1

2003

Increased Security, while protecting Privacy ?

True or False ?

Christer Bergman, President and CEO, Precise Biometrics

2

2003

I will talk about...

Precise Biometrics (very brief)

Biometrics..?

Smart Card & Smart ID Card

Fingerprint matching on card

”Increased Security, while protecting Privacy? True or False?

3

2003

This is Precise Biometrics

World leading security solutions based on fingerprintHolds world’s first patent within “Match-on-Card”Founded in 1997 in Lund, SwedenOffices in Lund (40), Stockholm (2) and Washington DC (6)Listed on the Stockholm Stock Exchange O-list since 2000

4

2003

What we do

We create fingerprint-based security solutions for companies, organizations, authorities and private individuals that replaces PIN:s, passwords and keys.

5

2003

Biometrics ....?

6

2003

Trends that fuel the need for biometrics

• Market trends:– Globalization– Mobility and flexibility– Digitalization

• Technology enablers:– Internet– Wireless – e-business and smart cards

All driving a cumbersome growth of PIN-codes and passwords

7

2003

Problems

• Concern that sensitive data is accessed by unauthorized users

• e-business without trust – who’s at the other end of the Internet?

• Passwords, PIN-codes, keys, etc are a hassle => security is often cheated, or upheld at high admin cost

8

2003

Solutions• Confidentiality – encryption• Authentication – digital certificates• Non-repudiation – digital signatures • Convenience + personal security –

biometrics

Digital identity management, smart cards and biometrics enables security

and convenience by making the digital identity personal

9

2003

Why biometrics?

• Uniquely linked to a person, who is present

• Secure and convenient– “No more passwords” (or “Post-It” stickers…)

– Convenient = it will be used

– Cannot be borrowed, stolen or forgotten

• Saves money– Less fraud

– Less cost for password administration

10

2003

What is biometrics?

                                            

11

2003

Market share by technology

12

2003

What biometrics, and how ?

                                            

Surveillance vs. Access to a serviceIdentification vs. Authentication

1-to-many vs. 1-to-1Enrollment & VerificationFingerprint Image vs. Biometric TemplateTraditional Feature (Minutia) MatchingMore advanced pattern or hybrid matchingMatch-on-Server, Match-on-PC or Match-on CardSecurity or Privacy or Both ?!

13

2003

What is Smart Card ?

14

2003

Smart Cards - A small computer and a crytographic token

• Contains and handles sensitive data• transactions / e-cash / identity / health

profiles• secret codes and keys• biometric templates

• Performs cryptographic computations for• authentication / digital signatures• confidentiality by encryption• key management protocols• biometric match-on-card

15

2003

Smart ID Card =Smart Card + ID Card

Johnson,Jane Marie

Social Security Number Date of Birth

742-76-0064 1969JAN09

Issue Date Expiration Date

1999SEP03 2003SEP01

Pay Grade Geneva Conv. Cat.

LTCOL VI

Rank

A1

Geneva Conventions Identification Card

Active Duty

U.S. Navy

DMDCDMDC

16

2003

Privacy or Security

17

2003

Factors affecting privacyin ID systems

Amount of data

Sensitivity of data

Low

High

High

Very High

Privacy concerns

18

2003

Unique security solutions

PIN, PasswordSomething You Know

Solutions

RelativeSecurity

Level

Something You Have + Something You Know + Something You Are

++

Something You Have + Something You Know

++

Something You Have + Something You Are

++ Biometric

ID Card

++

Something You Have

Key or Card

19

2003

Fingerprint matching on card

20

2003

Match-On-Card technology

Fingerprint matching on smart cards and SIM / WIM cards Brings biometrics and PKI togetherMake digital signatures and encryption of e-mails or documents more secure and convenientMakes it possible to replace PIN:s with fingerprints and to store and match the fingerprint on a smart card instead of a less secure computer

21

2003

PKI & Fingerprint Match On Card

SecureINTERNET

4563 6437

PKI with PIN-codes

PKI with Biometrics

SecureINTERNET

22

2003

Match-On-Card

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

Capture EnrollmentVerification

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

PC Hard DrivePC Hard Drive

Network ServerNetwork Server

Smart CardSmart Card

Reference StorageReference Storage

UNSECURE

UNSECURE

Not Scalable

Not Scalable

23

2003

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

Match-On-Card

Verification

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100010100100110101010010110101110101101010011101111010100100100011100101010001010100100

PC Hard DrivePC Hard Drive

Network ServerNetwork Server

UNSECURE

UNSECURE

Not Scalable

Not Scalable

Smart CardSmart Card

Matching to reference templateMatching to reference template

• Reference template is exposed during Reference template is exposed during verificationverification

• Card independentCard independent

• Sensor independentSensor independent

• Compatible with DoD Common Access Compatible with DoD Common Access CardCard

• Available for Java Card and MultosAvailable for Java Card and Multos

Reference StorageReference Storage

• Best practices require template to be Best practices require template to be encrypted and signedencrypted and signed

— Secret shared by all workstationsSecret shared by all workstations

24

2003

Why Match-on-Card?Scalability

The matching is performed locally on the card – the system scalability doesn’t have any limit – the matching is fast and independent of open networks

SecurityTwo factor authentication – demanding both a valid smart card, where fragments of your fingerprint are securely stored – and your fingerprint

PrivacyThe template never leaves the secure environment – it cannot be copied or stolen – the privacy issue is radically resolved

25

2003

How it works

Match-on-Card™

26

2003

Privacy and Security

!

27

2003

Thank you!

christer.bergman@precisebiometrics.com

Increased Security, while protecting Privacy ?

True !