IDEMIA- Experts & Thought Leaders

The 100 Mount Street premium grade office tower completed in May 2019, is the tallest (152m) building in North Sydney. With an innovative cross-braced exoskeleton structure and a soaring glass curtain wall, the tower celebrates Sydney‘s history of excellence in architecture and structural engineering. The 35-story office tower offers panoramic views of Sydney Harbor, Sydney Opera House and Sydney Harbor Bridge, and is occupied by some of Sydney’s best-known companies. The site also benefits from its proximity to key transport infrastructures with a train station, bus stops, ferry wharf and taxi stand all within walking distance. This high traffic location required a convenient and secure way to ensure a controlled access for the 2,000 people entering the building everyday, while maintaining the aesthetics of the 8 metres-high ceiling lobby. Biometric contactless devices In order to efficiently control access to the building, the security contractor supplied top quality COMINFO EasyGate SPT entrance control gates equipped with IDEMIA’s MorphoWave™ Compact high-end biometric contactless devices. COMINFO is an experienced word leading manufacturer of turnstiles and speedgates. EasyGate SPT models were installed, equipped with the latest MDD motor technology (Magnetic Direct Drive : no gearbox, no oil, no brush) and advanced infrared optical sensors which ensure safe passage and detect tailgating and cross-over, to ensure that only authorised people can pass through the gates. MorphoWave Compact MorphoWave Compact™ is the flagship biometric device for physical access control from IDEMIA, the pioneer in Augmented Identity. The terminal performs a 3D scan and verification of 4 fingerprints in less than 1 second, in a quick and easy touchless wave gesture. These features make the product particularly well-suited for such high traffic locations with the capability to authenticate up to 50 people per minute thanks to advanced algorithms based on Artifical Intelligence. COMINFO carried out an aesthetical integration of MorphoWave™ Compact into EasyGate SPT, resulting into a powerful solution that brings the latest physical access control system using only a simple wave of a hand. This project was deployed by CENTAMAN, COMINFO’s partner for Australia/New Zealand. Need for physical access cards Dexus and Dexus Wholesale Property Fund who owned the building were the first to implement this biometric technology in office buildings and have now more than 2,000 people registered with their biometrics, removing the need for physical access cards or touching anything when entering or leaving the secured premises. The installation is highly acclaimed by employees who appreciate the frictionless and hygienic use of MorphoWave™ Compact and EasyGate SPT.

The 100 Mount Street premium-grade office tower completed in May 2019, is the tallest (152m) building in North Sydney. With an innovative cross-braced exoskeleton structure and a soaring glass curtain wall, the tower celebrates Sydney‘s history of excellence in architecture and structural engineering. The 35-story office tower offers panoramic views of Sydney Harbour, Sydney Opera House and Sydney Harbour Bridge, and is occupied by some of Sydney’s best-known companies. The site also benefits from its proximity to key transport infrastructures with a train station, bus stops, ferry wharf and taxi stand all within walking distance. This high traffic location required a convenient and secure way to ensure controlled access for the 2,000 people entering the building everyday, while maintaining the aesthetics of the 8 metres-high ceiling lobby. Efficient control access to the building In order to efficiently control access to the building, the security contractor supplied top quality COMINFO EasyGate SPT entrance control gates equipped with IDEMIA’s MorphoWave™ Compact high-end biometric contactless devices. COMINFO is an experienced manufacturer of turnstiles and speed gates. EasyGate SPT models were installed, equipped with the latest MDD motor technology (Magnetic Direct Drive: no gearbox, no oil, no brush) and advanced infrared optical sensors which ensure safe passage and detect tailgating and cross-over, to ensure that only authorised people can pass through the gates. MorphoWave Compact™ is the flagship biometric device for physical access control from IDEMIA, the front-runner in Augmented Identity. The terminal performs a 3D scan and verification of 4 fingerprints in less than 1-second, in a quick and easy touchless wave gesture. Aesthetic integration The features of the product are particularly well-suited for high traffic locations with the capability to authenticate up to 50 people per minute thanks to advanced algorithms based on Artificial Intelligence. COMINFO carried out an aesthetical integration of MorphoWave™ Compact into EasyGate SPT, resulting in a powerful solution that brings the latest physical access control system using only a simple wave of a hand. The project was deployed by Centaman, COMINFO’s partner for Australia/New Zealand. First to implement biometric technology Dexus and Dexus Wholesale Property Fund who owned the building were the first to implement this biometric technology in office buildings and have now more than 2,000 people registered with their biometrics, removing the need for physical access cards or touching anything when entering or leaving the secured premises. The installation is highly acclaimed by employees who appreciate the frictionless and hygienic use of MorphoWave™ Compact and EasyGate SPT.

