The prime goal of every National Identity (Citizen Identity) Program is to create a secure digital identity for each citizen. To meet a nation’s security and reliability specifications, the technology partner(companies like Idemia, Gemalto) has to build an end-to-end system which is tailor-made to cater to the demands of the respective legislative system. The system usually involves:
- Building and maintaining a reliable civil registry of unique identifiers based on biometrics acquisition of nationals and residents
- Issuing ID cards with embedded electronic and physical security features
- Managing the ID card lifecycle
- Enabling the card to be much more than a simple document. Multiple applications give access to numerous services and the card also acts as a travel credential and election card.
Many National Identity Programs started using biometric smart cards as an identification document(ID) – a machine-readable biometric smart card with in-built security features. The smart card features a chip, containing the cardholder’s photograph, biometric templates, and signature.
Did you know?
Malaysia was the first country to introduce biometric security in a computer chip along with photo identification on a single card in 2001
Every national identity program includes a combination of:
Identity registration: Applicant data acquisition; Applicant biometric data capture (face, iris, fingerprint)
Identity verification and validation: Automated identity claims verification; Automated eligibility verification
Identity creation and management: Unique applicant identifier is created, with personal data being securely stored in the civil registry
Smart card personalization: Card body and chip personalization; Data integrity and Quality control
Smart card issuance: Ensure the card is delivered to the rightful owner
Smart card lifecycle management: Track & Trace status – expired? stolen? renewed? produced? delivered?
What is a smart card made of?
Polycarbonate is a popular choice for manufacturing smart cards. It is known for being a good electrical insulator and having heat-resistant and flame-retardant properties.
Memory vs microprocessor
There are 2 types of smart cards: memory and microprocessor. Memory smart cards simply store data. A microprocessor smart card, on the other hand, can also process data. These microprocessor-based cards enable features like match-on-card.
Contact vs contactless
Smart cards have two different types of interfaces: contact and contactless.
Contact smart cards need to be inserted or swiped into a reader. Physical contact is required. However, contactless smart cards have an antenna embedded inside the card that enables communication with the reader without physical contact. A hybrid card combines the two features with a very high level of security.
Is contactless smart card technology the same as RFID technology?
The answer is no. According to Secure Technology Alliance, there is significant confusion in discussions of RF-enabled applications, with contactless smart card technology often incorrectly categorized as ‘RFID.’ There is a wide range of RF technologies used for a variety of applications – each with different operational parameters, frequencies, read ranges and capabilities to support security and privacy features. For example, the RFID technologies that are used to add value in manufacturing, shipping and object-related tracking operate over long ranges (e.g., 25 feet), were designed for that purpose alone and have minimal built-in support for security and privacy. Contactless smart cards, on the other hand, use RF technology, but, by design, operate at a short-range (less than 4 inches) and can support the equivalent security capabilities of a contact smart card chip.
Two different stages are involved in the biometric system process – enrollment and matching.
As shown in Figure 1, the biometric sample of the individual is captured during the enrollment process (e.g., using a sensor for fingerprint, microphone for speaker recognition, camera for face recognition, camera for iris recognition). The unique features are then extracted from the biometric sample (e.g., image) to create the user’s biometric template. This biometric template is stored in a database or on a machine-readable ID card for later use during a matching process.
Figure 2 illustrates the biometric matching process. The biometric sample is again captured. The unique features are extracted from the biometric sample to create the user’s “live” biometric template. This new template is then compared with the template(s) previously stored and a numeric matching (similarity) score(s) is generated based on a determination of the common elements between the two templates. System designers determine the threshold value for this verification score based upon the security and convenience requirements of the system.
There are 2 main biometric and smartcard implementation techniques – match-on-card and match-off-card.
Here, the captured biometric template is stored in the smart card. For matching, the biometric template is read by a reader and transferred to another device/system(local or remote) for matching. In this technique, the smart card works mostly as a storage device with no requirement for processing capabilities.
Match-on-card is widely used because it enables much secure biometric processing. In this technique, the matching process happens within the card, by using the microprocessor chip. When a biometric match is requested, the external equipment submits a new live template to the smart card. The smart card then performs the matching operation within its secure processor and securely communicates the result to the external equipment. This method protects the initial enrollment template since it is maintained within the smart card and never transmitted off-card.
Did you know?
India’s Aadhaar system is the world’s largest biometric database. Aadhaar, (“foundation” in Hindi), is a 12-digit unique identification number that holds the personal details of an Indian citizen, including their biometric data from photos, fingerprints, and iris scans.
Cast Study: Match-on-card & Idemia (Safran Morpho) MSO 1350
UAE National ID smart card is an example of a match-on-card implementation technique. For eKYC(electronic Know Your Customer) requirements, government and private organizations are known to use MSO 1350 for authenticating the cardholder.
Morpho MSO 1350
The live fingerprint captured using MSO 1350 optical sensor will be sent to the National ID smart card’ chip for biometric matching. This is similar to the process presented in Figure 2.
Would you like to learn more about MSO 1300 series? please take a look at this comparison Morpho MSO 1350 vs Morpho MSO 1300
Keep watching this space for more content related to biometrics and access control systems. Please contact us if you have any suggestions.
Let Stebilex Systems help you
Stebilex Systems provides the best price on Biometrics , Access control & Time Attendance Systems in UAE, Oman, Saudi Arabia, Kuwait, Qatar, Bahrain, Jordan and Egypt. All the products we supply comes with free technical support. The popular brands Stebilex Systems supplies are IDEMIA, Paxton, HID & LenelS2
Do you need help with your Access Control or Biometrics projects?
Let experts at Stebilex help you today.