- Email: [email protected]
US-VISIT gets closer to adding exit phase
NEWS
product news • Cognitec Systems has announced the successful deployment of its latest search engine, B3T7, through the release of updates to its face recognition products. According to the company, the benefits to its product portfolio of the additional performance boost provided by the new B3T7 algorithm can be seen in recent tests. Using the FERET Duplicate I test, the false rejection rate for this improved search engine has decreased from 3.7% to 2.6% depicting a marked relative improvement of almost 30%. • The first biometric mobile phone from Hitachi will incorporate AuthenTec’s AES1510 fingerprint sensor as a standard feature. The sensor will be used to control display navigation and will be mounted below the W51H’s high-resolution display. The AES1510 enables secure near field communication (NFC) transactions used for mobile ticketing and check in, stored value, mobile credit, and internet commerce payments. The phone will be available to subscribers of Japan’s second largest mobile network provider KDDI. • EPAFactory and Symwave have launched a biometric AccessStick for Citrix SSL VPNs. AccessStick allows organizations to secure SSL VPNs with Symwave’s fingerprint biometric authentication and allows access from untrusted devices while ensuring security through EPAFactory’s virtualization layer, VirtuaWrapper. • A biometric reader from SecuGen has been approved for FIPS 201 use by the US General Services Administration (GSA). The Hamster IV fingerprint reader, which was already approved by the FBI for Personal Identity Verification (PIV) use, can now be added to other SecuGen approved products such as the MINEX (fingerprint template generator and matcher algorithms) to make a complete FIPS 201 biometric solution.
4
and other frequent fliers to pay an annual fee of US$99.95 to provide their background information for pre-screening by TSA and, if approved, receive a biometric identity card that will allow them expedited access through airport security checkpoints. Key members of the L-1 team include ARINC, who will license software used for passenger enrolment and verification to L-1, and OSI Rapiscan, who will perform site preparation, construction, and maintenance at airports. Other Clear team members include Lockheed Martin, an equity investor in Clear and provider of secure data transmission services, and General Electric, also an equity investor and provider of advanced security equipment, such as its shoe scanner, at Clear lanes. Clear has been operational since 19 July 2005, at Orlando International Airport and has over 40,000 members nationwide. Earlier this year, Clear launched lanes at JFK’s British Airways Terminal 7 and San José, Indianapolis and Cincinnati International Airports. Clear will soon begin operating programs at JFK’s Terminal 1 and 4 as well as Newark’s Terminal B. In addition, Clear has been selected by Albany International Airport for a program there. The company also has an agreement with Toronto Pearson International Airport to operate a Canadian program, working with Canadian authorities. Clear’s verification kiosk with shoe scanning technology, co-developed with Verified Identity Pass’ partner GE, will allow members, in most instances, to keep their shoes on as they pass through the Clear lanes at the security checkpoint.
fingerprint
Biometrics set to ease password concerns New research by fingerprint technology provider DigitalPersona has found that a large percent of IT and security executives across different industries have growing concerns over the use of password security, as more sophisticated network threats and breaches continue to evolve. Seventy-three percent of respondents indicated that password security has become a bigger issue over the last year, and 77% stated that a network data breach could be critical or disastrous to their company. With enterprise security breaches on the rise, companies must do more to stop the sharing of passwords amongst colleagues and put formal systems in place to meet security compliance and governance mandates, the study shows.
