Can you truly know who's using an access card?
Access cards are utterly unreliable. Here is a reality check: First, access cards can be cloned. Second, access cards can be lost or stolen and used before the loss or theft is reported. And third, there are employees, who don’t hesitate to loan their access card to another person, including a coworker.
Some organizations have installed biometric readers, so unauthorized personnel cannot access highly secure areas, like data centers for example. This is indeed a pertinent way of countering the sharing of access cards among employees. But the problem lies in the fact that many edge biometric readers can be defeated (i.e. by copying fingerprint imprints) and they are expensive and invasive to install.
Finally, passwordless solutions have combined access card and biometric traits into one app for smartphones. However, the levels of identity and authentication assurance by which their solutions abide fail to reach the highest degrees per the NIST 800-63-3 guidelines.
2FA, MFA and most passwordless solutions fail to protect.
2FA, MFA, and most passwordless solutions do address the danger of having privileged users share their credentials with their unauthorized fellow workers. However, they remain subject to hacking.
Indeed, 2FA and MFA solutions are not foolproof. At the end of the day, any hacker can steal a username, a password, and a mobile number stored inside a company’s centralized system.
Most passwordless solutions that leverage biometrics can mitigate some of the risks incurred by 2FA and MFA solutions. However, the problem is that the level of biometrics offered is falsifiable (fingerprints can be copied, facial traits can be spoofed) and employees' data is stored unencrypted in centralized systems, a cyber criminal's favorite place to hack.
Ultimately, to store users' data (including their biometrics) in a centralized database and unencrypted creates such a level of vulnerability that a data breach is bound to happen at some point.
BlockID is the next generation contact-free authentication solution powered by advanced biometrics and Blockchain technology. Your workforce enrolls identity and authenticates with the levels of assurance per the NIST 800-63-3 guidelines of IAL2 and AAL2.
Visit the Workforce User Journey for more information.
Our private Blockchain-based data storage architecture promotes trust between your organization and your employees for all access to your systems and internal applications.
Leveraging the BlockID Private Blockchain Ecosystem entails storing employees' biometric information in a virtually incorruptible system to ensure they are who they say they are at all times throughout the process. Employees’ data stored in our distributed ledger aren’t subjected to data breaches.
The immutability of a distributed ledger is leveraged to record service provider-customer interactions. The document can never be modified, leaving an auditing trail, and therefore creating trust between all parties involved.
“Cybercrime is a daily threat to every organization and government across the globe...These Verizon solutions (powered by 1Kosmos BlockID) offer a significant step forward in cybersecurity protection.”
Alex Schlager, Executive Director and Chief Product Officer of security services at Verizon Business