Eliminating Passwords with Biometrics for Identity Access Management Webinar

© 2017 Veridium IP Ltd. All rights reserved

Eliminating Passwords withBiometrics for Identity Access

Management

Attendees have been muted

You may submit questions at any time, but we will respond at the conclusion of the presentation during the Q&A session

Before We Begin


John SpencerChief Product Officer

• Industry expert with over 30 years of experience

• Former CTO at Citrix in Northern Europe

• Instrumental in delivering commercially successful and award winning products

Before We Begin


• The Password is Dead

• Biometrics as Password Replacement

• Veridium Overview

• Biometric Storage Considerations

• VeridiumAD

• Q&A

AGENDA



Weak and compromised passwords continue to be a major attack point for hackers.

The costs are high.


Passwords only authorize access, while

authentication is the process of verifying the

claim that identity makes.

Identity is the “claim” you make to access information, but making that claim with a password doesn’t prove who

you are.

Only biometrics – your face, your voice, your fingerprints – prove you are who you say

you are.

Proving Identity

Authentication is NOT just about initial logon



Reduce data breaches and fraudulent transactions.

Replace what you know – passwords and PINs – with what you are – biometrics.

With our technology, you can replace passwords altogether, or deploy biometrics as

a second factor to strengthen legacy systems.


V E R I D I U M O V E R V I E W


An end-to-end, biometrics-based authentication solution for the Enterprise.


We provide all the components necessary for a complete, end-to-end biometric

authentication solution that is flexible, secure, and enterprise ready.

Products Overview


WEB

MOB

VPN

CX

AD

App Connectors

Enroll & Authenticate

Authorize & Access© 2017 Veridium IP Ltd. All rights reserved

• Launch Authenticator Application

• Enter server details & username/password

• Capture Biometrics – 4 Fingers/Face on Mobile Device

• SMS Notification/Email/Push with activation PIN

• Activate Authenticator with PIN

• Biometric template registered with server and separated

• Biometrics is now exclusively used for authentication


Enrollment – Identity Must Be Proved

• Mobile Applications

• WEB Applications – Use QR Code/Push

• ‘In’ Application – Push

• VPN Appliances – Push

• RADIUS – Push

• Citrix StoreFront and Netscaler – QR/Push

• Active Directory – QR/Push


Application Authentication

• Attempt logon to application/service (username)

• Either scan QR code on device or push notification sent

• Validate Biometrics – 4 Fingers/Face

• Biometrics verified on VeridiumID server or local device

• Secure Token sent to service to authorize user

• User is securely authenticated into application/service


Application Authentication


B I O M E T R I C S T O R AG E

Securing biometric data is paramount. A breach of your system would expose a full set of biometric user data.

Biometric data is for life, it cannot be reset.


Biometric Storage

Our Distributed Data Model is a multi-part process that covers the encryption and storage of the biometric vector. First, the captured biometric is encrypted with Visual Cryptography. This allows

us to encrypt the vector randomly into two separate pieces. Then, one is stored on the mobile device and the other on the VeridiumID server for maximum security.


Distributed Data




• Is significantly more reliable than other mobile solutions

• Increases complexity of data collected, enhancing security

• Does not require additional hardware above 5MP camera + flash

4 Fingers TouchlessID:


• False rejection rate (FRR) is as low as 1.4% which means 98% success rate, regardless of external conditions. 4 Fingers requires no external hardware.

• We just require a 5MP camera and LED flash.

• 4 Fingers is one of the most secure biometrics available.

• More secure than Face and TouchID and Voice

4 Fingers is reliable in any environment

4 Fingers captured print 4 Fingers processed print Traditional Fingerprint Scanner

Minutiae vector

The contactless and contact prints are of comparable quality.The minutia match.

Print Quality



L I V E N E S S


Is it Real or Fake?


Verify the identity claimed by any user, keeping your enterprise data safer and more secure.

Use biometric authentication on desktops (including VDI) and laptops using 4F, Touch or Facial eliminate Active Directory passwords entirely

VeridiumAD also supports offline scenarios.© 2017 Veridium IP Ltd. All rights reserved

1. Replace passwords, use Biometrics as primary or secondary authentication.

2. To log on, user selects their Active Directory account and clicks “Login.”

3. Use authenticates with face recognition from desktop camera or using Mobile device as the authenticator

4. Once verified, user is logged on and can access their Windows applications and data.


Active Directory

Custom Credential Provider


Enrollment Proxy Registration AuthorityVeridiumID

Domain Controllers Certificate Services


AD Architecture

SAML IdP

Authenticate Once

SSO to SAML Enabled Services© 2017 Veridium IP Ltd. All rights reserved

SAML


For more information contact: [email protected]

Phone: +1 877.301.0299 • www.VeridiumID.com • Twitter: @VeridiumID • LinkedIn: Veridium

QUESTIONS?


mailto:[email protected]

Technology

Eliminating Passwords with Biometrics for Identity Access Management Webinar