DigitalPersona’s research initiative, entitled “Secure Your Network Assets”, was conducted in conjunction with the Business Performance Management (BPM) Forum, an organization that helps advance the understanding of business performance management techniques, technologies, and processes in global enterprises. For more information see feature on p10. Contact: DigitalPersona, Tel: +1 650 474 4000, Web: www.digitalpersona.com
us-visit
US-VISIT gets closer to adding exit phase The US Department of Homeland Security (DHS) has announced that it intends to integrate biometric exit procedures into the existing international visitor departure process. DHS says it will take a number of steps in the next year toward full implementation of biometric exit procedures at airports. The first step will be the completion of the three-year pilot program that required international visitors to biometrically check out at select airports and seaports. Effective 6 May 2007, international visitors will no longer be required to use the US-VISIT exit kiosks when they leave the United States. DHS recently submitted an exit plan to Congress as part of the US-VISIT 2007 Expenditure Plan that incorporates lessons learned from the biometric exit pilot program. While the program demonstrated that the technology works, it also revealed low traveller compliance. DHS has determined that US-VISIT air exit procedures should be incorporated into the existing international visitor departure process to minimize the effect on visitors and to ensure seamless biometric collection regardless of the visitor’s departure point. DHS, Congress and the 9/11 Commission have consistently recognized biometric exit control as a priority in order to fully secure the USA’s borders. Development of an automated exit capability is one of the department’s congressional mandates. DHS says it is now prepared to begin implementing exit procedures in the commercial air environment, where the significant majority of those subject to US-VISIT depart the United States. The department recently began discussing the air exit strategy with the airline industry and will be working with air carriers to implement it. DHS will publish a regulation in the future outlining its plans for implementing an integrated air exit strategy. The following locations tested biometric exit procedures:
Biometric Technology Today • May 2007
NEWS • • • • • • • • • • • • • •
Atlanta, Ga. (Hartsfield-Jackson Atlanta International Airport); Baltimore, Md. (Baltimore/Washington International Airport); Chicago, Ill. (Chicago O’Hare International Airport); Dallas/Fort Worth, Texas (Dallas/Fort Worth International Airport); Denver, Colo. (Denver International Airport); Detroit, Mich. (Detroit Metropolitan Wayne County Airport); Fort Lauderdale, Fla. (Fort LauderdaleHollywood International Airport); Los Angeles, Calif. (San Pedro and Long Beach Seaports); Miami, Fla. (Miami International Cruise Line Terminal); Newark, N.J. (Newark Liberty International Airport); Philadelphia, Pa. (Philadelphia International Airport); San Juan, Puerto Rico (Luís Muñoz Marín International Airport); San Francisco, Calif. (San Francisco International Airport); Seattle, Wash. (Seattle-Tacoma International Airport).
keystroke dynamics
Bank of Utah adopts keystroke dynamics In a significant development for one of the lesser-known biometric technologies, Bank of Utah in the USA has said it will
soon launch an enhancement to its online banking security based on keystroke dynamics software, a technology that verifies a user’s identity by monitoring a person’s typing rhythm. Called BioPassword BioPassword, the bank claims that the biometric enhancement will add an extra layer of protection for online banking users making it virtually impossible for anyone other than the user to login to their account, even if they have the correct Access ID and password. With this security enhancement, multiple people (for example a husband and wife) will be unable to use the same Access ID and password. Computer keyboards generate a code each time a key is pressed and a different code each time a key is released. BioPassword captures those codes and calculates how long a key is held down, which is referred to as dwell time, and how long it takes to move from one key to the next, called flight time. This information has proven to be a robust measure of identity, as every person has a distinct typing rhythm. According to local media reports, the bank purchased the software from US-based BioPassword earlier this year, and is testing it internally with employees before making it available to customers. The bank has 6,500 online accounts. The software the bank purchased is subscription-based, with pricing reportedly starting at US$1 annually per user.
