Suprema, a global provider of biometrics and security solutions, announced that the company will showcase GDPR-ready access control solution at IFSEC 2018 next month in London. As an EU's leading provider of biometric access control solution, Suprema has anticipated the regulation by providing key technical features to comply with GDPR.
At the show, Suprema will provide full demonstration of its GDPR-ready solution to help systems integrators and customers understand trusted best practices to keep people and organizations safe and secure. When it comes to access control, GDPR requires that organisation implement appropriate technical and regulatory measure to provide security level against certain risk. Suprema's latest access control security solution now provides comprehensive GDPR-compliant features including below.
All data is stored in templates which is encrypted by 128bit AES, 256bit AES, DES/3DES depending on the designated storage location
Secure biometric data protection
Raw images of the fingerprints / faces are never stored in the device or server. All data is stored in templates which is encrypted by 128bit AES, 256bit AES, DES/3DES depending on the designated storage location. (i.e. Device, Server and/or Smartcard)
Transactions, malware and data breaches
TCP communication of data within the system is secured with the use of TLS 1.2 (including SSL/HTTPS). This ensures that no sensitive data is compromised during the communication between the devices and the central server.
Privacy data on edge devices
All Suprema devices are equipped with a secure tamper feature, which ensures the security of data stored in the devices. If the device is removed from the wall and tampered with, the secure data (biometric templates, User ID, Logs) within the device will automatically be deleted.
Aaccess on card
With Access on Card (AoC) technology, Suprema provides system designers with option to store personal data only on smartcards. All personal data and credential is not stored on servers or devices but only on his/her smartcard of own possession.
Personal data lifecycle
In accordance with GDPR, Suprema makes it possible in BioStar 2 so that event logs and data stored in the server is automatically deleted after a certain period of time (set by the administrator). This is in line with the 'right to be forgotten' requirement in the GDPR.
With the latest update of BioStar 2, system administrators can fully customise level of right on access to personal data informationAuthentication for data access
With the latest update of BioStar 2, Suprema's open-architecture security platform, system administrators can fully customise level of right on access to personal data information according to their organisational requirements.
Providing proof of compliance
BioStar 2 delivers comprehensive audit logs compliant to GDPR.
In addition, Suprema will also showcase its latest range of centralised access control solution including CoreStation (access control unit), fingerprint reader, RFID/keypad readers as well as BioLite N2, an outdoor fingerprint terminal.