The access control and time & attendance management system that uses biometrics requires proper technology and regulation to prepare for specific security threats. Also, the factors related to security are complementary without independent factors and a lot of resources must be considered. Suprema's solution offers various methods in order to provide enhanced security.
Secure biometric data protection for templates
The problem of leaking real fingerprint images or facial images registered for authentication may pose a serious threat to security. You are able to store biometric credential into Server, device or Smart Card. It reorganizes real images as algorithm templates through an advanced analysis algorithm and encrypts with AES 128bit, AES 256bit or DES/3DES depending on the location to store the template.
Protection against transaction, malware and data breaches
Communication protection using encryption and certificate is applied to all TCP communications and RS-485 communications used in the system. Server to device communication is protected by TLS 1.2 (including SSL/HTTPS) and device to device communication is protected using certificate. This communication structure can be made to become impossible to interpret even if an unauthorized person intercepts data in the middle and can be prevented from using for other purposes by manipulating the device.
Physical protection of privacy data on edge devices
All devices of Suprema have security tamper feature in order to physically protect the stored data. If an unauthorized person removes the device from the wall, all data stored on the device (user information, event log, and template) will be deleted and the settings will be reset.
Providing proof of compliance
All system logs will be recorded from the moment of logging in to the BioStar 2 platform. All connection IPs, logged in users, login times, changed information and performed actions are recorded on the system.
Personal data protection by Access on Card
Suprema's Access on Card (AoC) technology helps to store information such as biometrics template, ID, PIN or access right on the smart card. The personal information encrypted and stored on the smart card offers even more enhanced security since it doesn't have to be stored on a device or a server.
Management of personal data lifecycle
You can set the BioStar 2 platform to delete event logs and data stored on the server after retaining for a certain period of time. Now you don't have to worry about the personal information that might be remaining somewhere.
Authentication for data access
BioStar 2 platform can faithfully reflect privacy protection and organizational operation requirements. It can divide up and manage the permission level to access personal information in various ways.