IDEMIA, the globally renowned company in Augmented Identity, moved to its new headquarters in September 2018, in an 11-floor building located in La Défense business district, in Paris, France. The building brings together 1,300 employees out of total worldwide staff strength of close to 15,000 people. Biometric access control Due to the sensitive nature of its activities in this building, and given its position on the biometrics market, IDEMIA decided to deploy biometric access control throughout the entire building, a first in this business district and a fantastic opportunity to showcase IDEMIA’s flagship products in real life. Most employees get to the office via nearby metro and tram stations, and therefore, arrive within the same 30-minute window. This creates the need for a high throughput access control solution, for entrance and exit peak-times. Access to the six elevators serving the eleven floors is given after a first control at speed gates in the lobby area. MorphoWave Compact devices deployed IDEMIA opted for MorphoWave Compact associated to Digicon’s dFlow speedgates IDEMIA opted for MorphoWave Compact associated to Digicon’s dFlow speedgates. MorphoWave Compact devices were mounted on a special stylish stainless steel pedestal. Four dFlow lanes were installed, with readers for entry and exit. MorphoWave Compact is IDEMIA’s flagship biometric device for physical access control. It performs a 3D scan and verification of four fingerprints in less than one second, in a quick and easy touchless ‘wave’ gesture within the reader. dFlow speedgates These features make the product particularly well-suited for such high-traffic locations, with the capability to authenticate up to 50 people per minute, thanks to advanced algorithms based on Artificial Intelligence. With dFlow speedgates, Digicon introduces a new vision for access control gates, one with continuous flows and normally open doors. dFlow enables free flow, ushering new levels of comfort and security. Frictionless biometric solution The installation is highly acclaimed by employees who appreciate the frictionless use of MorphoWave Compact and its natural ‘wave’ hand gesture, as well as Digicon’s ‘always open’ dFlow concept, that enables them to get to the elevators in only a few seconds. Of course, IDEMIA was well-placed for this biometric employee access control deployment, being the provider of MorphoWave Compact. The employees were immediately convinced by the frictionless and hygienic experience it offered them. The team in charge of the security of the building found the MorphoWave Compact and dFlow combination more secure and less intrusive than other access control systems. Most importantly, what is true for a company like IDEMIA will also be true for any company in need of a high level of security delivered in a frictionless and convenient way, especially in high-traffic locations like in an HQ lobby.

PKOC stands for Public Key Open Credential. It is a new standard that will meet a 30-year industry challenge and strip away much of the complexity and cost involved in protecting and administering credentials for access control. It could also accelerate the transition from cards to mobile access control. PKOC is a standards-based mobile credential that is essentially free, vendor-agnostic, and interoperable across multiple devices and systems. It is a highly secure access credential that can live on a mobile phone, in a plastic access card, or in any device capable of generating a public-private key pair. Access control systems PKOC is the newest standard of the Physical Security Interoperability Alliance (PSIA), a tax-exempt organisation created to define, recommend, and promote standards for IP-enabled security devices and systems. PSIA introduced the Physical Logical Access Interoperability (PLAI) specification in 2013 to normalise identity data across disparate physical access control systems. The PKOC specification was introduced in 2021. We’re convinced this is the future A challenge for PSIA in promoting the PKOC mobile credential is to explain it quickly and in layman’s terms “We see the benefit of implementing the PKOC technology and doing it well,” says Sam Siegel, Senior Field Applications Engineer for ELATEC, a manufacturer of credential-agnostic readers/writers. “We wanted to get involved and join the discussion.” ELATEC has been participating in PSIA for more than a year. “This is a better way to do things,” says Siegel. “The PSIA, myself included, are convinced this is the future. The challenge is to get enough people to understand that it is a seismic shift away from what has been in place for so long.” A challenge for PSIA in promoting the PKOC mobile credential is to explain it quickly and in layman’s terms. The explanation spans the concept of public key infrastructure (PKI) and the difference between symmetrical and asymmetrical digital keys. Protecting symmetrical keys A symmetrical key system, which has been used historically in the access control market, involves the use of a single proprietary digital key to both encrypt and decrypt information. This means that digital public keys must be incorporated into each access control reader in the form of a module or a license, which the reader uses to read any compatible cards. Protecting symmetrical keys has been an expensive technology challenge the access control world The need to share these digital keys (in effect, the ability to read every compatible card) securely among access control manufacturers, integrators and end users involves extra administration and costs to ensure the security of the system. Protecting symmetrical keys has been an expensive technology challenge the access control world has borne for decades. The use of proprietary keys also promotes dependence on a single manufacturer or vendor to expand the ecosystem. The use of asymmetrical keys takes away these