Events Calendar 15-17 May 2007 Moscone Center, San Francisco, CA, USA CardTech/SecurTech
Billed as America’s largest advanced card and biometrics conference, this year’s event will cover areas such as secure transaction technology, contactless cards, IT and physical access security convergence. Contact: CTST, Web: www.sourcemediaconferences.com/conferences/ CTST07/index.html Email: [email protected]
22, 23 May 2007 Church House, Westminster, London, UK Security Document World 2007
This innovative new conference and exhibition will have a heavy focus on ePassports, national identity cards, and driving licenses. It tracks the continuing fusion of traditional security documents with digital technology, such as smart card chips and biometrics – and takes an indepth look at issues such as document vulnerabilities and the handling of imminent challenges. Contact: Mark Lockie at Science Media Partners, Tel: +44 2920 560458,
Biometric Technology Today • May 2007
Email: [email protected] Web: www.sciencemediapartners.com
11-13 September 2007 Baltimore Convention Centre, Baltimore, USA The Biometric Consortium Conference
This is one of the largest shows in the biometric calendar and although there is a particular focus on US government activities, it does cover the full-range of biometric industry activities. It has a large exhibition alongside. Contact: J. Spargo and Associates, Tel: +1 703 631 6200, Web: www.biometrics.org
17-19 October 2007 Queen Elizabeth II Conference Centre, London, UK Biometrics 2007
Organised by the editors of the Biometric Technology Today newsletter and its publisher Elsevier, Biometrics 2007 is one of the largest biometric events in the world. Now in its tenth year, the show will have three days of expert presentations from around the world looking at the governmental and commercial application of biometrics. The exhibition alongside features close to 100 companies from all sectors of the industry. Contact: Web: www.biometrics2007.com
in brief • iMagic Software, the creators of Trustable Passwords, has announced that the US Patent Office has granted all 42 of its claims and issued US Patent 7,206,938. This patent will protect the company’s method of recognizing and biometrically authenticating people by their unique typing patterns. • Microsoft has unveiled the updated version of Windows Embedded for Point of Service (POS). The new version includes support for the latest industry standards, a streamlined ability to install mass storage devices during setup, and expanded language support that now totals 33 languages, including Traditional Chinese, Russian and Thai. The company has also announced the availability of the next version of POS for .NET 1.11, with support for new device classes that include biometrics, electronic journal, bill acceptor and image scanner. • A patent application for a fingerprint verification system has been issued to FaceKey. Patent US 7,212,655 B2 builds on a previously issued FaceKey patent which established the software basis for searching a large database of authorized users using two biometric identifiers. The most recent patent is expected to strengthen FaceKey’s position in the marketplace by allowing it to serve large corporations and government agencies with ID management products based on off the shelf hardware that do not require a non-biometric identifier such as a card or a PIN. • Aware has reported its financial results for the first quarter ended 31 March 2007. Revenues for the first quarter of 2007 were US$5.8 million, compared to US$6.1 million in the same quarter last year. The company has stated that interest in secure credentialing at government agencies is increasing demand for its biometrics software products. In biometrics, sales of traditional products as well as new server-based products were strong this quarter.
5
product news • Cognitec Systems has announced the successful deployment of its latest search engine, B3T7, through the release of updates to its face recognition products. According to the company, the benefits to its product portfolio of the additional performance boost provided by the new B3T7 algorithm can be seen in recent tests. Using the FERET Duplicate I test, the false rejection rate for this improved search engine has decreased from 3.7% to 2.6% depicting a marked relative improvement of almost 30%. • The first biometric mobile phone from Hitachi will incorporate AuthenTec’s AES1510 fingerprint sensor as a standard feature. The sensor will be used to control display navigation and will be mounted below the W51H’s high-resolution display. The AES1510 enables secure near field communication (NFC) transactions used for mobile ticketing and check in, stored value, mobile credit, and internet commerce payments. The phone will be available to subscribers of Japan’s second largest mobile network provider KDDI. • EPAFactory and Symwave have launched a biometric AccessStick for Citrix SSL VPNs. AccessStick allows organizations to secure SSL VPNs with Symwave’s fingerprint biometric authentication and allows access from untrusted devices while ensuring security through EPAFactory’s virtualization layer, VirtuaWrapper. • A biometric reader from SecuGen has been approved for FIPS 201 use by the US General Services Administration (GSA). The Hamster IV fingerprint reader, which was already approved by the FBI for Personal Identity Verification (PIV) use, can now be added to other SecuGen approved products such as the MINEX (fingerprint template generator and matcher algorithms) to make a complete FIPS 201 biometric solution.
