(source= ContactlessNews) Sagem Morpho Inc. introduced the MorphoAccess 521 TWIC biometric reader, a smart card access device to meet Transportation Security Administration implementation requirements for the Transportation Worker Identification Credential program. The MA521 TWIC is designed to read encrypted biometric data, such as a digital fingerprint, perform the match to the cardholder and perform an active card authentication across a contactless interface. To gain access to a secure port facility, the worker will hold his or her TWIC card up to the contactless interface on the reader. Depending on the security level at the port credential holders may have to do different things. At the lowest security level the reader will first read the cardholder ID to verify that the card is authentic, unaltered and active.

(source= financeTech) While single signon technology has been recognized as a worthy goal in insurance technology circles for several years now, a quick scan of the industry still yields little evidence of centralized depositories for user IDs and logons that consolidate the number of passwords that an employee, business partner or customer needs to access a carriers systems. Its been a big topic for a number of years, and I think its a utopia that hasnt been reached yet in many instances, according to Mike Barba, manager, business consulting, at SMART Business Advisory and Consulting, a Devon, Pa.based firm with expertise in areas including enterprise risk management, regulatory accounting and claims management. A lot of people will claim they have single signon, when in reality they do have local databases of users that they still need to manage, he adds. In many ways, single signon (SSO) does represent a sort of utopia. Its benefits are farreaching. From a security standpoint, SSO can eliminate the alltoocommon sticky note approach to identity management that has been.....

(source= EU) The European CommissionÂ’s eGovernment Action Plan considers innovations in eIdentification, interoperability and Open Source Software to be eGovernmentÂ’s key enablers. Will these initiatives make possible the efficient and correct operation of public administration eServices? What does the evidence suggest? The European Journal of ePractice looks contributions on eID, Interoperability and Open Source. The deadline for submissions is 1 October, 2008.

(source= Forbes) IT Computing Services, Inc. (ITCS), a leading provider of Web Based Time and Attendance Systems, announced the immediate availability of the ITCSWebClock Mobile Solutions. ITCSWebClock is a Web Based Time and Attendance solutions offered as a SaaS solution (Software as a Service) or installed locally. Perfect for multiple locations or to reduce IT infrastructure costs. Several Mobile features are available for collecting time and attendance data. Features are: Cell Phone Punch through the basic cell phone web browser. Dial a Punch through the Telephone and Key Pad. Web Enabled PDAs with a browser interface. Laptop computers on the Cellular Wireless Networks. Also, the web browser from a computer, biometric and badge time clocks. The above mobile features integrate with the ITCSWebClock web based functionality for managers and administrators. This includes data integration with the Job Costing and Location Tracking modules.

(source= ComputerWeekly) A ÂŁ500,000 biometric fingerprint entry security system is to be installed at the Busy Bees childrens nurseries chain. The system from UK Biometrics will allow parents and carers easy access to the nurseries while ensuring unauthorised people cannot gain entry. UK Biometrics has been trialling the system at 14 Busy Bees nurseries for more than a year. The new biometric locks allow Busy Bees personnel to register parents and carers fingerprints in seconds. Once registered, parents press their fingerprint onto a sensor pad at the door and gain immediate entry. Unregistered visitors ring the bell and wait for a member of staff to admit them. The new system will allow staff to spend more time with the children at busy dropoff and collection times, rather than answering the door to parents.

(source= Finextra) Aladdin Knowledge Systems an information security leader specializing in authentication, software DRM and content security, today announced a partnership with IdenTrust, who possesses the only global bankcentric identity network, to provide identity authentication solutions for secure online banking and financial transactions. Aladdin and IdenTrust are collaborating to offer certificatebased twofactor authentication for unmatched security, enabling financial organizations in the United States, Europe and Asia to implement nextgeneration technology to improve the security of ecommerce, fight identity theft, increase customer trust and drive revenue.

(source= Citi Group) New York, NY – Citi announces the launch of its highassurance digital identity solution – Citi Managed Identity Services. This new offering from Citis Global Transaction Services business enables Citi clients to use digital identity and signature technologies to effectively and securely manage the exchange of electronic information in digital commerce and business critical transactions. The expansion of electronic commerce and globalization of supply chains is driving companies to streamline their business processes and move to a sustainable, industrialstrength, paperless environment without compromising security, confidentiality, compliance, and integrity of transactions. Citis Managed Identity Services provides clients the requisite security and assurance framework to confidently transact business. As part of the solution, Citi issues digital identities that can be used in a number of ways including authenticating end users to applications, encrypting and locking down data, and replacing wet ink with digital signatures, without compromising legal enforceability.

(source= USA Today) Call them the Coreflood Gang. A ring of cyber bank robbers from southern Russia has quietly perfected a way to get a beachhead inside company networks. Once inside, it infects every PC within reach with a custommade datastealing program called Coreflood. The goal: go rip off bank accounts online. Over the past 16 months, the Coreflood Gang has infected swaths of PCs inside thousands of companies, hospitals, universities and government agencies, says SecureWorks researcher Joe Stewart, who has tracked and documented the spread of Coreflood over that period. Its spying on you, capturing your logons, user names, passwords, bank balances, contents of your email, Stewart says. It can capture anything. Coreflood is part of a class of malicious software, called banking trojans, designed primarily to help crooks break into bank accounts online. The number of banking trojans detected on the Internet this month topped 24,800, up from 3,342 at the start of 2006, security firm FSecure says.

(source= Forbes) PARIS (Thomson Financial)Oberthur Technologies said it has won a contract to supply the Philippines electronic passport. The French manufacturer did not say how much the contract was worth. The group will supply a complete system, including registration, issuing, personalisation and the biometric system. Oberthur recently created a division devoted to electronic identity documents, a branch of activity it wishes to develop. In June it won a contract to supply electronic passports in Taiwan.