challenges. Advantages of using asymmetrical key pairs PKOC embraces the principle of PKI (public key infrastructure), a two-key asymmetrical system used to ensure confidentiality and encryption. In effect, there are two digital "keys," one public and one private, that are used to encrypt and decrypt information, in this case, a credential for an access control system. The secure credential standard is generated independently of a third-party credential issuer. It is generated within the device. In the access control scenario, the smartphone generates a key pair in the secure element of the phone, including a private key, which is stored on the smartphone, and a public key, which serves as the user’s ID number in the access control system. Sharing the public key is not a security risk because it is worthless without the private key that is locked away on the smartphone. PKOC-enabled smartphone The smartphone must contain the private key in order to interface with the access control system When a PKOC-enabled smartphone approaches a PKOC-enabled reader, the reader sends a one-time random number (a ‘nonce’) to the smartphone, which then encrypts it using the private key, and sends it along with the public key back to the reader. The reader uses the public key to decrypt the random number, which confirms the authorised access associated with the smartphone. The signals are sent via Bluetooth Low Energy (BLE).  Importantly, the private key never leaves the smartphone and is never shared with any other elements of the access control system. Therefore, there are no administrative or technical costs associated with protecting it. The smartphone must contain the private key in order to interface with the access control system using the public key. Mobile credentialing system For ELATEC, embracing PKOC provides a new way to highlight the company’s value proposition and promote it to a new group of companies; i.e., those who adopt the PKOC approach to mobile credentialing. The ‘universal’ configuration of the ELATEC reader hardware is credential-agnostic “PKOC serves as a great way to show off our value and what we do best,” says Siegel. ELATEC provides credential readers/writers that operate in a variety of card and reader environments, incorporating an integrated BLE module to support mobile ID and authentication solutions, including PKOC. Using applicable firmware, the ‘universal’ configuration of the ELATEC reader hardware is credential-agnostic and so compatible with any RFID card or mobile credentialing system, all in a small form factor (around 1 1/2 inches square). How readers and smartphones interact The PKOC standard addresses the variables of how the reader and the smartphone share information. Currently, the PKOC standard addresses communication via BLE, but the principle is the same for systems using near-field communication (NFC), ultra-wideband (UWB), or any future protocols. PKOC also defines how device manufacturers can enable devices (readers, locks, control panels, biometric devices, etc.) to securely consume the credential for authentication and access. PKOC can be used with smart cards as well as with smartphones. In the case of a smart card, the public and private keys are contained on the smart card, which communicates via NFC with the reader. The encryption/decryption scenario is exactly the same. PKOC enables users to ‘bring your own credential’ (BYOC). Public key number ELATEC is proud to have played an instrumental role with the PSIA in the implementation of PKOC" BLE offers a broader read range than NFC; the read range can be managed using software and/or by signalling intent or two-factor authentication. Because private keys remain secure inside a smartphone, they do not have to be incorporated into a digital wallet for security purposes, although they could be incorporated for matters of convenience.  To simplify administration, the public key number can be used as a badge number. If badge numbers have already been assigned, a column could be added to the database to associate badge numbers with public key numbers. “ELATEC is proud to have played an instrumental role with the PSIA in the implementation of PKOC,” said Paul Massey, CEO of ELATEC, Inc. “End-users should not be limited in their solution mix to one or two vendors due to their proprietary technology. PKOC now provides the ideal combination of security, convenience, interoperability, and cost for industry participants, by industry participants.” ‘Experience PSIA’ will promote PKOC at ISC West ISC West participants include PSIM manufacturer Advancis Software and Services The flexibility of PKOC will be on display at ISC West 2023, where ‘Experience PSIA’ will register attendees and provide them with a PKOC credential that can be used with a variety of readers throughout the show. Also showcasing the PLAI standard, PSIA’s presence at ISC West will include ELATEC along with several other vendors/manufacturers. A special PSIA event will be held from 5:30 to 7:30 p.m. on March 29 at the Venetian Ball Room B&C in Las Vegas. ISC West participants include PSIM manufacturer Advancis Software and Services, which acquired Cruatech software in 2012; and Idemia, specialising in identity-related security services including facial recognition and other biometrics. Integrated security systems Also involved are Johnson Controls (JCI), an integrated security systems provider that offers a range of security products and services; and Siemens, which offers its own range of security solutions and systems. Other participants include Last Lock, which has a unique spin on internet-enabled locks; while SAFR from Real Networks offers accurate, fast, unbiased face recognition and additional computer vision features, and Sentry Enterprises provides the SentryCard biometric platform for a privacy-centric, proof-of-identity solution. Finally, rfIDEAS manufactures credential readers.