4
and other frequent fliers to pay an annual fee of US$99.95 to provide their background information for pre-screening by TSA and, if approved, receive a biometric identity card that will allow them expedited access through airport security checkpoints. Key members of the L-1 team include ARINC, who will license software used for passenger enrolment and verification to L-1, and OSI Rapiscan, who will perform site preparation, construction, and maintenance at airports. Other Clear team members include Lockheed Martin, an equity investor in Clear and provider of secure data transmission services, and General Electric, also an equity investor and provider of advanced security equipment, such as its shoe scanner, at Clear lanes. Clear has been operational since 19 July 2005, at Orlando International Airport and has over 40,000 members nationwide. Earlier this year, Clear launched lanes at JFK’s British Airways Terminal 7 and San José, Indianapolis and Cincinnati International Airports. Clear will soon begin operating programs at JFK’s Terminal 1 and 4 as well as Newark’s Terminal B. In addition, Clear has been selected by Albany International Airport for a program there. The company also has an agreement with Toronto Pearson International Airport to operate a Canadian program, working with Canadian authorities. Clear’s verification kiosk with shoe scanning technology, co-developed with Verified Identity Pass’ partner GE, will allow members, in most instances, to keep their shoes on as they pass through the Clear lanes at the security checkpoint.
fingerprint
Biometrics set to ease password concerns New research by fingerprint technology provider DigitalPersona has found that a large percent of IT and security executives across different industries have growing concerns over the use of password security, as more sophisticated network threats and breaches continue to evolve. Seventy-three percent of respondents indicated that password security has become a bigger issue over the last year, and 77% stated that a network data breach could be critical or disastrous to their company. With enterprise security breaches on the rise, companies must do more to stop the sharing of passwords amongst colleagues and put formal systems in place to meet security compliance and governance mandates, the study shows.
DigitalPersona’s research initiative, entitled “Secure Your Network Assets”, was conducted in conjunction with the Business Performance Management (BPM) Forum, an organization that helps advance the understanding of business performance management techniques, technologies, and processes in global enterprises. For more information see feature on p10. Contact: DigitalPersona, Tel: +1 650 474 4000, Web: www.digitalpersona.com
us-visit
US-VISIT gets closer to adding exit phase The US Department of Homeland Security (DHS) has announced that it intends to integrate biometric exit procedures into the existing international visitor departure process. DHS says it will take a number of steps in the next year toward full implementation of biometric exit procedures at airports. The first step will be the completion of the three-year pilot program that required international visitors to biometrically check out at select airports and seaports. Effective 6 May 2007, international visitors will no longer be required to use the US-VISIT exit kiosks when they leave the United States. DHS recently submitted an exit plan to Congress as part of the US-VISIT 2007 Expenditure Plan that incorporates lessons learned from the biometric exit pilot program. While the program demonstrated that the technology works, it also revealed low traveller compliance. DHS has determined that US-VISIT air exit procedures should be incorporated into the existing international visitor departure process to minimize the effect on visitors and to ensure seamless biometric collection regardless of the visitor’s departure point. DHS, Congress and the 9/11 Commission have consistently recognized biometric exit control as a priority in order to fully secure the USA’s borders. Development of an automated exit capability is one of the department’s congressional mandates. DHS says it is now prepared to begin implementing exit procedures in the commercial air environment, where the significant majority of those subject to US-VISIT depart the United States. The department recently began discussing the air exit strategy with the airline industry and will be working with air carriers to implement it. DHS will publish a regulation in the future outlining its plans for implementing an integrated air exit strategy. The following locations tested biometric exit procedures:
Biometric Technology Today • May 2007
NEWS • • • • • • • • • • • • • •
Atlanta, Ga. (Hartsfield-Jackson Atlanta International Airport); Baltimore, Md. (Baltimore/Washington International Airport); Chicago, Ill. (Chicago O’Hare International Airport); Dallas/Fort Worth, Texas (Dallas/Fort Worth International Airport); Denver, Colo. (Denver International Airport); Detroit, Mich. (Detroit Metropolitan Wayne County Airport); Fort Lauderdale, Fla. (Fort LauderdaleHollywood International Airport); Los Angeles, Calif. (San Pedro and Long Beach Seaports); Miami, Fla. (Miami International Cruise Line Terminal); Newark, N.J. (Newark Liberty International Airport); Philadelphia, Pa. (Philadelphia International Airport); San Juan, Puerto Rico (Luís Muñoz Marín International Airport); San Francisco, Calif. (San Francisco International Airport); Seattle, Wash. (Seattle-Tacoma International Airport).
