NAPHSIS 2007 Salt Lake City Oregon’s Experience with EDR Biometrics Michael Day, MPA...
-
Upload
antony-sparks -
Category
Documents
-
view
217 -
download
0
Transcript of NAPHSIS 2007 Salt Lake City Oregon’s Experience with EDR Biometrics Michael Day, MPA...
NAPHSIS 2007Salt Lake City
Oregon’s Experience withEDR Biometrics
Michael Day, MPA
Communications CoordinatorOregon Vital Events Registration System
Center for Health StatisticsDepartment of Human Services
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Introduction to Biometrics Genuine two-factor authentication
combines: Something you know – login/password Something you are – fingerprint
Oregon uses the APC Biopod:
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Device Installation
USB Connection
We provide a disk containing necessary software Device driver Microsoft .NET Framework Vendor program to adjust security
settings
Support tech during rollout
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Biometric Signing
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Example – Fails:
Biometric Signing
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Animation Example – Fails:
Biometric Signing
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Animation Example – Successful:
Overall Experience
Users largely accepting “Cool” “Fun” “Easy”
Sometimes frustrating Takes some practice for consistent finger
placement Requires all “I’s dotted and T’s crossed”
before it will authenticate
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Concerns: Security System creates templates using
pattern matching
Reference template created and stored during initial enrollment
Match template created when signing record
Compare the two to authenticate
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Concerns: Security
Template security is the critical factor
Template is created using a hash function Hash function is a formula used to turn
fingerprint pattern into numeric data One-way process “Chops and mixes” original data
Further encrypted – AES 256-bit
Only encrypted hash value is transmitted/stored, not fingerprint pattern
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Concerns: Distrust Some resistance to fingerprint storage
“Big brother” has their fingerprints? Loss of privacy
How to address concerns Biometric security white paper Positive experience of other users Increased use of fingerprints elsewhere
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Other Experiences
Co-exists with other biometric devices
Device can be used for other biometric functions
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007
Additional Information General information:
Mike Day, Communications Coordinator [email protected] 971-673-1196
Technical questions: Sandra Sams, Technical Lead [email protected] 971-673-0579
www.oregon.gov/DHS/ph/OVERS/
The NAPHSIS/NCHS CollaborationPast Successes and Future Challenges
Salt Lake City, UT June 3rd – 7th, 2007