(source= ComputerWeekly) Sony has launched three VAIO notebook computers aimed at business users. The lineup comprises VAIO SRSeries, a 2Kg 15.4 inch model, which gives 5 hours battery life the VAIO BZ is an A4format and the VAIO ZSeries is a 1.5kg notebook which has a carbon fibre case. The SRSeries uses Intels Core 2 Duo processors. It is configured with 4GB of highspeed system memory and a 13.3 WXGA (1280 x 800) screen, which Sony says offers both low power consumption LED illumination and its Xblack LCD display enhancement.Sony has also developed a Switch function, which lets users change the personality of the notebook at the touch of a button, so it can be switched between a customised personal desktop and a professional look and feel. The VAIO BZSeries BZ11VN uses Intels Centrino platform with vPro technology, which, Sony said, offers users builtin remote manageability and enhanced security. This notebook includes fingerprint recognition technology and supports Trusted Platform Module hardware protection, which stops access to data if the laptop is stolen or left on a train

Neurotechnology has released MegaMatcher Accelerator 2.0, a packaged hardware and software solution for high-volume, high-speed fingerprint identification. MegaMatcher Accelerator 2.0 is now available in Standard and Extended versions, offering a greater range of platform configurations for different biometric solutions. The Extended Version

Neurotechnology has announced that VeriFinger has been selected as the fingerprint verification engine for PolandÂ’s new biometric passport system. Now implemented in more than 130 passport offices throughout the country, VeriFinger provides reliable 1:1 fingerprint verification at each stage of the passport application, generation and issuance proc

BAE Systems has drafted in Human Recognition Systems (HRS) to help ‘fast forward’ 3D facial recognition technology that will vastly improve security in train stations and airports. The project will ultimately help police and security professionals to identify suspects on CCTV as they move quickly through public spaces, read their lip and speech pat

Security Systems Technology (SST) are offering a biometric time & attendance (TNA) solution that can operate on a standalone basis or fully networked (LAN/WAN). The product allows live multiple-site integration and is particularly suited to applications in the leisure sectors. The TNA system has recently been installed at London Heathrow Airpor

Identity management’s rapid growth is driven by the need to manage complex identity validation and security needs in sectors like defence, healthcare, finance and human services. Presently, technologies the initiative supports – like ID cards with embedded chips, mobile devices and biometrics – are used increasingly to minimise fraud, identity the

OmniPerception has teamed up with BAE Systems to conduct cutting edge research into the development of biometric recognition technology. The project which started last year is part of BAE SystemsÂ’ Investment In Innovation (I3) programme, set up two years ago to encourage and support innovative small and medium sized enterprises in the developme

Integrated Biometrics' TRU650 Biometric Access Control System (BACS) secures physical access to enterprise environments with a centralized database providing real-time control and record of activity. Integrated Biometrics has announced that its TRU650 fingerprint biometric access control solution has received Lenel factory certification. As p

Human Recognition Systems has won a contract with Newcastle International Airport to deliver the MFlow automated exit lanes system to manage passenger flow. The scheme will monitor the exit routes from the international and domestic baggage collection areas, significantly enhancing service, security and efficiency at the airport – which was used by

Mobile operators, device manufacturers and application developers need identity management tools that are both convenient and secure to support the growth of mobile services such as application marketplaces, m-banking, m-commerce, mobile enterprise applications, and mobile productivity tools. Sagem Wireless has formed a partnership with UPEK

Technology has evolved to address the challenges of the modern business market. Mobile working and round-the-clock communication have tested information security, as has the need to lock down data from the inside-out. Securing the firewall was previously top of the CISO agenda, but today, securing internal access to applications by employees is equ

Helinet Technologies has been selected by the Special Anti-Crime Unit of Trinidad and Tobago (SAUTT) to assist the agency in implementing a fulltime, high definition aerial surveillance capability. The assignment represents a continuation of Helinet's work with SAUTT providing HD image gathering and live broadcast capabilities and will encompass infrastructure design and build-out, technology int

Neurotechnology has released MegaMatcher Accelerator 2.0, a packaged hardware and software solution for high-volume, high-speed fingerprint identification. MegaMatcher Accelerator 2.0 is now available in Standard and Extended versions, offering a greater range of platform configurations for different biometric solutions. The Extended Version of MegaMatcher Accelerator 2.0 replaces the curren

Neurotechnology has announced that VeriFinger has been selected as the fingerprint verification engine for Poland's new biometric passport system. Now implemented in more than 130 passport offices throughout the country, VeriFinger provides reliable 1:1 fingerprint verification at each stage of the passport application, generation and issuance process. Passport producer Polish Security Printin

After a year of extensive research and a formal European Tender process, Harrow Council will now offer "SmartWater", to all 85,000 houses and flats across the North London borough. Householders mark their valuables with the solution which leaves an indelible and individual trace on valuables. It is almost impossible to remove and shows up under UV light - allowing police to conclusively establish

BAE Systems has drafted in Human Recognition Systems (HRS) to help 'fast forward' 3D facial recognition technology that will vastly improve security in train stations and airports. The project will ultimately help police and security professionals to identify suspects on CCTV as they move quickly through public spaces, read their lip and speech patterns and build up a picture of their behaviour th

The snow recently proved a perfect blank canvas for Somerset Police after a bungling car thief left his tracks in the snow, leading police straight to where he lived. But Tracker warns that not all thieves are that foolish and urges motorists to take extra security measures as the bad weather is set to continue. Stuart Chapman, Police Relationship Manager comments; "While many motorists have en

