0 FTS PUBLIC

Palm Vein Authentication

PalmSecure

Copyright 2013 FUJITSU

“the key is your hand”

Alaa Al-Dabbagh +966506452070

alaa.al-dabbagh@ts.fujitsu.com

1 FTS PUBLIC

Topics

Introduction

PalmSecure Technology advantage and benefits

How it works

Portfolio

Applications

References

Copyright 2013 FUJITSU

2 FTS PUBLIC

Introduction

The use of biometric technology drastically increases the security for many different applications

and further simplifies the necessary procedures with added cost benefits.

Biometric technologies are being

used to identify a person

through their unique

characteristic physical features

palm vein

3 FTS PUBLIC Copyright 2013 Fujitsu Limited

Why and which biometrics?

Security combined with convenience

True authentication

Accelerating and facilitating access

Cost and workflow reduction

Why biometrics?

Which biometrics?

Best FAR / FRR / FTA / FTE specification & liveness detection

Less sensitive to environmental influences

Applicability rate equal almost 100%

Hygienic operation

Age independent usage

4 FTS PUBLIC

Comparison of Biometric technologies

Fingerprint Face Recognition Iris Palm Veins Other Veins

Hygienic low high high high low

Applicability medium high medium high medium

Security Level medium medium high high high

Convenience Level high medium low high medium

Accuracy medium low medium high medium

Social acceptance low low medium high medium

Costs low medium high medium medium

Difficulty of Replication Difficulty of acquiring biometric data

Difficulty of Forgery

Special Technology Required

Conventional Technology Required

No Special Technology Required

Difficult to acquire in daily life

Acquired in daily life

Easily acquired in daily life

Fingerprint

Iris

Face Recog.

Other

Veins

Palm

Veins

Palm Vein is the leading technology for security and convenience to be adopted as a standard of the future

5 FTS PUBLIC

Authentication accuracy

False Acceptance Rate (FAR)

& False Rejection Rate Comparison (FRR)

Fujitsu PalmSecure is one of the most accurate and most practical technology.

Authentication Method FAR (%) = If FRR (%) =

Face recognition ~ 1.3 ~ 2.6

Voice pattern ~ 0.01 ~ 0.3

Fingerprint ~ 0.001 ~ 0.1

Finger vein ~ 0.0001 ~ 0.01

Iris/Retina ~ 0.0001 ~ 0.01

Fujitsu Palm vein < 0.00008 ~ 0.01 Accuracy

Pra

cti

cality

Face

recognition

Fingerprint

Palm vein

High

High Low

Voice

pattern

Signature

Iris/Retina

Finger vein

Low

Copyright 2013 FUJITSU

6 FTS PUBLIC

Comparison of Biometric technologies - issues

Fingerprint: • Not hygienic

• Not applicable to each individual

• Problems with dirty/injured fingers

• Criminal background

• Frequent cleaning of the sensor required

• Lower security level due to image transfer and external body feature

Iris: • Inconvenient for users with glasses / contact lenses • Difficult to position eyes correctly (height of persons)

• Not applicable to each individual

• Can be forged

Face: • Can be forged • If changes happen to the face (make up, beard, hair) system will not work

• Easy to forge

Palm Veins: • Applicable to everybody • Can be used contactless (no sensor cleaning, very hygienic)

• Works with injured or dirty hands (as long as only the skin is injured)

• Once in a lifetime enrolment • Biometric feature is inside the body

• Common Criteria security certified

Other Veins: • In comparison to palm veins other vein biometric methods are not contactless devices • They are not as accurate as they use less vessels for authentication

• Their correct operation can be negatively influenced by hair on the skin, cold (thin

• veins shrink too much) or even by tattoos on the skin

7 FTS PUBLIC

PalmSecure Technology

The Product

Compact USB device – 35mm x 35mm x 27mm

Infra-red captures the veins inside the human body and uses the biometric

data making it very secure.

