Certification Country: AUSTRALIA/NEW ZEALAND (2003)
Certificate Details: 2003/31, October 2003
Certification Method: CC
Crypt Evaluation: Completed
Evaluation Facility: CMG
Manufacturer/Vendor/Distributor: Iridian Technologies, Inc.
Iridian Technologies, Inc.
Argus Solutions Ltd
Level 10, 55 Lavender Street
MILSONS POINT NSW 2061 AU
Phone: (+61) 2 9963 7300
Fax: (+61) 9460 3988
The Iridian KnoWho Authentication Server and Private ID form a biometric identification and verification system, based on iris recognition technology. The system provides an organisation with the flexibility to perform identification and/or verification of individuals for controlling access to sensitive IT assets. Identification seeks to answer the question "Who is the individual?" by attempting to match a supplied biometric sample of an individual with any one of the set of enrolled biometric templates (a one to many process). Verification seeks to answer the question of "Is the individual who they claim they are?" by attempting to match a supplied biometric sample with a single claimed biometric template (a one to one process) referenced by an identification number.
Panasonic Authenticam or LG-2200 cameras are used to capture a series of digital images of the individual's eye. The PrivateID software implements countermeasures to ensure captured images have not been forged and are of sufficient quality. Images are then securely transmitted to the KnoWho Authentication Server, which generates an IrisCode from the data for comparison against one (verification) or all (identification) stored biometric records.
In order to be identified or verified by the KnoWho Authentication Server, an individual must first be enrolled by the organisation using the Enrolment Application. Enrolment is a supervised process where the camera and PrivateID software capture a series of digital images of the individual's eye. As in the recognition process, suitable images are selected and sent across to the KnoWho Authentication Server, where a unique IrisCode is generated and sent to a database for secure storage. Before storage, a fraud screen identification process is executed to ensure that a second identity cannot be enrolled with the same IrisCode template. The KnoWho Authentication Server does not store personal data, but does index a stored IrisCode template with a Customer Identification Number (CIN) thus preserving an individual's privacy.
The KnoWho Authentication Server generates an audit trail of all authentication and security relevant events appropriate to the biometric application, and all biometric audit data is securely stored within a database, accessible only by the administrator. Additionally, the KnoWho Authentication Server includes a Maintenance Application, which provides functionality for management of server security features.
In summary, the KnoWho Authentication Server and Private ID software enable an organisation to develop applications which can set and enforce access control policies based on a physiological biometric ('something you are') rather than the traditional use of passwords ('something you know') and/or tokens ('something you have').