INSIDE Secure, a semiconductor solutions provider for secure transactions and digital identity, today announced the availability of biometric on-card matching capabilities for its SecuRead(TM) system-in-package NFC solution, enabling manufacturers of mobile NFC devices to provide enhanced, two-factor security and greater personal privacy for a variety of mobile applications.
Based on advanced fingerprint identification software from Neurotechnology running on the SecuRead secure element, the new solution debuts on the TazCard, the NFC electronic wallet from TazTag, and will be demonstrated at the upcoming Mobile World Congress.
“Privacy is ensured because once the user’s fingerprint is stored in the secure element of the SecuRead device, all subsequent fingerprint matching operations are processed there, too, and the original fingerprint data is never exposed again,” said Bastien Latgé, senior product manager, secure element and mobile applications at INSIDE Secure. “By combining something you have – the TazCard – with something you are – your fingerprint – we are able to achieve strong two-factor user authentication, which then enables the TazCard or other device to unlock the secured application in our secure element.”
The Mobile World Congress demonstration will employ a personal computer with a small fingerprint scanner attached to it representing a POS terminal and a TazCard NFC wallet running a payment application. The PC will first be used to capture the TazCard user’s fingerprint as part of the enrollment process. The fingerprint minutiae points will be extracted by the Neurotechnology software on the PC and transmitted to the TazCard, where it will be securely stored in the INSIDE SecuRead. Then the TazCard will be used to make a purchase. The POS terminal will again be used to scan the TazCard user’s fingerprint and extract the fingerprint minutiae points, which will then be transmitted to the TazCard. The SecuRead will use its onboard Neurotechnology software to compare this new fingerprint data with the “trusted” data previously stored during enrollment that never leaves the secure element. If the two match, it will unlock the payment application on the TazCard, and the payment transaction will be allowed to proceed. The same process can be used for other types of applications such as secured access control or ID.
“Our MegaMatcher On Card SDK was designed specifically to bring this kind of biometric authentication to embedded processors running Java Card, such as the SecuRead at the heart of the TazCard,” said Antonello Mincone, project and sales manager for Neurotechnology. “This NFC-based biometric on-card matching solution incorporates our latest fingerprint verification technology for smartcards, which improves reliability, speed and memory requirements compared to our previous analogous product.”
SecuRead is a complete, single-package NFC solution that makes it simple for manufacturers of NFC mobile phones, tablets and other devices to integrate all of the contactless, security and application functions required for a broad range of payment, identity, transport and access control applications, including virtual credit and debit cards, national or employee identity cards, healthcare program cards, boarding system and registered traveler programs, among others.
“With the new SecuRead on-card matching capability, TazCard can now offer true two-factor authentication with enhanced privacy of sensitive personal information, making it ideal for a variety of banking, identity and access control applications,” said Eric Fouchard, CEO of TazTag. “By teaming with INSIDE Secure and Neurotechnology, TazTag is able to deliver the first commercial NFC device with this capability, and is already working with a customer to help them develop a banking application.”
In addition to INSIDE’s SecuRead module, the TazCard also incorporates the INSIDE VaultIC turnkey security module to protect access to the personal data and applications. Based on security-certified hardware platforms with Common Criteria EAL4+/EAL5+ and/or FIPS140-2 security certificates, VaultIC provides secure storage of keys, certificates and user data while dramatically reducing or eliminating the need for custom development.
The demonstration of the biometric on-card matching capabilities for SecuRead will be presented at the INSIDE Secure hospitality suite at the GSMA World Mobile Congress in Barcelona, Spain, February 14 to 17, 2011.