Very accurate – very low FRR/FAR 0.01%/0.00008%

High usability with very low FTE(failure to enrol) rate

Immune from dirt, dust, dryness, moisture

Fast, ergonomic design makes its application highly adaptable

Contactless/hygienic, very high accuracy,

Non intrusive unlike other technologies

Copyright 2013 Fujitsu Limited

8 FTS PUBLIC

Palm vein authentication advantages

High Safety & Permanence

– advantage of veins

Hidden under the skin

makes forgery very difficult

Unique

even among identical twins

Never changes

stays same throughout life

Detectable only when

blood is flowing

High Acceptance

Very hygienic due to non-contact

operation

Very easy and intuitive to use

High Accuracy – advantage

of a palm over a finger

Palm vein patterns are complex

>5 million reference points

Palm contains thicker veins

than fingers – easier to identify

Palm veins are insensitive

against environment (cold

temperature, creamy hands,

skin scratches)

1 3 2

Copyright 2013 FUJITSU

9 FTS PUBLIC

Small foot print sensor - easy and flexible to integrate

Full contactless -hygienic- operation - biometric feature inside the body

High speed and high accuracy operation for security and for convenience (1sec matching time)

Very high applicability rate and once in a life time enrolment.

SDK for developers, rapid development and integration into solutions/applications

Match - On - Card SDK available (SECCOS, MULTOS support possible)

Best FAR/FRR/FTE specification among all biometric technologies

Same price level as a high level fingerprint sensor, less expensive than Iris

Security certified - Common Criteria EAL 2 for HW and algorithm

Template On Card, Match On Card or Central Database solutions

Approved by several international banks in real installations and in pilot projects

Recommended biometric product by several international bank associations

Summary of benefits - PalmSecure technology

Copyright 2013 FUJITSU

10 FTS PUBLIC Copyright 2013 FUJITSU

ISO/CC Security Certification

11 FTS PUBLIC

Personal Record Management Financial

Online-Banking

ATM, Counter

Deposit boxes

Information Access Management Cash-less & Card-less Payments

Wide range of application areas

There are 30 million active users of Fujitsu PalmSecure in the world.

Social Security

National IDs

Health care

Retail stores

Gas stations

Cashless

Catering

PC/Server/Terminal

Log in, Enterprises

Airports, Authorities,

Construction area

Time attendance system

Copyright 2013 FUJITSU

12 FTS PUBLIC

How the palm vein process works

Vein De-oxygenated blood makes palm vein pattern visible for

the sensors camera

Palm positioned 5-8 cm over the sensor„s surface

Life detection and focusing starts

?

Sensor emits near infra red light to the palm

The AES encrypted data will be transferred to the PC/Server or

Notebook for biometric template

generation and compression

Inside the PS sensor AES encryption of the

raw palm vein image begins

1100111010 1100111010

AES encrypted data is converted and compressed

into a biometric template which

is then AES encrypted again

1axz

001y

The 1-3 KB encrypted biometric template can be

stored on either a PC, Server,

token or smart card

AES – Advanced Encryption Standard

Copyright 2013 FUJITSU

13 FTS PUBLIC

(1) No requirement to issue a smart card. Running costs are lower. (2) Biometric data stored on server must be managed in a secure environment.

1. Server Type

2.Smart card Type : MOC (match on card) , TOC (template on card)

Verification Logic

Enrolled palm vein data

MOC Type Smart Card MOC (1) Final verification is executed inside the smart card. (2) The template for verification does not leave the smart card after enrollment. (3) Verification program consumes a part of the smart card area.

TOC Type Smart Card TOC (1) Verification is executed in the system. (2) The template for verification leaves the smart card. →security is required during this process to prevent theft of biometric data. (3) Total area consumed is smaller than that of MOC.

Enrolled palm vein data

Methods of Template Storage

14 FTS PUBLIC

PalmSecure Product Portfolio

PalmSecure

OEM Sensors

PalmSecure Log

In/SSO solutions

PalmSecure

Keyboard for

Log In/SSO

PalmSecure

Notebook/Tablet

(BTO planned)

Time & Attendance

Match On Device

Physical Access Control

New PS Soloutions

15 FTS PUBLIC

Physical access control

In this example a data center is equipped with different levels of physical access control systems.

Biometrics is used in the area of high security level.