AES International Corporation will subcontract under Siemens Government Services, Inc. to assist with the maintenance of Access Control Point (ACP) equipment at U.S. Army installations throughout the U.S. and abroad. In their role for this yearly multimillion dollar project, AES will provide preventative and corrective maintenance on GE Homeland Security products which detect traces of either expl

An entire policing district on the north-east coast of England, which covers nearly 100 square miles, is being protected by SelectaDNA forensic marking after Cleveland Police introduced an extensive scheme featuring both urban and rural locations. The scheme was introduced 18 months ago with the aim of reducing dwelling burglary and covers the Redcar & Cleveland Police district. The district

FLIR Systems has launched the SR-304 thermal imaging camera for mid-range security and surveillance applications. The new FLIR Systems SR-304 is an addition to the SR-Series thermal imaging cameras. The SR-304 is an expansion of the existing product line into narrower field of view cameras with longer range performance - the SR-304 has a narrow 4 field of view. The SR-304 is using advanced the

SmartWater was first introduced into Nottingham homes in 2001 and since 2006 it has been a central part of the Nottingham CDP's neighbourhood anti-crime Week of Action programmes. The Nottingham Crime and Drugs Partnership (CDP) have treated their 50,000th home in Nottingham with SmartWater as part of an ongoing effort to drive down burglaries. The official milestone was reached at a house in H

A new authentication manager for Microsoft Windows will now enable any identification device to be used for login. Passlogix Inc.?s v-GO Universal Authentication Manager (v-GO UAM) is said to not only speed up user?s network access and operations, but also cut costs of the back-end authentication infrastructure by more than 85% per user. Corporate markets who used to pay $100 per user may pay as little as $15.

The v-GO UAM will accept all forms of identification including door access badges, government-issued citizen identity cards, standalone or built-in laptop biometrics, one time passwords via mobile phones, and question and answer sequences.

With the use of data storage and administration with Microsoft Active Directory, organizations can eliminate the usual separate authentication infrastructure.

Those who are already using security devices like door access badges for instance, will now be able to use that same device for Windows logon. With the instillation of v-GO UAM, they would tap their badge on a badge reader attached to their computer and enter a PIN code.

v-GO UAM is available both on a standalone basis at $15 per user and as part of Passlogix?s v-GO Access Accelerator Suite.

The FBI’s upgrading of its IAFIS program to a next-generation identification program is a huge undertaking. Lockheed Martin was awarded the 10-year contract to upgrade the program, which recently reached it’s first milestone. Mike Moore, director of the next generation ID program at Lockheed Martin, talks with Regarding ID Editor Zack Martin about the recent milestone and where the program is headed.

iTunes

Aggregator

m4a

mp3

Older podcasts.  

Can biometrics help launch mobile payment in U.S.?

For the first time, a mobile phone with a fingerprint biometric scanner is arriving on U.S. shores.

The LG eXpo is being offered in the U.S. by AT&T and in Canada by TELUS, says Art Stewart, vice president of mobile systems products at Authentec, a Melbourne, Fla.-based provider of fingerprint scanners.

While this may be revolutionary in the U.S., fingerprint scanners on mobile devices aren’t new in many countries. Authentec has provided more than 10 million scanners for 20 different mobile phones since 2003, says Stewart.

The LG eXpo features an Authentec fingerprint scanner that can be used for authentication, replacing PINS and passwords with a fingerprint swipe. The fingerprint recognition also complements the touch screen user interface providing precise cursor control for text editing and rapid browsing.

Initially the fingerprint scanner enables user authentication and can be used to protect specific files, explains Stewart, but other applications are in the works. Eventually users will swipe and have a login and password entered for access to specific Web sites, he adds.

This model of device security first and other applications second, has worked in the past. In Japan, for example, the fingerprint scanners were first used to secure mobile devices and later payment functionality was added.

Sony’s FeliCa contactless technology is widespread in Japan with millions of individuals using mobile devices and contactless cards to enter subways and make purchases, Stewart says. On mobile devices, individuals swipe a finger over the scanner to authorize the payment or fare collection application on the phone.

It seems that the launch of applications beyond device security is key.

There are 8 million phones in circulation that can use biometrics for payments, Stewart says, adding that outside of Japan mobile payment has yet to really take off. Using fingerprint scanners for security or convenience hasn’t been enough to drive wide-scale deployment.

But Stewart is optimistic. He cites that mobile payment is growing in the U.S. and so is the need for easier navigation of screens on mobile devices. The need for fingerprint scanners, too, he predicts will continue to grow.

U.S. senators are planning to meet with President Obama this week to propose a new type of ID card that would use biometrics to confirm eligibility to work in the U.S., according to a report in the Wall Street Journal.

Sens. Chuck Schumer (D-N.Y.) and Lindsey Graham (R- S.C.) are pushing the card that would use biometrics to confirm worker eligibility. Schumer has suggested adding biometrics to the E-Verify system last summer. Now he is suggesting using either fingerprint or palm vein biometrics with the system.

Privacy advocated will most likely object to the program. “We’re not only talking about fingerprinting every American, treating ordinary Americans like criminals in order to work. We’re also talking about a card that would quickly spread from work to voting to travel to pretty much every aspect of American life that requires identification,” said Chris Calabrese, legislative counsel for the American Civil Liberties Union.

Read the Wall Street Journal article here.

A U.S. ID card was also discussed in the winter cover story of Regarding ID, which can be found here.

Countries are deploying advanced ID technologies so citizens can access services

By Zack Martin, Editor, AVISIAN Publications

National identity cards are a fact of life for citizens of some countries but elsewhere the credentials are the focus of ire.

