LIVE WEBINAR: After Lapsus$, How to Protect your SSO from Vendor and Contractor Compromise
Register Now!

The Business Challenge

Securing facilities to be accessible only by authorized individuals usually involves a separate set of vendors, systems, and devices — typically access cards that are issued to employees, contractors, and partners allowing them into various areas of a building.

These Physical Access Control systems are generally not linked to the IT authentication system.  The “proximity” cards on which they rely are easily lost, stolen, and can even be cloned making them above all else an artifact of the on premise workplace that represents both a security vulnerability and nuisance as they are often left behind or borrowed indiscriminately as a gesture of kindness from one worker to the next.

In a move to modernize, some organizations have moved to biometric access controls, particularly for the data center. But these systems tend to be expensive, lack certification to NIST 800-63-3 guidelines, and create centralized user stores which then must be safeguarded. As a result, these niche applications require specialized training to maintain, they are hard to secure, and somewhat stand alone because of proprietary architecture.

In the best case the practices that have devolved around legacy physical access controls circumvent efficient management and control. In the worst case, they expose organizations to the worst threats possible, and inhibit agility and responsiveness when speed of response is critical.

The BlockID Advantage

Improve security and efficiency by simplifying and linking access management

In virtually the same way that 1Kosmos BlockID Workforce provides access to online services, it can provide touch free physical access through the doors and entryways to buildings and facilities. 

Employees tend to take their mobile devices with them everywhere they go. Why not use them for facilities access versus requiring them to carry along a separate access card?

QR codes placed on placards can be installed or the NFC or Bluetooth capabilities of mobile devices can be used with existing card readers. The device placed near to the reader will then perform a biometric authentication.

From a security perspective, this removes gaps and lag time when onboarding and offboarding workers and during emergency response. But even at purely a business level, simplification can help tap into hidden strengths and open new paths to efficiency such as eliminating redundant provisioning / deprovisioning steps and eliminating inconsistencies.

User biometrics are verified and matched to the identity proofed at enrollment each time, every time

Over and above a simple card scan, our solutions support a TouchID, FaceID or Live ID, which is essentially a short selfie video. This is matched to the image on a credential scanned at enrollment, for example, the photo on a driver’s license or a passport, used to initially verify a likeness.

We use real biometric, not just the phone’s interpretation. This means that any time LiveID is used, it is compared to the biometric captured during the enrollment process. 

We do this to verify that the biometric traits of an individual each time they request access matches the test performed during the enrollment process.

This does not require any new hardware at the edge.

A certified platform and SDK / API integration simplifies implementation without custom coding or special configurations

Our platform is certified to the highest industry standards including FIDO2 and NIST 800-63-3 and complies with GDPR, SOC2, and ISO 27001 for handling and retention of sensitive data. 

It integrates with most standards-based physical access management systems with no custom coding, no special firewall rules, or special security configurations. Deployment is simple and fast – typically in under a week –  via off the shelf APIs and services with low risk and no disruption.

Ready to go Passwordless?

Indisputable identity-proofing, advanced biometrics-powered passwordless authentication and fraud detection in a single application.