Upload
david-mcdaniel
View
216
Download
0
Tags:
Embed Size (px)
Citation preview
Zim-ex.
Bringing Trust and Mobility to the Digital Age
zim-ex.Zim-ex Overview
Zim-ex offers authentication solutions based onBiometrics, smart card, and PKI technologies.
• We focus on 3 main markets:• ID Card Projects• Access Control (airport, building…)• IT Security
• Which involve mainly: Government, Military,Large Corporations, Banking and Healthcare
Zim-ex offers innovative, easy-to-deploy and user-friendly solutions
Zim-ex.Zim-ex Overview
• Private Company founded in 1995
•Deployed ID system and PKI for:• Government
• Transportation• Police Department• Military• Public Security Ministry• Foreign Affairs Department• Airport
• Bank and Corporation• Hospital• Factory
• Leader in Authentication Solution
Zim-ex.What brings the need for Authentication ?
• Terrorism
• Internal fraud (employees)
• False/Fake ID card
• Identity theft
• Credit card fraud
• Lack of security on the Internet (B2B & B2C transactions)
• New security laws and standards
• Unauthorized access to sensitive corporate information
Biometrics revenues are expected to reach $2.6 billion by 2006.
Frost & Sullivan
Zim-ex.What is PKI ?
PKI stands for : Public Key Infrastructure
PKI offers security services such as :
• Confidentiality
• Protects sensitive information.
• Integrity
• Guarantees that information remains accurate, not tampered with or altered.
• Non-repudiation
• User cannot refute the transaction (need Biometrics)
•Authentication
• Verifies the identity of communicating parties and binds identity to transaction.
• Access Control
• Determines who may have access to which resources.
Zim-ex.What is PKI ?
A PKI will issue certificate to each person
A certificate it’s:
• Asymmetrical Key-pair (Private Key + Public Key) for encryption
• Key-pair for signature
• User’s information (name…)
• Authority who issue the certificate
• Expiration date
• Etc.
The Key length can varies from 64 to 2048 bits (RSA, DSA…)
Each Private Key is unique to each person and must be protected.
Normally, it’s stored on a disk drive and protected by a password,
this is not secure enough, so it’s better to stored it on a smart card
and control the access by the fingerprint.
Zim-ex.Who are the PKI vendors?
The main PKI vendors are :
• Entrust
• Verisign
• They offer cryptography and electronic signature services.
• Zim-ex integrated and support all of theses vendors
• Zim-ex knows how to deploy a PKI, and has a proven track record:
• Central Bank of Canada
• Department of Foreign Affairs and International Trade
• Department of National Defense
• Several Canadian Banks
• Baltimore
• RSA
Zim-ex.Biometrics
Others type of biometrics
• Eye Scan (Iris & Retina)
• Intrusive (People don’t like to put their eye in a hole)
• Expensive to deploy
• Voice recognition
• Easy to record and play back
• Inconsistency of one’s voice
• Facial scan
• Not for mobile application
• Hand Geometry
• Big and cumbersome
• Expensive to deploy
• Signature verification
• Not a mature method
Zim-ex.Biometrics
The best biometrics technology
Fingerprint• Universally Recognized Method
• Used since decade (central database already exist)
• Perfect for Mobile application
• Not intrusive to users
• Inexpensive to deploy
• Not cumbersome (small reader)
• Fast reading (less than 1 second)
• Highly secure (High FAR and low FRR)
• Very precise imaging (500 DPI)
• Very liable (no mechanical system)
Zim-ex.Available Fingerprint Sensors
2-D reading
• Optical Sensor
• Easily Spoofed by an image or a photo of a finger
• If press too hard, reading is difficult
3-D reading
• Capacitance Sensors
•Very Good Quality & Reading-Area Size
• Electric Field Sensors
• Low DPI (250)
• Thermal Sensors (strip)
• Thomson-CSF (Swiping Problems)
Zim-ex product used Capacitance Sensors
Zim-ex.SmartPrint Sensor
• Active Sensor Size : 18.0 x 12.8mm
• Array Size : 256 x 360 pixels
• Ultra-Hard Protective Coating
• Image Resolution : 508 DPI
• ESD Protection : 8 KV
Zim-ex.Fingerprint
• Minutiae are unique characteristics of individual fingerprints using around 250 bytes of memory space.
• 8 minutia points make a legal identification according to the FBI and NSA.
• FAR : False Acceptance Rate (1/100,000)
• FRR : False Rejection Rate (1/15)
Bifurcation End line
Zim-ex.