Citizens of countries that don’t have national IDs fear it will lead to a police state and a loss of personal freedoms. But the countries that have had them in place don’t necessarily have those problems. More and more countries are deploying national IDs and are using smart cards and other advanced technologies. In some instances the cards are also being used to drive multiple applications.

The idea of a national ID card in the U.S. has always been a non-starter. Even though many admit the Social security number and driver licenses are de facto national IDs, when there are discussions of making changes to those documents the potential evils of national ID programs rise to the surface. Some experts say this may be changing, however, as efforts are underway to better identify U.S. citizens online and within health care environments.

“National IDs are very common around Europe and the Middle East,” says Neville Pattinson, vice president of government affairs and business development at Gemalto North America. “They exist to create efficiencies in how governments deal with their citizens and for access to entitlements and health care.”

Depending on the country the reason for the ID program may be different, says Randy Vanderhoof, executive director of the Smart Card Alliance. Many countries issue the credentials to help save money and make sure only those eligible for services, such as health care, receive them. “It’s more economic because the countries are trying to control their costs for social programs, like education,” he says. “There’s a need to eliminate fraud.”

Brazil is a country that has deployed a national ID program in order to become more efficient, Vanderhoof says. Citizens use the digital certificates on the card to file taxes, apply for federal programs and access services. Because it’s such a large country with people living in large cities and rural areas, using paper for access to services can be time consuming and inefficient, Vanderhoof adds.

In Europe the national ID cards being issued by many countries can also be used for travel within the European Union, says Manfred Muller, executive vice president strategic sales and business development, at SCM Microsystems.

Germany will issue a contactless national ID that will use the electronic passport technical specification, Muller says. Citizens will be able to use the credential with a reader to access government sites online and other non-governmental potential applications as well.

“A range of pilots are being supported by the German government,” Muller says. “The kinds of applications people are pushing for involve e-commerce.” German citizens want to be able to use the credential to log in to sites like Amazon and eBay and would include a form fill application.

But more importantly citizens would be using the site to access and file government forms, Muller says. Citizens would use a PIN and the credential to file taxes and file other government information. Germany is expecting to start issuing the new IDs at the end of 2010.

Employers would also be using the cards to check employment eligibility, Muller says. This is a popular application for national ID cards. Poland is planning on deploying a smart card for its Social Security card that employers will use to check employment eligibility. “Each employer needs to have a reader to check the cards,” he says.

While Germany is going with a contactless interface, most other countries are using a contact card for their national ID. In Spain SCM is working with Telefonica to get 600,000 readers into the hands of citizens. Individuals can go to electronic stores and purchase a reader, hook it up to a computer and access the sites and benefits of the card.

SCM is also supplying the reader for Belgium’s electronic ID program. The e-ID cards, valid for five years, contain an embedded microchip storing the holder’s personal data, including date of birth, family tree, civil status, current and past addresses and military situation. Zetes is the systems integrator on the project and Gemalto supplied the Java-based operating system, ID and digital signature applications.

The chip also contains a digital certificate that enables remote access authentication. Users can access e-government applications and attach an electronic signature to certify the authenticity of data transmitted when needed. In addition, private companies, such as those offering financial services, expect to develop programs that will leverage the ID card.

Belgium has also created a special card for children. The size of a credit card, the new kids-ID mainly serves as an electronic national ID document for Belgian children, containing all necessary ID information as well as a photo of the child, both visible on the card and stored on the microprocessor. It can also be used for emergency notifications and online identification.

Simplifying services

The idea of using one card for access to multiple types of systems can create better access to government services, says Gemalto’s Pattinson. “These countries in Europe and the Middle East need to know who they’re dealing with and by giving citizens an identity document it brings them a lot of benefits and services and provides efficiencies to the government,” he says. “And once you have an ID in the hands of citizens that’s founded on a government identity scheme others can take advantage of that.”

Pattinson points to Finland, where the national ID program with PKI enables citizens to use the certificates on the credential to access their bank accounts.

A strong credential like this is needed in the U.S., Pattinson says. “We have poor identity documents,” he says. “The lengths and depths to which people have to go to prove who they are is broken.”

First, however, there is a need to define the four levels of assurance and the type of credential that’s necessary for each level, Pattinson says. “This is going to require a lot beyond user name and password. You need hardware-based authentication, biometrics and smart cards for people to prove who they are. If we don’t include a higher standard of authentication for our citizens and people accessing financial services we’ll keep hearing about disasters.”

Federal projects around preventing identity theft, securing the Internet and health care may all lead to separate credentialing programs, Pattinson says.

With the Obama administration pushing health care providers to deploy electronic health records there is a need for identification on that front. “A missing element of health care is how do we authenticate an individual and make sure he is connected to the correct record,” Pattinson says.

There are also discussions about upgrading the Social Security card as well, Pattinson says. Sen. Chuck Schumer (D-N.Y.) had held hearings that would link an individual’s employment eligibility to a biometric. There is a possibility that a smart card could be involved in that project (See Fall 2009 Re:ID).

To begin with, there may be multiple, siloed programs, Pattinson admits, noting health care, employment verification and Internet security. “The public sentiment may be to keep the identities confined rather than go with an umbrella over them,” he adds.

The political issues surrounding a national ID card in the U.S. will most likely keep it at bay for awhile longer, says the Smart Card Alliance’s Vanderhoof. “The political third rail that is a national ID card is pretty strong and there’s a long way to go before there will be enough trust to manage and protect a citizen’s personal information,” he says.