16 FTS PUBLIC

Logical access control

In this example an enterprise is using biometric login / SSO instead of using less secured and more

expensive password / token / smartcard solution for login / SSO

17 FTS PUBLIC

Time & attendance

127%

124%

121%

119%

119%

Enterprises, authorities and industry are more and more counting on biometric access control solution to

enter buildings, rooms or to login to IT infrastructure or to operate industry production facilities

Now, these applications will be combined also with biometric time & attendance solutions…

Who can have access and at which time?

Cost efficient combination of physical- and

logical access with time & attendance control

Access control, login /SSO are controlled by

centralized time & attendance middleware

18 FTS PUBLIC

ATM/VTM operation

19 FTS PUBLIC

Corporate Online Banking operation

20 FTS PUBLIC

Private Online Banking operation

21 FTS PUBLIC

Fujitsu Secure Printing

More Information Security

• Documents for correct persons only

• User in place while printing

• No more forgotten documents

Cost efective

• No more unused prints, less paper and ink

• Centralized printers in effective use

• No more personal printers

Easy to use

• Fujitsu PalmSecure biometric authentication is easy to use

Printer manufacturer independent solution

Copyright 2013 FUJITSU

Fujitsu Secure Printing

22 FTS PUBLIC

Secure Printing Flow

User

AD

Registration

A

B

1.

2.

3.

4. 6.

5.

7. Printing Services

Domain

Controller

Authentication

Service

Printer

Copyright 2013 FUJITSU

23 FTS PUBLIC

• The leading not-for-profit hospital group in Tampa Bay Area, Florida.

• Owns 9 hospitals, 11 ambulatory Centers, 2,677 beds

Problems:

• Medical identity theft, and associated risks such as patient safety and insurance fraud

• Lengthy registration process, having patients fill in forms or having to reveal their social security

number

• EMPI clean-ups were time consuming and costly

• Need of quickly and accurately identifying patients in an emergency situation

Project:

Patient Identification System -Integrate Biometric Patient Identification System to Siemens Invision and Signature, ensure all

patient information is contained in a single record

Case Study: BayCare Heath System

US Healthcare - Baycare Case Study

Copyright 2013 FUJITSU

24 FTS PUBLIC

US Healthcare Patient Registration Customers

Copyright 2013 FUJITSU

26 FTS PUBLIC

SSI/SGK Turkey HC Project Summary

Copyright 2013 FUJITSU

Over 150,000

FTS Thin Clients [FUTRO]

Over 150,000 sensors

Over 150,000 hand guides

81 cities, services in more

than 28,000 places

2700 private hospitals

1200 state hospitals

22,000 clinics

24,000 pharmacies

27 FTS PUBLIC

SSI/SGK Media Work

Copyright 2013 FUJITSU

28 FTS PUBLIC

PalmSecure – Special Product Portfolio

Parallel processing

Narrowing down

Identification

Merge results

Data storage

(10 million

pieces of data)

Request

Palm vein

Three fingerprints

Identification result

User ID

Personal information

Increase or decrease the

number of servers depending

on the size of the potential

matches

PalmSecure & 3 Fingerprint HW solution in combination with Primergy servers,

Middleware and storage (plan)

Scalable High Security / High Performance 1:N multi-biometric solution

Addressing Social Security, Healthcare, National ID card, Population

Authentication Services

Copyright 2013 Fujitsu Limited

29 FTS PUBLIC

Solution & Application Examples for Financial Market

ATM

VTM

Online Banking

Login

SSO

Physical Access Control

T&A

Copyright 2013 FUJITSU

30 FTS PUBLIC

Deployed branch solutions - Bradesco, Brazil

Brazil‟s second largest private

bank, with 4,400 branches, over

40,000 Bradesco Expresso units;

Operates more than 33,000 ATMs,

of which 90% are palm-vein

enabled;

Some 10 million customers use the

palm vein-enabled system, with

more than 700 million transactions

completed without a single case of

fraud;

Since October 2012, has offered

customers the option of cardless

transactions, using just Palm vein

technology, account number and

password.