ID Card Applications
Zim-ex.SmartPrint Applications
ID CARD
• Passport
• VISA
• National ID and driver’s License
• Election Card
• Healthcare Card
• Social Security Card
• Mass Transportation
Zim-ex.SmartPrint Applications
ACCESS CONTROL• Airport Tarmac Access Control
• Nuclear & other Power Plants
• Navy Ship, Army and Air force
• Factory and Warehouse
• Time & Attendance
• Car Parking
• Secure Room
• Vault
• Server Room
EDUCATION & UNIVERSITY• Library (rent book)
• Examination (check ID)
• Cafeteria (pay with card)
• Dormitory (Access Control)
• ID
• On-line identification
Zim-ex.IT Security Applications
• e-Banking
• e-Trading
• Secure logon
• Secure e-mail
• Secure web access VPN and Extranet
• e-commerce (B2B & B2C)
Zim-ex.
Enroller
• Used by central authorities to issue citizen ID card•Connects to a PC by serial port• Electronic ID (PKI digital certificate) is stored on the smart card• Combined contactless (or contact) smart card and fingerprint reader
Mobile
• Used by security officers to verify citizen’ identity• Hand-held unit, battery operated• Display citizens’ information on the LCD display• Combined contactless (or contact) smart card and fingerprint reader
For National ID and Access Control Application
Zim-ex.SmartPrint Processor
• The StrongARM is a 32 bit RISC processor running at 206MHz.
• The Intel© StrongARM Microprocessor is optimized for requirements of portable and embedded application.
• Processing of the fingerprint minutiae extraction and matching is done locally by the embedded system
• Power management
Zim-ex.MIFARE Smart Card
MIFARE • ISO-14443 Type A• 13.56 MHz Operating frequency•1 Kbytes EEPROM• 100 000 read/write cycles• 10 Years Data Retention• Encrypted RF
Memory Map• Enrollment Officer Info. = 212 Bytes• Citizen Fingerprint = 250 Bytes• Citizen Information = 338 Bytes• MIFARE Proprietary Data = 224 Bytes
• Total 1024 Bytes
Zim-ex.Software Suite
Generation of Authority Signature Key
Security Officer enrollment Citizen enrollment Citizen verification Date & Time management
PC Based software (English, French, Chinese or any language)
Zim-ex.
PC and Embedded SDK (Software Development Kit)
SDK
Allows our partners to develop their own application
PC SDK Supporting Visual C and Delphi Offers a complete suite of functions:
Key generation and backup User and security officer enrollment User verification Date and Time management Read and write on a specific smart card location PIN management (to access smart card)
Embedded SDK (for Mobile firmware development) Supporting C language (compiled with StrongARM environment) Offers the following functions
LCD and keypad management Date and Time management Read and write on a specific smart card location
Zim-ex.
SmartPrint Access Control
• Used to control access of a door• Connects to access control management system• Wall-mount chassis• Weigand, RS-485 or RS-232 interface• Control door latch• Can support combo card (HID+MIFARE+contact)
For Access Control Application
• Readers:• Smart Card and Fingerprint : USB and USB Key
• Smart Cards• Standard 16 Kbytes• 32 Kbytes, Cryptographic functions (to perform key-
generation and electronic signature onboard the card)• Combined on the same card
• HID access control Proximity (125 KHz)• MIFARE (13.56 MHz)• Printing 4-colors process on both side
(User picture, name and ID info)• Magnetic stripe• Security features such as: holograms, micro-printing,
UV
Complete Solution:
Zim-ex.For IT Security Application
• Software Components: • SmartLogon for Windows
• SmartPKI2 for Entrust®
(Cryptographic applications, authentication+ secure and portable profile-storage for Entrust users)
• SmartLogon for CheckPoint/VPN(Authentication, geographically-distant user)
• SmartPKI2 for windows®
(Outlook)
• SmartProfile (Single Sign-On for almost any application)
Complete Solution:
Zim-ex.For IT Security Application
TruBlueZim-ex fingerprint and smart card
readers:• USB• Contact smart card interface• ISO-7816• Entrust Ready• Microsoft WHQL Certified• PC/SC driver included
Zim-ex.TruBlue
USBkeyZim-ex fingerprint and smart card
readers:• USB• Contact smart card interface• SIM module• Entrust Ready• Microsoft WHQL Certified• PC/SC driver included
Zim-ex.USBkey
SmartSign: Zim-ex Smart card readers:• Serial port @ 115 kbps• Flash Memory
(firmware can be updated in the field)• Landing contact instead of swiping
contact (200,000 insertions warranty)• Screwable base• Entrust Ready• Microsoft WHQL Certified• PC/SC driver included
Zim-ex.SmartSign
Zim-ex.Coming Products
Mobile Readers
• with RF capabilities
RF communication:
• GSM and other Mobile communication
• Blue Tooth
• WiFi
• Wireless LAN
Will allows link to central database for:
• Background check
• Send fingerprint for verification
• Check citizen status and information
Zim-ex.