But if people are given an option and the private sector steps in it also might make a difference. “If implemented correctly the government could provide guidance for what the standards of identity are and the citizens would decide whether or not they have a benefit in having that form of identification. Then it would be a market-driven decision to develop multiple forms of citizen IDs rather than have something that is issued and managed by the federal government,” Vanderhoof says.

---

Belgium rolls out IDs specifically for kids

Belgium’s kids-ID can be used as an official travel document in most European countries as well as for traveling to some countries outside Europe, replacing the current Belgian ID certificate. The child must be traveling with a parent in possession of a valid ID card.

The cards also serve to protect the child if he runs into danger. Printed on the card body is a special hotline number used to notify the next of kin or a friend if the child is lost or is the victim of an accident.

When the card is issued, the parent or guardian goes on the Web or dials the hotline number and supplies a list of up to seven contact telephone numbers of adults who will take responsibility for the child.

These could include parents’ cell phone, office and home numbers. The emergency notification system hotline number is called, the caller is required to enter the child’s 11-digit National Registry number. They are then put through to the first person on the list–normally the child’s parent or guardian. If this person is not available, the caller is immediately connected to the second number on the list, and so on until somebody is located. If, in the unlikely event nobody on the list is available, the call is then immediately transferred to the 24-hour Belgian Child Focus hotline.

Thanks to an integrated PIN, the kids-ID card can also be used on the Internet for safer access to online chat rooms and to use online services that require ID. This authentication certificate can be issued at the age of six. The cards are available to all Belgian children aged 12 and under and open up a whole range of future possibilities. Other potential uses could include accessing library books, sport club memberships or health care benefits.

---

Future of UK ID scheme questionable

The UK hadn’t had a national ID program in more than 50 years, but after a series of terrorist attacks at the start of the decade the country decided it was time to introduce the ID once again.

The UK Home Office stated that the cards would help protect people from identity fraud and theft, tackle illegal working and immigration abuse, disrupt the use of false and multiple identities by criminals and those involved in terrorist activity, ensure free public services are only used by those entitled to them and enable easier access to public services.

The program was originally planned to be mandatory for all citizens and foreign nationals but opposition lead to change. Now it looks like the program will only be mandated for foreign nationals and voluntary for everyone else.

In early October, British Prime Minister Gordon Brown seemed to clear up some confusion saying the compulsory ID cards wouldn’t be rolled out before 2015. There was speculation that if Brown’s Labour Party was voted out of office the program would most likely be scrapped by the Conservatives.

The program originally was supposed to collect fingerprint, face and iris biometrics from individuals, says John Elliott, head public sector practice and principal consultant at UK-based Consult Hyperion. But because of the economic downturn, the use of iris was eliminated to save money. “But now we are confused because their original reasoning for needing iris in the database was that you can’t do this with fingerprint alone because you might not be able to distinguish between 60 million people,” he says.

As a minimum, the card will store the ICAO application that’s used in electronic passports so it could be used for travel around Europe, It may store other applications, as well, but this has still not been decided, despite the several years the program has been in development.

Elliott says the program will most likely advance but slowly. Political parties out of power are against it and those in power are for it. The parties changed opinions several times over the past years but despite political opposition to the program public polls show support for it. “The government has done a poor job of selling it,” he says, “but polls show there isn’t a big public resistance.”

Crown House Day Nursery, a day care facility in the UK village of Evesham, has become the first in the area to install a biometric security system, according to an Evesham Journal article.

The system used at Crown House requires a swipe of an enrolled fingerprint to access the facility. Louise Lees, the owner of the Nursery, has reported that the system has been receiving overwhelmingly positive parental feedback. The system was provided by biometric technology providers Easy Dentic.

Read the full story here.  

Following a study, a group of British scientists have announced they believe nose recognition may be a means of biometric identification more effective than other existing modes, according to a Sky News article.

The leaders of the study, Adrian Evans and Adrian Moorhouse, used a unique photographic system called PhotoFace that takes multiple pictures of a face utilizing different flash locations and the resulting shadow to create a three dimensional model.

The authentication of an individual by their nose was broken down into six types of noses, Roman, Greek, Nubian, Hawk, Snub and Turn-up, and utilized three different parts of the nose, the ridge profile, the tip and the nasion. Through this technique, the researchers reported higher accuracy numbers than other biometric systems as well as maintaining that the nose is more easily scanned and harder to be obscured.

Despite the promising results, Evans has admitted that they are still relatively early in the technologies development. Future plans for more testing including larger sample groups, how ageing affects accuracy, if the technology can distinguish between relatives and looking into other potential applications for the technology.

Read the full story here.

After first promising its citizens biometric passports in 2008, the Canadian government has promised to move the program back into items they intend to deliver to its citizens. The announcement came during a throne speech on March 3 that discussed multiple items that had been promised to be included in the federal 2008 budget, but were cut for various reasons.

Originally, the biometric passport was tabled due to worries over implementation costs and logistics as well as questions surrounding its proposed ten year validation span. While those behind the push for bringing the project back are interested in what the technology can do to improve national security, some politicians are still questioning if biometrics are accurate enough and if privacy concerns are being considered enough in the implementation of the project.

Read the full story here.  

AllTrust Networks has announced that it has enrolled 6 million customers in its biometric check cashing system Paycheck Secure.

AllTrust officials report the news as proof to them both for the need of alternatives for those with no banks or under performing banks as well as further pushing their ability to ensure fraud protection for their customers.

The Paycheck Secure system works by enabling a customer who has enrolled their fingerprint into the system to cash their checks at places that have implemented the system, such as grocery stores, with a simple swipe of their finger. In addition to reaching the 6 million mark in enrollment, AllTrust has also reported more than 70 million transactions at over $30 billion.

