Why the Public Sector needs Bio-Metric Solutions and how ORCL + Daon can help

Combing Oracle IDM Products with Best-of-Breed Biometric Infrastructure from Daon enables successful deployments across the Public Sector



Why are government organizations looking for this?

• Stronger security to mitigate fraud & ID theft (more details below)
• Strong Authentication without tokens (more details below)
  

Why has it not been adopted already?

• Requirements for end-points to capture & verify biometrics
• Complexity of provisioning & sharing biometrics across platforms and regions
  

So how can we be successful now?

• Provisioning credentials & enabling cross platform SSO
• Managing roles and fine grain entitlements
  

What is the real scoop on Fraud:

• eCommerce Fraud Losses Projected to Grow to $3.6 Billion in 2008
• Merchants estimate that 1.4% of their online sales will line the pockets of fraudsters
  Source: CyberSource eCommerce Fraud Survey, 2007
• Société Générale €5 billion in trading loss due to unauthorized trades
• Trader executed €50 billion of unauthorized trades and attempted to cover over his losses. When the bank discovered the fraud it had to unwind the position in 3 days, resulting in €5 billion in loss and triggering a world wide financial market sell-off.
  Source: CNN, January 2008
• $17 Million remediation cost for 45 million stolen credit card numbers
  Breach of TJ Maxx’s IT systems led to the lost of 45 million credit and debit card numbers over a period of 18 months. Estimated revenue impact from negative press coverage was $4.5 billion.
  Source: Information Week, May 2007

So why is Strong Authentication not enough?

• Tokens & Smart Cards require the device to be present, credentials still can be stolen and subject to man in the middle attacks and other Phishing or Virus/Malware breaches
• Conversly, Biometric Credentials can not be stolen or replicated, user does not have to carry/track additional tools.
• They can be verified for uniqueness against state, local, federal & international databases
  Rapidly identify potential threats or risky persons.
  

This is where it gets tricky

• Capturing & Storing Credentials
• High cost of having devices at the end-points to capture data
• Tremendous disparity in capture/read devices & algorithms
• It is difficult to future proof your deployment when devices, algorithms, and infrastructure continuously evolving
• Risk of being out of date by the time of production deployment
• Challenging to provisioning credentials and synchronize biometrics with apps & infrastructure
• Challenge for using single biometric authentication for SSO
  

So how do you maximize the ROI?

• Govt. & Ent. require solutions that compliment & enhance entire IT IDM infrastructure to justify investment.
• Oracle IDM Solutions Provisioning Credentials
• Oracle Identity Manager (OIM) enables automated provisioning or revocation of accounts based on biometric auth/enrolment
• Oracle Role Manager (ORM) ties biometric attributes to user roles
• Oracle Entitlements Server (OES) richly defines fine-grain applications entitlements to grant/limit access to specific functions, data sets, or transactions based on level of authentication, roles, and credentials.
• Gain seamless authentication across applications with Oracle eSSO (OESSO)
• Replaces name/pwd with a a single biometric authentication to increase security level & create single sign-on across web & desktop applications.
• Oracle Adaptive Access Manager (OAAM) Ties biometric authentication with broader authentication context (like device identification and location) to validate the entire transaction and identify anomalies or malicious behavior over time.
  

Here is how the Daon solution fits in...

For more information on Daon please visit their website.