Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Identity & Access

ImageWare Launches Multi-modal Biometric Authentication for Enterprises

Today’s security consensus is that password-based authentication and access is insecure, and that some form of two- or multi-factor authentication is necessary. The simplest and easiest second factor is an SMS-based soft token, and that is the route already adopted by many organizations.

Today’s security consensus is that password-based authentication and access is insecure, and that some form of two- or multi-factor authentication is necessary. The simplest and easiest second factor is an SMS-based soft token, and that is the route already adopted by many organizations. However, NIST’s recently published concern over some implementations of SMS-based 2FA has provided new impetus for biometric authentication.

ImageWare has today launched what it describes as the “first ever multimodal biometric authentication solution for the Microsoft ecosystem.” Called GoVerifyID Enterprise Suite (no connection to the UK’s Gov.uk Verify system), the system combines ImageWare’s Biometric Engine and its GoMobile Interactive products to provide true multi-factor biometric authentication.

“As the digital workforce expands, with data extended to external stakeholders and across numerous types of devices and systems, the need for high-assurance, enterprise-wide protection has intensified,” said Jim Miller, chairman & CEO of ImageWare. “The traditional security perimeters have changed and executives are being held accountable for safeguarding data against potentially devastating breaches that can tarnish a brand’s reputation. Armed with GoVerifyID Enterprise Suite, corporations have access to a scalable and affordable solution that works with their existing Microsoft infrastructure and gives them the ultimate peace of mind.”

One of GoVerify’s strongest points is the ease and speed with which it can be integrated into any Microsoft installation. It integrates with Active Directory and is essentially a snap-in to the Microsoft Management Console. It is a SaaS cloud service with the biometrics database held in the cloud, and GoMobile operating as the agent on mobile devices. As a result, costs are kept down (including Opex rather than Capex) while scalability is limitless.

The database stores only anonymized biometric information. If there were ever a compromise, the biometric data would be unusable because it is unattributable. Because it is multi-modal, customers can choose the correct level of secure authentication for different user situations: for example, voice or voice/face or voice/face/fingerprint, etcetera. And because it is cloud/device based, authentication can be achieved even when disconnected from the corporate network.

Out-of-band authentication is achieved with GoMobile on Apple or Android smart devices, while in-band authentication is achieved using any Windows Biometric Framework-compatible device. Since it uses biometrics, it promises to solve the primary weakness inherent in token-based authentication: it authenticates the person and not just the device. Having said that, biometric authentication is not without its critics. Some critics claim that there are few if any biometrics that cannot be spoofed, and that a person’s biometric definitions do not remain constant over time. Fingerprints are a good example.

However, since GoVerify offers multi-modal biometrics, it would be extremely difficult to adequately spoof multiple modes simultaneously. Other biometric options include eye and DNA; but the system can also be used in conjunction with other authentication controls, such as tokens, digital certificates, passwords, and PINS.

ImageWare is no newcomer to the biometrics field. It has extensive existing arrangements with leading biometrics companies and can incorporate existing and new biometric algorithms into its database. The intent is to be complete, yet extensible and agile.

Advertisement. Scroll to continue reading.
Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

Cybersecurity and data protection company Acronis has appointed Gerald Beuchelt as CISO.

Adam Zoller has joined CrowdStrike as Chief Information Security Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.