L-1 Identity Solutions, a developer of biometric and other identity verification technologies, has secured Goldman Sachs & Co and Stone Key Partners as financial advisors.

L-1 is hoping to determine a solution with the help of their advisors that will deliver more shareholder value to their shareholders. While officials from L-1 have said that the results of the financial advisor assistance may not result in a sale of either the company or one of its divisions, they have not ruled it out either.

L-1 has stated that it will not disclose any other information on the process until their Board of Directors approves a specific plan of action.  

A new authentication manager for Microsoft Windows will now enable any identification device to be used for login. Passlogix Inc.?s v-GO Universal Authentication Manager (v-GO UAM) is said to not only speed up user?s network access and operations, but also cut costs of the back-end authentication infrastructure by more than 85% per user. Corporate markets who used to pay $100 per user may pay as little as $15.

The v-GO UAM will accept all forms of identification including door access badges, government-issued citizen identity cards, standalone or built-in laptop biometrics, one time passwords via mobile phones, and question and answer sequences.

With the use of data storage and administration with Microsoft Active Directory, organizations can eliminate the usual separate authentication infrastructure.

Those who are already using security devices like door access badges for instance, will now be able to use that same device for Windows logon. With the instillation of v-GO UAM, they would tap their badge on a badge reader attached to their computer and enter a PIN code.

v-GO UAM is available both on a standalone basis at $15 per user and as part of Passlogix?s v-GO Access Accelerator Suite.

ActivIdentity Corp., a provider of in strong authentication and credential management, announced that it has launched a PIV-Interoperable initiative to enable non-federal organizations to issue employee identity cards that are technically interoperable with U.S. government PIV systems, and issued in a manner that allows government and relying parties to trust the cards.

To address the newly defined PIV-I card standards, ActivIdentity has modified its ActivID Card Management System that is being used in conjunction with its ActivClient security software. Customers looking to deploy the ActivIdentity PIV-I credential management solution can also leverage the ActivIdentity PIV+ applet that enables PKI-based access control as well as one-time-password-based authentication on a single PIV-interoperable identity card. The ActivIdentity PIV+ applet together with the ActivID Card Management System and ActivClient are part of the government-approved product list.

As the PIV initiative progresses, PIV-I has become a requirement for commercial enterprises that interact with government agencies on a daily basis. Non-federal issuers of credentials need to produce employee IDs that can technically interoperate with government PIV systems and can be trusted by relying parties via cross-certification. However, the PIV card standard is limited in scope to the federal government and has several requirements that can be addressed only by that community.

In response to these interoperability requirements, the Federal CIO Council defined the standards for PIV-I cards for non-federal issuers. Several federally sponsored PIV-I programs already exist, including the First Responder Authentication Credential (FRAC), the Transportation Worker Identity Credential (TWIC), and the Airport Credential Interoperability Solution (ACIS). Many other programs are in development with the same desired goal of technical interoperability and trustworthiness in the Federal government PIV environment.

New Delhi is planning to launch smart ID cards next year to help the poor and illiterate receive benefits from government welfare programs, according to The Press Trust of India.

The project was conceived after the IT department of the city Government of New Delhi found that substantial welfare benefits were not reaching their intended beneficiaries.

The cards will feature a Unique Identification Number that city officials hope will make the welfare system “more effective and foolproof,” reports PTI.

City Government plans to initially launch 5 million cards containing the Unique ID Numbers.

Read more here.

U.S. senators are planning to meet with President Obama this week to propose a new type of ID card that would use biometrics to confirm eligibility to work in the U.S., according to a report in the Wall Street Journal.

Sens. Chuck Schumer (D-N.Y.) and Lindsey Graham (R- S.C.) are pushing the card that would use biometrics to confirm worker eligibility. Schumer has suggested adding biometrics to the E-Verify system last summer. Now he is suggesting using either fingerprint or palm vein biometrics with the system.

Privacy advocated will most likely object to the program. “We’re not only talking about fingerprinting every American, treating ordinary Americans like criminals in order to work. We’re also talking about a card that would quickly spread from work to voting to travel to pretty much every aspect of American life that requires identification,” said Chris Calabrese, legislative counsel for the American Civil Liberties Union.

Read the Wall Street Journal article here.

A U.S. ID card was also discussed in the winter cover story of Regarding ID, which can be found here.

Countries are deploying advanced ID technologies so citizens can access services

By Zack Martin, Editor, AVISIAN Publications

National identity cards are a fact of life for citizens of some countries but elsewhere the credentials are the focus of ire.

Citizens of countries that don’t have national IDs fear it will lead to a police state and a loss of personal freedoms. But the countries that have had them in place don’t necessarily have those problems. More and more countries are deploying national IDs and are using smart cards and other advanced technologies. In some instances the cards are also being used to drive multiple applications.

The idea of a national ID card in the U.S. has always been a non-starter. Even though many admit the Social security number and driver licenses are de facto national IDs, when there are discussions of making changes to those documents the potential evils of national ID programs rise to the surface. Some experts say this may be changing, however, as efforts are underway to better identify U.S. citizens online and within health care environments.

“National IDs are very common around Europe and the Middle East,” says Neville Pattinson, vice president of government affairs and business development at Gemalto North America. “They exist to create efficiencies in how governments deal with their citizens and for access to entitlements and health care.”

Depending on the country the reason for the ID program may be different, says Randy Vanderhoof, executive director of the Smart Card Alliance. Many countries issue the credentials to help save money and make sure only those eligible for services, such as health care, receive them. “It’s more economic because the countries are trying to control their costs for social programs, like education,” he says. “There’s a need to eliminate fraud.”

