Steve Turner, Chief Technology Officer at MBX Biometrics, explores how fingerprints can add a strengthened layer of security when authenticating individuals.

Can you tell our readers a bit about yourself?

I got started in technology in the US Air Force with electronic countermeasures and when I left, I then started with a company called SafeNet, which was mostly focused on data encryption technologies for banks and the federal government.

At this time (during the 1990s), I was working on biometric smart cards, but at that time, the technology wasn’t quite there yet.

The sensor chips were too thick and vulnerable and we ended up with a high-cost product.

Next, I worked with another company called Oculus Labs, where we developed facial recognition and eye scanning technology.

This would encrypt the words on a computer monitor to only clear text where someone’s eyes were looking; essentially visually encrypting the content.

The facial recognition was used to blur a screen should someone appear over the user’s shoulder to potentially look at the screen.

After this, I re-joined Doug Kozlay at Biometric Associates and I was initially involved in operations and customer support as well as engineering from time to time.

When I started, we were making smart card readers for both common access cards (CAC) and personal identification verification (PIV) that were utilized in government.

Ultimately though, the US government started preferring waivers to supporting standard space encryption technologies.

That’s why the company moved toward the biometrics space and that’s where we are today.

Why focus on fingerprints?

Our biometric ID card is called MBX-ID, which stands for Mobile Biometrics Identification.

Its primary function is for identification and authentication for physical access control.

We are finishing the technology for the MBX to be used in logical access control and down the road, the card will be used for personal safety with a duress button.

Right now, we have an open platform which includes a microcontroller and a non-chargeable primary cell battery.

In April we’ll be launching wireless re-charging (Qi2).

We chose to utilize fingerprint cards (FPCs) because they are the gold standard in the industry.

The benefits of using fingerprints sensors for identification and authentication is that they are very thin and can be placed on a card that is easy to transport.

We’ve also created an ability to add other technologies such as 5G that can communicate a signal.

We are unique in the market in that the MBX cards never store a fingerprint.

We utilize a capacitive sensor that reads the electrical characteristics and specifically looks for the minutia of each fingerprint.

It stores this information as a template and not as a fingerprint. That template never leaves the card, so we never store the fingerprint information.

Once a finger has been enrolled and the template is on the card, any other time a finger is placed on the card, it just compares the results of that new algorithm with what template is stored on the card.

What we’re adding is multifactor authentication; if an ID card is lost or stolen, it can only be used by the person matching the fingerprint that has been enrolled.

In terms of enrollment, we have a phone app and we can enroll up to ten fingers on one card.

We therefore have the option to enroll more than one finger so that there is a backup on a single card.

We support radio-frequency identification (RFID) and in doing so are able to further control the timeframe the card can be used for physical access.

One company we work with wants to allow their customers to leave the card “on” all day and we have a configurable ability so that we can turn on the RFID and our card works just as it would before.

We are also working on fast identification online (FIDO) for logical access control.

This would allow one finger to be used for logging into accounts online and another finger for RFID (physical access control), supporting our multifactor authentication goal.

What trends are we seeing in identification and authentication at the moment?

In general, we live in a world where enhanced security is a must. We read about it every day. The more layers of security we can add, the safer we will all be.

Enhanced security should also be cost effective – the MBX can integrate with any access control system without changing out infrastructure.

I like to think of it as enabling others’ technology with biometrics.

We can essentially work with anybody’s RFID chips and integrating their hardware technology into our microcontroller makes the process far less expensive.

We’re seeing a rise in interest from the education market to prevent having to rekey doors almost every semester.

AI has also become so sophisticated to the point where it can collect data without individuals realizing it, such as through facial recognition.

However, the MBX mitigates AI being able to steal identity and personal data.

What kind of challenges do biometric technologies solve?

Mobile credentials can be used for a lot, such as access control, but if lost or stolen they can still be used to gain access to bank accounts or other private data.

The MBX will not function (a user will not be granted access) unless the fingerprint is a match.

Using an MBX card increases the level of security, which is what’s most important.

Fingerprint technology provides more peace of mind through extra security; for example, in the FIDO environment, you might require a pin, but the MBX adds a non-repudiation layer when accessing sensitive information should the pin be shared or guessed.

What kind of industries are biometric technologies most useful in?

Some important markets that we are focused on right now include the healthcare and education markets, due to the higher levels of security required for these verticals.

In healthcare, doctors or nurses can use fingerprint biometrics to remain logged into the accounts that they need, such as with shared computer terminals.

However, if practitioners remain logged in but walk away from the terminal, confidential records will be exposed to the next person using the computer.

This is a potential Health Insurance Portability and Accountability Act (HIPAA) violation and financial liability for the hospital.

The MBX will biometrically authenticate each user and will automatically log a user off a computer based on parameters set for distance or time spent away from a terminal.

Additionally, pharmaceutical cabinets need to remain highly secure – fingerprint biometrics can ensure that only authorized personnel can unlock these and gain access to restricted meds.

Another vertical we’re finding has increased interest is gaming and casinos.

When we’re dealing with a lot of money changing hands, it’s important to have a higher level of security.

Biometrics are employed to verify the identity of users during account creation or login processes.

Users are prompted to enroll their fingerprint during the account registration process to establish a secure and unique identifier for future authentication.

Biometric authentication can be utilized to authorize high-value transactions, adding an extra layer of security to financial activities within the platform.

Plus, players may be required to use biometrics to verify their identity when making withdrawal requests, preventing unauthorized access to funds.

For things like age verification, biometric technology can be employed to verify the age of players during account creation to ensure compliance with legal age requirements for gambling.

Plus, biometrics can be integrated into self-exclusion programs, helping platforms identify and restrict access for those who have voluntarily opted for exclusion due to gambling-related matters.

If there is one thing you’d like our readers to know, what would that be?

Mostly I’d want people to know that we have a multifunction card currently supporting RFID, Bluetooth and FIDO.

We envision a roadmap to feature 5G and duress assuming additional investor support.

We have full control of everything that we’re doing and have a lot of room to expand.

The MBX will be the choice for physical access control, logical access control and personal safety all in one biometric credential – so keep an eye on us and keep an eye on this space.

This article was originally published in the April edition of Security Journal Americas. To read your FREE digital edition, click here.