Biometrics/SmartCard Workshop

28th International Traffic Records Forum

28th International Traffic Records

ForumAugust 4, 2002

Orlando, Florida

Document-holder

Document

Identification Technology

Authentication Domains

Verification of all three elements

General Principles

Document Authentication• Is this a genuine document?

• Addressed by anti-counterfeit technologies

• Was it issued legitimately• Unique personalization security• Authenicatable data

General Principles

Data Authentication• Has data been altered?

• Classical card security techniques• Tamper evident features• Authenticatable data

General Principles

• Data Authentication – Machine-readable data• Digital signatures/certificates

• Encryption

•Not covered, but not simple• Reliance upon machine authentication requires

high level of system control over data protection• Encryption• Keys

Data - Logical Security

• Highest security: chip-based Smart Card• PKI implementation• Crypto-processor cards

+ Increase security of off-line transaction+ Increase privacy+ Reduce paperwork+ Reduce the probability of:

• Data alteration• Data substitution

– Increased card & reader costs

General Principles

Cardholder Authentication• Biometrics preferable

General Principles

•Reader Authentication(Who authenticates the authenticator?)

Real device or,

A device to capture document, document holder information

Authentication requires logic within document

Cryptographic authentication best, but requires key infrastructure

EnrollmentCapture Processing

ClientAccess Control

Card Issuance

Identification System Server(s)

HOST(S)CENTRAL SERVER ARRAYS

NetworkManagement

CommunicationNetwork

Point-of-UseVerification

CARD READER &PROCESSINGAPPLICATION

TELEPHONE

Identification System – Key Components

Smart Card Alliance – White Paper

“Smart Cards and Biometrics in Privacy-Smart Cards and Biometrics in Privacy-Sensitive Secure Identification Systems”Sensitive Secure Identification Systems”

MatrixID Platform

Identification Card Applications:

•ICAO Travel Documents

•State / National Drivers License

•National ID

•Corporate ID

Range of Data Input Formats

Digitized Images

Facial

Signature/usual Mark

Fingerprint Image

Biometric Templates

Fingerprint, Facial, Iris, Hand Geometry

Output Options

Data Structure - accommodates range of formats, including:• Visual Information (Visual Inspection Zone)

• OCR-B (Machine Readable Zone)

• 2-D Barcodes

• High density Magnetic Stripe

• Smart Cards (Contact and Non-Contact)

MatrixID Interfaces

Designed for distributed system environments:

•Interface to Cryptographic facility

•Digital signatures

•Secure IC loading

•XML Data Structure

•Local Document Issuance

•Remote Document Issuance

Enrollment Screen

Verification

After the card is read, the MatrixID display shows the following:1. The date/ time and method used to verify the cardholder.2. The date the card was issued and the Issuing Authority.3. That the document passes the integrity checks built into the MatrixID Data Structure4. The card holder’s photo, signature and fingerprint image. 5. The MatrixID will prompt the cardholder to verify their identity by comparing a live scan with the stored image.

This page depicts the case where the presented fingerprints do not match. The cardholder is not validated.

This page depicts the caThis page depicts the case where the presented fingerprints match and the cardholder is validated.rd matches the presenter and the cardholder identity is validated.

•Better technology not sufficient without strategy

•Balance Risk, Privacy, Personal Convenience…

•And Cost

Technology Changes

New Paradigms to create Transparent Trust

• Dynamically updateable ID

• Negotiated disclosure

• Virtual handshake

THANK YOU

Tate Preston

tate_preston@datacard.com

Biometrics/SmartCard Workshop

Documents

Transcript of Biometrics/SmartCard Workshop

SmartCard Forum 2011 - Visa PayWave

SmartCard Windows Manual

SmartCard Final A

Biometrics an overview of standardisation activities · 0 URD 27 / NDx / 2006-01-17 Biometrics an overview of standardisation activities ETSI Future Security Workshop : the threats,

A Cross-Sensor Evaluation of Three Commercial Iris Cameras for Iris Biometrics Ryan Connaughton and Amanda Sgroi June 20, 2011 CVPR Biometrics Workshop.

Solaris Smartcard Administration Guide

Smartcard Intro

SmartCard Handbook

Guidance for smartcard evaluation v2-0 - SOG-IS · Guidance for smartcard evaluation Page 10 Figure 4 – Smartcard product life-cycle and associated responsibilities 24 Note 1: Sometimes

SmartCard Forum 2011 - RFID Wormholes

Flexible Smartcard Schemes

Public Attitudes to the use of Biometrics in Transport Smartcard Schemes Phil Blythe Professor of Intelligent Transport Systems Director:Transport Operations.

Vanderhoof smartcard-roadmap

Guidance for smartcard evaluation

Festival smartcard

Solaris Smartcard Administration Guide - My Noob Liferepo.mynooblife.org/.priv8/Ebook/Solaris Smartcard Administration...Solaris Smartcard Administration Guide Sun Microsystems, Inc.

SmartCard WEb Server

Smartcard interface with STM32F10x and STM32L1xx ... · The USART Smartcard mode supports asynchronous protocol Smartcards as defined in the ISO 7816-3 standard. With the Smartcard

SmartCard lab - KTH

Cesg Smartcard Security_1-0