Brazil is a country that has deployed a national ID program in order to become more efficient, Vanderhoof says. Citizens use the digital certificates on the card to file taxes, apply for federal programs and access services. Because it’s such a large country with people living in large cities and rural areas, using paper for access to services can be time consuming and inefficient, Vanderhoof adds.

In Europe the national ID cards being issued by many countries can also be used for travel within the European Union, says Manfred Muller, executive vice president strategic sales and business development, at SCM Microsystems.

Germany will issue a contactless national ID that will use the electronic passport technical specification, Muller says. Citizens will be able to use the credential with a reader to access government sites online and other non-governmental potential applications as well.

“A range of pilots are being supported by the German government,” Muller says. “The kinds of applications people are pushing for involve e-commerce.” German citizens want to be able to use the credential to log in to sites like Amazon and eBay and would include a form fill application.

But more importantly citizens would be using the site to access and file government forms, Muller says. Citizens would use a PIN and the credential to file taxes and file other government information. Germany is expecting to start issuing the new IDs at the end of 2010.

Employers would also be using the cards to check employment eligibility, Muller says. This is a popular application for national ID cards. Poland is planning on deploying a smart card for its Social Security card that employers will use to check employment eligibility. “Each employer needs to have a reader to check the cards,” he says.

While Germany is going with a contactless interface, most other countries are using a contact card for their national ID. In Spain SCM is working with Telefonica to get 600,000 readers into the hands of citizens. Individuals can go to electronic stores and purchase a reader, hook it up to a computer and access the sites and benefits of the card.

SCM is also supplying the reader for Belgium’s electronic ID program. The e-ID cards, valid for five years, contain an embedded microchip storing the holder’s personal data, including date of birth, family tree, civil status, current and past addresses and military situation. Zetes is the systems integrator on the project and Gemalto supplied the Java-based operating system, ID and digital signature applications.

The chip also contains a digital certificate that enables remote access authentication. Users can access e-government applications and attach an electronic signature to certify the authenticity of data transmitted when needed. In addition, private companies, such as those offering financial services, expect to develop programs that will leverage the ID card.

Belgium has also created a special card for children. The size of a credit card, the new kids-ID mainly serves as an electronic national ID document for Belgian children, containing all necessary ID information as well as a photo of the child, both visible on the card and stored on the microprocessor. It can also be used for emergency notifications and online identification.

Simplifying services

The idea of using one card for access to multiple types of systems can create better access to government services, says Gemalto’s Pattinson. “These countries in Europe and the Middle East need to know who they’re dealing with and by giving citizens an identity document it brings them a lot of benefits and services and provides efficiencies to the government,” he says. “And once you have an ID in the hands of citizens that’s founded on a government identity scheme others can take advantage of that.”

Pattinson points to Finland, where the national ID program with PKI enables citizens to use the certificates on the credential to access their bank accounts.

A strong credential like this is needed in the U.S., Pattinson says. “We have poor identity documents,” he says. “The lengths and depths to which people have to go to prove who they are is broken.”

First, however, there is a need to define the four levels of assurance and the type of credential that’s necessary for each level, Pattinson says. “This is going to require a lot beyond user name and password. You need hardware-based authentication, biometrics and smart cards for people to prove who they are. If we don’t include a higher standard of authentication for our citizens and people accessing financial services we’ll keep hearing about disasters.”

Federal projects around preventing identity theft, securing the Internet and health care may all lead to separate credentialing programs, Pattinson says.

With the Obama administration pushing health care providers to deploy electronic health records there is a need for identification on that front. “A missing element of health care is how do we authenticate an individual and make sure he is connected to the correct record,” Pattinson says.

There are also discussions about upgrading the Social Security card as well, Pattinson says. Sen. Chuck Schumer (D-N.Y.) had held hearings that would link an individual’s employment eligibility to a biometric. There is a possibility that a smart card could be involved in that project (See Fall 2009 Re:ID).

To begin with, there may be multiple, siloed programs, Pattinson admits, noting health care, employment verification and Internet security. “The public sentiment may be to keep the identities confined rather than go with an umbrella over them,” he adds.

The political issues surrounding a national ID card in the U.S. will most likely keep it at bay for awhile longer, says the Smart Card Alliance’s Vanderhoof. “The political third rail that is a national ID card is pretty strong and there’s a long way to go before there will be enough trust to manage and protect a citizen’s personal information,” he says.

But if people are given an option and the private sector steps in it also might make a difference. “If implemented correctly the government could provide guidance for what the standards of identity are and the citizens would decide whether or not they have a benefit in having that form of identification. Then it would be a market-driven decision to develop multiple forms of citizen IDs rather than have something that is issued and managed by the federal government,” Vanderhoof says.

---

Belgium rolls out IDs specifically for kids

Belgium’s kids-ID can be used as an official travel document in most European countries as well as for traveling to some countries outside Europe, replacing the current Belgian ID certificate. The child must be traveling with a parent in possession of a valid ID card.

The cards also serve to protect the child if he runs into danger. Printed on the card body is a special hotline number used to notify the next of kin or a friend if the child is lost or is the victim of an accident.

When the card is issued, the parent or guardian goes on the Web or dials the hotline number and supplies a list of up to seven contact telephone numbers of adults who will take responsibility for the child.

These could include parents’ cell phone, office and home numbers. The emergency notification system hotline number is called, the caller is required to enter the child’s 11-digit National Registry number. They are then put through to the first person on the list–normally the child’s parent or guardian. If this person is not available, the caller is immediately connected to the second number on the list, and so on until somebody is located. If, in the unlikely event nobody on the list is available, the call is then immediately transferred to the 24-hour Belgian Child Focus hotline.

