principles • Data Authentication – Machine-readable data • Digital signatures/certificates • Encryption • Not covered, but not simple • Reliance upon machine authentication requires high level of system control over data protection • Encryption • Keys

  6. Data - Logical Security • Highest security: chip-based Smart Card • PKI implementation • Crypto-processor cards • Increase security of off-line transaction • Increase privacy • Reduce paperwork • Reduce the probability of: • Data alteration • Data substitution • Increased card & reader costs

  7. General Principles Cardholder Authentication • Biometrics preferable

  8. General Principles • Reader Authentication (Who authenticates the authenticator?) Real device or, A device to capture document, document holder information Authentication requires logic within document Cryptographic authentication best, but requires key infrastructure

  9. Identification System – Key Components Identification System Server(s) RDBMS CENTRAL SERVER ARRAYS HOST(S) Point-of-Use Verification Network Management CARD READER & TELEPHONE PROCESSING Communication Network APPLICATION Client Access Control Enrollment Capture Processing Card Issuance

  10. Smart Card Alliance – White Paper “Smart Cards and Biometrics in Privacy-Sensitive Secure Identification Systems”

  11. MatrixID Platform • Identification Card Applications: • ICAO Travel Documents • State / National Drivers License • National ID • Corporate ID

  12. Range of Data Input Formats Text Digitized Images Facial Signature/usual Mark Fingerprint Image Biometric Templates Fingerprint, Facial, Iris, Hand Geometry

  13. Output Options • Data Structure - accommodates range of formats, including: • Visual Information (Visual Inspection Zone) • OCR-B (Machine Readable Zone) • 2-D Barcodes • High density Magnetic Stripe • Smart Cards (Contact and Non-Contact)

  14. MatrixID Interfaces • Designed for distributed system environments: • Interface to Cryptographic facility • Digital signatures • Secure IC loading • XML Data Structure • Local Document Issuance • Remote Document Issuance

  15. Enrollment Screen

  16. Verification

  17. After the card is read, the MatrixID display shows the following:1. The date/ time and method used to verify the cardholder.2. The date the card was issued and the Issuing Authority.3. That the document passes the integrity checks built into the MatrixID Data Structure4. The card holder’s photo, signature and fingerprint image. 5. The MatrixID will prompt the cardholder to verify their identity by comparing a live scan with the stored image.

  18. This page depicts the case where the presented fingerprints do not match. The cardholder is not validated.

  19. This page depicts the caThis page depicts the case where the presented fingerprints match and the cardholder is validated.rd matches the presenter and the cardholder identity is validated.

  20. Better technology not sufficient without strategy • Balance Risk, Privacy, Personal Convenience… • And Cost

  21. Technology Changes New Paradigms to create Transparent Trust • Dynamically updateable ID • Negotiated disclosure • Virtual handshake

  22. THANK YOU Tate Preston tate_preston@datacard.com

More Related