Forget your password – use your FINGERPRINT! match on card

By Manal Ashraf Abdelhadi , TrustSec

match on card “Mr. Francis Galton affirms that ‘the patterns of the papillary ridges upon the bulbous palmar surfaces of the terminal phalanges of the fingers and thumbs are absolutely unchangeable throughout life, and show in different individuals an infinite variety of forms and peculiarities. The chance of two finger-prints being identical is less than one in sixty-four thousand million. If, therefore, two finger-prints are compared and found to coincide exactly, it is practically certain that they are prints of the same finger of the same person; if they differ, they are made by different fingers. – Lance”[1]

The evolution of the smartcard – biometrics vs. two-factor authentication ( match on card )

Biometric smartcards are multi-factor authenticators (MFA). This is achieved through the addition of an extra layer of security; a fingerprint feature to authenticate the user in addition to the common two factors of authentication used – pin and hardware. The two-factor authentication solutions might expose users to fraud in the event that cards are stolen or pins are cracked. However, unlike standard smartcards, biometric smartcards enhance security on the card due to the probability of a biological feature of a person being identical with another person is less than one in sixty-four thousand million.

Biometric smartcards can be thought of as turnkey solution that combines security, flexibility, durability and easy user experience.

These cards achieve such security levels thanks to their onboard microprocessors processing the data directly, without remote connections. The biometric technology used depends on the Match-on-Card (MoC) that will store the holder’s biometric data and protect such communications with encryption. Biometric smartcards demonstrate a high level of flexibility as the technology used within the card is adaptable enough to integrate with any applet, is durable enough to last for many years, and provides user-friendliness; the card’s portability makes it easy for users to carry in their wallet.

Biometric smartcards are the best solution in providing ultimate security to end-users. Especially in sensitive environments that require a high level of security in logical and system access. Such examples are governmental sectors, where biometric smartcards are used as accurate digital identification solution to access security-restricted buildings or access various government applications (border control, national identification cards, voter registration, and passports). Biometric smartcards also bring a security benefit to the healthcare sector where biometrics could be used by government-affiliated healthcare entities to access a patient’s medical records and ensure fraud prevention.

The biometric data never leaves the card. match on card 

The technology used in TrustSec biometric smartcards eliminates cyberattacks by avoiding the vulnerability of storing the biometrics data on database servers.  These servers may be based on insecure networks that are vulnerable to cyberattacks that might lead to abuse of the biometric data of a person.

TrustSec biometric smartcards adopt Match-on-Card technology that eliminates the need for the database by both storing and processing biometric data directly on the secure microcontroller of the smartcard. Match-on-Card technology works by comparing the fingerprint presented by the user with the stored fingerprint in the secure environment, without having to send fingerprint data to a terminal or a remote server. Match-on-Card technology is typically performed in three steps,

1. Fingerprint capturing (Acquisition),
2. Features Extraction (Minutiae extraction) into a template
3. Templates Matching.

The Match-on-Card feature eliminates the risk of loss or theft of the cards entirely, as there would be no risk of the biometric smartcard being used without the unique fingerprint of its holder.

Privacy comes first match-on-card

Biometrics are biologically unique to the individual; therefore, once compromised, the individual has no recourse and is at a heightened risk for identity theft and therefore likely to withdraw from biometric enrolment. The majority of the population fear the loss of their identity through identity theft. This, in turn, has raised regulations governing secure biometric data collection, the use of such data and the processing of said data more complex.

The gap between enterprises who wish to apply biometric technology and the unease of the users concerning such technology, is solved by the use of Match-on-Card technology to save the users’ identity while applying high-security measures in the enterprise at the same time.

 

About TrustSec smartcard OS “SLCOS” match on card

TrustSec smartcard OS is developing an open Java Card operating system that manages the smartcard resources as a principal component in the security chain; it protects the personal identity of the user and provides the required security services to the end-users.

The OS works in conjunction with secure controllers from Infineon Technologies. It also allows third-party vendors to build embedded applications and applets without affecting security. The beta version was released in 2016 and TrustSec smart card OS has been in continuous development throughout the last five years over multiple Infineon controllers (SLE78 and SLC52) and is now planning to port its SLCOS to Infineon’s SLC38/B.

SLCOS is now compatible with Java Card™ 3.0.4 and Biometry1toN Package from Java Card™ 3.0.5 is also implemented, as well as Global Platform 2.2.1 with MoC schemes (templates stored on the card, matching is done on card).

TrustSec has entered into joint agreement with the leading biometric sensors providers in the market to supply biometrically enabled security solutions for identity management, access control, and payment authentication applications.

In 2019, TrustSec collaborated with NEXT Biometrics to integrate their fingerprint sensor with TrustSec’s SLCOS operating system with a certified Common Criteria PKI applet providing the first version of its contact biometric smart card. The following year TrustSec made progress in integrating both Fingerprints and IDEX biometrics fingerprint sensors with SLCOS in order to provide both biometric contact and contactless smartcards.

 

Worry-free payments with biometric smartcards solution

Biometric technology brings a whole new level of security to contactless payments. No more skimming, no more forgetting which PIN to use, no need to touch the terminal, and no more uncertain payments – only trusted contactless payments.  Payment networks and issuers can expect an overall reduction in fraud rates for lost and stolen cards as the only person who can make a transaction with a biometric payment card is the individual who matches the biometric data stored on the card.

Also, the new technology will have no effect on the current POS terminals currently in use in the market today. No technical upgrade is required on the POS as the biometric check is directly performed on the EMV biometric card and nowhere else.

 

Transaction limits could be a thing of the past

Contactless technology has been a game-changer in payments methodology, boasting several advantages to both consumers and businesses, compared to traditional payment methods and ensuring quick and accurate payments with an excellent user experience.

Contactless payments were also applauded for their health benefits during the pandemic – limiting physical interaction and reducing any concern of spreading the virus during transactions. However, it was stymied by transaction limit regulations, put in place to minimize fraud.

Even with the advancement of management systems for identifying fraud patterns and detecting suspicious transactions, it is impossible to allow open transaction limits, even during the pandemic.

The biometric feature addition to contactless payment cards will usher in a new era, enabling no limits to contactless payments. Users will be securely authenticated with their fingerprint and should therefore enjoy the convenience of contactless payments and payment fraud will be minimized. Users will no more be at risk should they lose their cards, thanks to their unique fingerprint being the only way to activate the smartcard.

[1] Source /“Predicting the First Recorded Set of Identical Fingerprints,” by David, E. and Siobhan, P., 2015, Journal of Interdisciplinary Science Topics.

Read the article in the Vault latest Edition ( DOWNLOAD THE VAULT LATEST EDITION)