Thanks to an integrated PIN, the kids-ID card can also be used on the Internet for safer access to online chat rooms and to use online services that require ID. This authentication certificate can be issued at the age of six. The cards are available to all Belgian children aged 12 and under and open up a whole range of future possibilities. Other potential uses could include accessing library books, sport club memberships or health care benefits.

---

Future of UK ID scheme questionable

The UK hadn’t had a national ID program in more than 50 years, but after a series of terrorist attacks at the start of the decade the country decided it was time to introduce the ID once again.

The UK Home Office stated that the cards would help protect people from identity fraud and theft, tackle illegal working and immigration abuse, disrupt the use of false and multiple identities by criminals and those involved in terrorist activity, ensure free public services are only used by those entitled to them and enable easier access to public services.

The program was originally planned to be mandatory for all citizens and foreign nationals but opposition lead to change. Now it looks like the program will only be mandated for foreign nationals and voluntary for everyone else.

In early October, British Prime Minister Gordon Brown seemed to clear up some confusion saying the compulsory ID cards wouldn’t be rolled out before 2015. There was speculation that if Brown’s Labour Party was voted out of office the program would most likely be scrapped by the Conservatives.

The program originally was supposed to collect fingerprint, face and iris biometrics from individuals, says John Elliott, head public sector practice and principal consultant at UK-based Consult Hyperion. But because of the economic downturn, the use of iris was eliminated to save money. “But now we are confused because their original reasoning for needing iris in the database was that you can’t do this with fingerprint alone because you might not be able to distinguish between 60 million people,” he says.

As a minimum, the card will store the ICAO application that’s used in electronic passports so it could be used for travel around Europe, It may store other applications, as well, but this has still not been decided, despite the several years the program has been in development.

Elliott says the program will most likely advance but slowly. Political parties out of power are against it and those in power are for it. The parties changed opinions several times over the past years but despite political opposition to the program public polls show support for it. “The government has done a poor job of selling it,” he says, “but polls show there isn’t a big public resistance.”

South Africa is putting on hold indefinitely its smart card ID project, according to itweb.co.za.

Home Affairs minister Nkosazana Dlamini-Zuma stated that her department has run out of money after reallocating R114 million meant for the project to ?other things,” ITWeb reports.

According to Dlamini-Zuma, the project will be stalled at least until the next financial year, at which time the Department of Home Affairs (DHA) will put a bid for more funding.

The smart cards were originally intended to replace the old national ID cards and provide new services such as the payment of pensions and social grants.

Despite the setback, Dlamini-Zuma says that the DHA is “still pursuing the project.”

Read more here.

After first promising its citizens biometric passports in 2008, the Canadian government has promised to move the program back into items they intend to deliver to its citizens. The announcement came during a throne speech on March 3 that discussed multiple items that had been promised to be included in the federal 2008 budget, but were cut for various reasons.

Originally, the biometric passport was tabled due to worries over implementation costs and logistics as well as questions surrounding its proposed ten year validation span. While those behind the push for bringing the project back are interested in what the technology can do to improve national security, some politicians are still questioning if biometrics are accurate enough and if privacy concerns are being considered enough in the implementation of the project.

Read the full story here.  

L-1 Identity Solutions, a developer of biometric and other identity verification technologies, has secured Goldman Sachs & Co and Stone Key Partners as financial advisors.

L-1 is hoping to determine a solution with the help of their advisors that will deliver more shareholder value to their shareholders. While officials from L-1 have said that the results of the financial advisor assistance may not result in a sale of either the company or one of its divisions, they have not ruled it out either.

L-1 has stated that it will not disclose any other information on the process until their Board of Directors approves a specific plan of action.  

The Theatre Royal Stratford East has awarded SALTO Systems a contract to provide a fully integrated XS4 solution which includes access control and stand alone locks using cotactless Mifare cards.

The installation will be carried out by Delta Security, a local business partner of SALTO Systems. The XS4 system’s off-line doors will be validated by regular use of the hot-spot, on-line access control readers.

Since opening its doors in 1884, the Theatre Royal has undergone numerous renovations to accommodate seating for up to 460 guests, on three levels. Its latest upgrade plan is to improve security in key areas of the building, and is scalable to cover the theatres future development needs.

Route 1?s MobiKEY Fusion identity validation device is now available to the general public, offering identity based security access through smart card technology. Basing their device off of the ID-1 standard, or international standard which is often used for government-issued cards, the MobiKEY multi-factor authentication system combines computer and network access with physical access.

MobiKEY Fusion functions to simplify the access component, while the operator, MobiNET manages the identities of users and entitlement to digital resources. This extra layer means users may only access systems with a combination of their MobiKEY Fusion device, identity or access card and secret password.

In the past MobiKEY has been utilized by government military operations ensuring that field personnel and war?ghters have secure access to C4ISR systems and the information they need at the time they need it. Now, however the device is available commercially.

Route1 will demonstrate the MobiKEY Fusion at the RSA Security Expo in San Francisco, from March 2-4, 2010.

GAO says plan lacks definition in some places, doesn't cover full scope of needs

A look at how the TSA determines who should be permitted to fly

Man claims he and two others smuggled water bottles onto UK, U.S. bound flights

41-year-old faces years in prison after admitting to six terrorism charges

Survey of government security managers shows finding personnel with right skill set is difficult

TSA expected to deploy new explosive trace detection machine at nation's airports

President expected to appoint Gen. Robert Harding to lead agency

Spires discusses challenges involved with consolidating the DHS' IT operations

Agency says it plans to buy 100 of the devices by next year

State-of-the-art surveillance towers to be operational by 2011