The use of biometrics in conjunction with contactless smart cards is certainly high on many lists of security goals–but it has been a goal that is costly, time consuming, and technology-intensive to attain. With the development of the bioCLASS product line, Irvine, California-based HID is taking steps to change all that.
“The bioCLASS reader is simply an iCLASS™ reader with on-board biometric fingerprint verification,” says Marian Pefley, Director of Product Management for Biometric Technologies for HID. “The product fills a niche for customers interested in the added security of a biometric, but not a time and cost intensive stand-alone system.”
Here’s how it works. At the point of card issuance, the cardholder’s fingerprint is scanned by a bioCLASS reader attached to a PC via a USB connection. The fingerprint template is created and written to the iCLASS contactless card and the enrollment process is complete. When the card is presented to a bioCLASS reader in the field, the cardholder places the finger on the scanner and the generated template is compared to that stored on the card. If they match, the access transaction can continue.
It is important to note that the biometric match does not determine whether access to the door is granted or denied. That process is still a function of the ID number in the card matching an authorized ID number in the access control system and/or at the field panel. The biometric match simply validates that the person in possession of the card is the person to whom the card was originally issued.
“The bioCLASS line is designed to be field upgradeable,” says Ms. Pefley. “Customers can install our keypad/LCD-only version of the reader and add the biometric scanner in the future.”
This should prove advantageous in environments where a biometric identifier is desired but the decisions regarding the chosen algorithm and vendor have yet to be finalized.
Another advantage is that the issuer can choose the specific biometric algorithm and scanner to utilize. According to Ms. Pefley, bioCLASS units will ship with the customer’s choice of several different algorithms and 2 different fingerprint sensors. This flexibility is key in that many installations will likely incorporate the selected biometric technology in other applications within their organization.
When the bioCLASS product launches in Q2 of 2004, there will be three hardware options available. The first is the complete bioCLASS reader with keypad, iCLASS™ capability, and biometric verification. Another option is the iCLASS™ reader with keypad and LCD display but no biometric verification. This unit is field upgradeable to add biometric capability at a later point. The third component is the modular biometric board and sensor that is used to upgrade this reader for biometric use.
bioCLASS enables a range of configurable options at both the card and system level. Examples of the flexibility include:
At the card level the “threshold” for the biometric can be specified. Threshold refers to the stringency with which the scanned fingerprint is judged. Some fingers scan easily and with high accuracy while others, because of physical or environmental conditions, do not scan as well. By lowering the threshold required for challenging fingerprints and indicating this on the card, the reader can be instructed to loosen its acceptance criteria for that individual without lowering the bar for the entire system.
At the system level, readers can be instructed from the field panels to turn biometric or PIN requirements on or off depending upon the threat level, time of day, or other specified factor.
“We are extremely excited about bioCLASS and its ability to help bridge the gap between single factor authentication and multi-factor authentication in the access control market,” says Ms. Pefley. “bioCLASS brings another strong advantage to our iCLASS™ family of products–one that truly capitalizes on the power of the 13.56 MHz contactless smart card.”