Solution overview

Access control and time & attendance management system using biometrics requires proper technology and regulation to prepare for specific security threats. Also, the factors related to security are complementary without independent factors and a lot of resources must be considered. Suprema's solution offers various methods to provide enhanced security.

Solution features

Irreversible biometric template protection

Leakage of real fingerprint or facial images registered for authentication may pose a serious threat to security. Actual images get reorganized as binary templates through an advanced analysis algorithm which can never be reversed to a real live image.

Personal data protection
Protecting personal data from malicious attacks or leaks has never been more important. Suprema solutions are designed to safeguard all personal data including biometric credentials and any information that can be traced back to a user. All data is encrypted using AES 256, AES 128, DES/3DES before sotring in server, device or cards. Suprema's web-based open security platform BioStar 2 also received ISO 27001 and 27701 certifications, satisfying international standards for data protection and management.
Communication protection against malware and data breaches
Communication protection using encryption and certificate is applied to all communications used in the system. Server to client communication is protected by HTTPS which can use a trusted CA signed certificate. Between the server and device, all communications are encrypted using AES 256, but can enhance the protection by using TLS 1.2. Serial communication through RS-485 is also encrypted using AES 128 under the requirement to secure all possible communication. These implementations will lead to become a system where it can efficiently defend against malicious attacks and protect all sensitive data.
Physical protection of sensitive data on edge devices
All edge devices produced by Suprema support security tamper to protect stored data from physical threats. If any unauthorized attacker removes the device from the wall, all data and configurations stored will be deleted immediately.
Providing proof of compliance
All activities taken in the system will be recorded from the moment of logging into the BioStar 2 platform. The operations are recorded as logs including information of time, object, and details of actions in the system.
Authentication for data access
BioStar 2 platform can faithfully reflect privacy protection and organizational operation requirements. It can divide up and manage the permission level to access personal information in various ways.