Benefits of a ID Card Projectwith Fingerprintand Smart Card
Zim-ex.Benefits of Smart Card / Fingerprint
Smart Card:
• Citizen information's and fingerprint stored inside the smart card
• Impossible to issue fake cards
• Can be used for Multi Application
• Information on the card, can be updated by the authority
Fingerprint:
• Cannot take someone identity
• More easy to track criminal
• Can be link to a central database
Zim-ex.SmartPrint™ Advantages
For ID Card Project
Tracability : Each card issued is linked to it’s enrolment officer
Integrity : Any information change on card will be detected
Trustworthiness : Accountability of enrolment officers prevents temptation to fraudulent issuing of cards
Rapidity : Authentication in 0.6 seconds
Portability : Allows for Mobile ID verification
Maintainability : Quick firmware updates in the field (flash memory)
Flexibility : Multi-lingual interface; supports any foreign character
Compatibility : Can support different AFIS systems
Security : Impossible to issue fake cards
Zim-ex.
ID Card ProjectAround the World
Zim-ex.Chinese Project
National ID Card:
• For every citizen older than 16 years old
• Around 900 millions cards
• 5 to 8 years to deploy
• Control by the MPS (Ministry of Public Security)
• We partner with:
• TriRing: one of the 500 biggest company in China
• GMCC: first authorized company to manufacture credit card in China. They print Chinese paper money.
• We received an order of 20,000 readers from GMCC The biggest biometrics order in the world
• The MPS will needs 1,000,000 readers for the project
• They used contactless smart card (MIFARE and Hua Hong)
• Status: Official launching soon, already have temporary citizen card bids
Zim-ex.Alcohol Agency of Quebec
IT Security and Access Control Card:
• Used to control access of computer and building
• Single Sign-On (SSO) for:
• Windows NT and 2000
• Netscape and Internet Explorer
• Tivoli
• CheckPoint VPN
• for more than 20 different applications
• Will be used by 6,000 employees
• We partner with Motus and CGI
• We used contact and proximity smart card
• Status: Full deployment in 3 months
Zim-ex.Montreal Airport, Canada
Access Control:
• Used to control access of secure area (Tarmac, control center…)
• Used by Airport Employees
• Reader installed at specific doors and used by security officer to check truck delivery
• We used contactless smart card
Zim-ex.Bank in Europe
e-banking
• For one of the biggest bank in Europe
• Used to secure banking transaction and to protect account number
• Will be used by Corporate and VIP customer of the Bank
• We used contact smart card
• A digital certificate of Verisign is stored on the smart card
• Status: Our partner is doing the pilot test
Zim-ex.Bank in China
e-banking
• For one of the biggest bank in China (CITIC Bank)
• Support the CFCA of China CFCA: Chinese Financial Certification Authority
• Used to secure banking transaction and to protect account number
• Will be used by Corporate and VIP customer of the Bank
• We used contact smart card
• A digital certificate of Entrust is stored on the smart card
Zim-ex.Pharmaceutical Company in USA
Secure e-mail and PKI
• For the biggest Pharmaceutical Company in the world (Novartis)
• Support Entrust PKI and Lotus Notes
• The FDA (Food Drug and Administration) required pharmaceutical companies to send encrypted e-mail
• Used to secure e-mail (encrypt)
• Will be used by 60,000 Novartis employees worldwide
Zim-ex.Conclusion
Zim-ex offers:
• The Best Solution in the Market
• Innovative and unique solution for Authentication
• To closes the gap between physical and IT security
• A wide range of products
• Multi-language products
• It’s extensive PKI expertise
• An experience and hard-working R&D team
Zim-ex. Canada, Headquarter
400 Jean-Lesage, Hall OuestSuite 30
Québec, QuébecG1K 4W1
(418) 692-3137(418) 692-3137
Zim-ex.
Bringing Trust and Mobility to the Digital Age