Copyright 2013 FUJITSU

31 FTS PUBLIC

Deployed ATM solutions – Ziraat, Turkey

Ziraat is state-owned and is

Turkey's second-largest bank;

Began rolling out palm vein

technologies in early 2011, to

its 1,300 branches; 50 (soon

to be 1,000) staff less micro-

branches; 2,900 ATMs; and

30 video-teller machines;

Aimed to have 1,400 desktop

palm readers deployed by

January 2012

Fujitsu Palm Vein

reader

Copyright 2013 FUJITSU

32 FTS PUBLIC

Deployed ATM solutions – Bank of Tokyo Mitsubishi, Japan

BTMU is Japan‟s largest commercial bank, with 790 branches and 40 million customers;

It operates around 9,000 ATMs, of which around two-thirds are palm-vein enabled;

BTMU began offering palm-vein technology in October 2004 and around 1.5 million customers now use it

regularly;

IC Bank Card with biometrics and ATM

system

"From BTMU's experience, we consider palm vein authentication as a

technology which is already approved

as practical, useful, stable service among customers."

Copyright 2013 FUJITSU

33 FTS PUBLIC

Deployed branch solutions - Ogaki Kyoritsu Bank, Japan

Following, and in response to, the

tsunami of March 2011, Ogaki

Kyoritsu Bank permits customers

to deposit and withdraw cash via

ATMs using only a palm scan (that

is, without using a card or

passbook);

Launched in September 2012, the

cardless service offered by the

bank requires customers to input

their birthday, put their palm on the

scanner and input their PIN code.

Preregistration is required.

Copyright 2013 FUJITSU

35 FTS PUBLIC

Application to other banking areas

Internet Banking

Online Corporate banking;

Online Private Banking;

Staff log-on

PC and laptop;

Office and home working;

Time and attendance monitoring.

Controlled access

Safe deposit areas;

Office and branch buildings;

Data centres.

Fujitsu‟s PalmSecure technology uses biometric sensors to

authenticate individuals and control physical, logical and

device access. Banking applications include:

Copyright 2013 FUJITSU

36 FTS PUBLIC

Physical Access / Time & Attendance

To allow authorized access to secured building areas, PalmSecure can be used

with Physical Access Control Terminal solutions.

To control, monitor and process which authorized users can get access at which time and for how long,

PalmSecure can be used with Time & Attendance Terminal solutions.

- PalmSecure Physical Access Terminals

- PalmSecure Time & Attendance Terminal

- PalmSecure Enrolment Station

For Physical access control and for

time & attendance

Fujitsu is offering various

HW & SW solutions.

Copyright 2013 FUJITSU

37 FTS PUBLIC

Deployed access solutions – Sber Bank, Russia

Founded in 1841, Sber Bank is

Russia‟s largest bank with 242,000

employees, 19,000 branches and

100 million customers;

Sber Bank uses palm vein

technologies to control access to,

and within, Europe‟s largest data

processing centre;

Opened in November 2011, the

centre processes personal and

business loans sourced from

Sber‟s regional operations.

Copyright 2013 FUJITSU

38 FTS PUBLIC

Berlin Brandenburg Airport

30.000 employees and delivery/service staff

Biometric template in Legic smartcard

130 security points

Other airports investigating now

Copyright 2013 FUJITSU

39 FTS PUBLIC

Summary of Banking Applications & Solutions

Time / Attendance Physical Access Control Log In / SSO

Preventing privacy

information and trade

secret breach;

Accelerate internal

processes

High security access

control to access different

locations within the

bank or bank data

centre

T/A for bank employees,

security staff and for

cleaning staff

Application Server Authentication Server

(Thin) Clients Access Control Terminals and Controllers T & A Terminals and Controllers

Main Server Main Server

Copyright 2013 FUJITSU

40 FTS PUBLIC

Summary of Benefits of the PalmSecure technology

Very high security level

- Internal to the body biometric template

- very complex, unique biometric vein pattern

- ISO security certified technology

Extremely high accuracy

- More than five million „points“ collected

of the palm vein structure

Very high applicability

- age / ethnic group independent operation

- works with dry, wet, dirty skin

- even works when there are skin injuries

Very high user convenience

- ergonomic, usability(natural operation)

- contactless, hygienic operation

- economical, competitive price solution

- maintains privacy

Copyright 2013 FUJITSU

41 FTS PUBLIC

Thank You for your kind attention

Jhelanie Ahmed

Copyright 2013 FUJITSU