keystroke dynamics
Bank of Utah adopts keystroke dynamics In a significant development for one of the lesser-known biometric technologies, Bank of Utah in the USA has said it will
soon launch an enhancement to its online banking security based on keystroke dynamics software, a technology that verifies a user’s identity by monitoring a person’s typing rhythm. Called BioPassword BioPassword, the bank claims that the biometric enhancement will add an extra layer of protection for online banking users making it virtually impossible for anyone other than the user to login to their account, even if they have the correct Access ID and password. With this security enhancement, multiple people (for example a husband and wife) will be unable to use the same Access ID and password. Computer keyboards generate a code each time a key is pressed and a different code each time a key is released. BioPassword captures those codes and calculates how long a key is held down, which is referred to as dwell time, and how long it takes to move from one key to the next, called flight time. This information has proven to be a robust measure of identity, as every person has a distinct typing rhythm. According to local media reports, the bank purchased the software from US-based BioPassword earlier this year, and is testing it internally with employees before making it available to customers. The bank has 6,500 online accounts. The software the bank purchased is subscription-based, with pricing reportedly starting at US$1 annually per user.
Events Calendar 15-17 May 2007 Moscone Center, San Francisco, CA, USA CardTech/SecurTech
Billed as America’s largest advanced card and biometrics conference, this year’s event will cover areas such as secure transaction technology, contactless cards, IT and physical access security convergence. Contact: CTST, Web: www.sourcemediaconferences.com/conferences/ CTST07/index.html Email: [email protected]
22, 23 May 2007 Church House, Westminster, London, UK Security Document World 2007
This innovative new conference and exhibition will have a heavy focus on ePassports, national identity cards, and driving licenses. It tracks the continuing fusion of traditional security documents with digital technology, such as smart card chips and biometrics – and takes an indepth look at issues such as document vulnerabilities and the handling of imminent challenges. Contact: Mark Lockie at Science Media Partners, Tel: +44 2920 560458,
Biometric Technology Today • May 2007
Email: [email protected] Web: www.sciencemediapartners.com
11-13 September 2007 Baltimore Convention Centre, Baltimore, USA The Biometric Consortium Conference
This is one of the largest shows in the biometric calendar and although there is a particular focus on US government activities, it does cover the full-range of biometric industry activities. It has a large exhibition alongside. Contact: J. Spargo and Associates, Tel: +1 703 631 6200, Web: www.biometrics.org
17-19 October 2007 Queen Elizabeth II Conference Centre, London, UK Biometrics 2007
Organised by the editors of the Biometric Technology Today newsletter and its publisher Elsevier, Biometrics 2007 is one of the largest biometric events in the world. Now in its tenth year, the show will have three days of expert presentations from around the world looking at the governmental and commercial application of biometrics. The exhibition alongside features close to 100 companies from all sectors of the industry. Contact: Web: www.biometrics2007.com
in brief • iMagic Software, the creators of Trustable Passwords, has announced that the US Patent Office has granted all 42 of its claims and issued US Patent 7,206,938. This patent will protect the company’s method of recognizing and biometrically authenticating people by their unique typing patterns. • Microsoft has unveiled the updated version of Windows Embedded for Point of Service (POS). The new version includes support for the latest industry standards, a streamlined ability to install mass storage devices during setup, and expanded language support that now totals 33 languages, including Traditional Chinese, Russian and Thai. The company has also announced the availability of the next version of POS for .NET 1.11, with support for new device classes that include biometrics, electronic journal, bill acceptor and image scanner. • A patent application for a fingerprint verification system has been issued to FaceKey. Patent US 7,212,655 B2 builds on a previously issued FaceKey patent which established the software basis for searching a large database of authorized users using two biometric identifiers. The most recent patent is expected to strengthen FaceKey’s position in the marketplace by allowing it to serve large corporations and government agencies with ID management products based on off the shelf hardware that do not require a non-biometric identifier such as a card or a PIN. • Aware has reported its financial results for the first quarter ended 31 March 2007. Revenues for the first quarter of 2007 were US$5.8 million, compared to US$6.1 million in the same quarter last year. The company has stated that interest in secure credentialing at government agencies is increasing demand for its biometrics software products. In biometrics, sales of traditional products as well as new server-based products were strong this quarter.
5