The Physical Security Interoperability Alliance (PSIA) was founded in 2008 with a goal of creating ‘plug-and-play interoperability’ among physical security devices, systems and services. Since then, the organisation’s mission has both expanded to include logical security and focused more narrowly on identity, a critical aspect of security today. In recent years, PSIA has concentrated on its PLAI (Physical Logical Access Interoperability) specification, which provides a means to enable disparate physical access control systems (PACS) to communicate to each other and share employee identity data. This is especially important for companies who have made acquisitions and inherited different incompatible PACS systems. “PLAI can unify a security environment through one trusted source, even if there are multiple PACS systems,” says David Bunzel, Executive Director of the Physical Security Interoperability Alliance (PSIA). Bridge between disparate PACS The PLAI specification provides a bridge between disparate PACS, allowing a single trusted source for identity management. Leading PACS vendors including JCI (Software House), Lenel, and Kastle Systems and biometric vendors including Eyelock, Idemia, and Princeton Identity, have each implemented PLAI adapters, supporting this specification. AMAG will have their adapter in the coming months, and Honeywell and Siemens have it on their road maps. At ISC West last April, PSIA was able to demonstrate five of these vendors sharing records and the ability to add and terminate an employee and have it updated across each PACS and biometric system. PSIA was able to demonstrate five of these vendors sharing records at ISC West last April The Physical Security Interoperability Alliance (PSIA) has evolved from supporting physical security to also integrating logical security. Access to facilities and secure areas of buildings is increasingly dependent on software and hardware systems which can validate a person’s identity. “The PSIA has chosen to focus on interoperability between identity management systems and access control devices,” says Bunzel. “We have successfully demonstrated the technology, and it is now being specified by consultants, integrators and enterprise customers in actual security systems. We expect to see some large companies announcing PLAI implementations in the next quarter.” Open standards processes PSIA relies on an open standards process, with collaboration among leaders in the various parts of the security industry. Specifications are architected, discussed, drafted, and reviewed by members of the organisation in technical committees. The process is dynamic, with periodic updates added, which will improve and enhance the specifications as appropriate. The PSIA has focused on identity management for enterprise customers, says Bunzel. “We have active members who make devices that support access hardware (for example, locks and biometric systems) who by design complement PACS vendors and HR management systems.” PLAI also enables a variety of services for enterprise customers that may rely on a security credential" “We continue to add more PACS and biometrics vendors to the PLAI ecosystem, expanding the value of the specification in the market,” says Bunzel. “PLAI also enables a variety of services for enterprise customers that may rely on a security credential, including printing services, parking, and facility management. In the near future, the PSIA expects to extend PLAI into elevators. There are other identity management capabilities, and the PSIA will evaluate opportunities as the market demands them,” says Bunzel.   In addition to PLAI, PSIA has several ‘legacy’ specs, but they are not actively working on further iterations. PSIA could always consider new development on legacy specs if the market demanded it. Some legacy specs address video, and security cameras often work with access control systems. However, PSIA currently is leaving video to ONVIF. The near-term direction and plan for the PSIA is to focus on PLAI and its commercialisation.

Thousands of security professionals gathered Nov. 14-15 at the Javits Center in New York City to explore new products, solutions and technologies, network with security luminaries and obtain high-quality industry education. ISC East, sponsored by the Security Industry Association (SIA), is the Northeast’s largest security industry event; more than 7,000 security professionals attended or exhibited at this year’s conference. Following day 1 of ISC East, SIA gathered industry luminaries and experts for SIA Honors Night, an annual event featuring a cocktail reception, a gala dinner benefiting Mission 500, engaging entertainment and an awards ceremony recognising industry leaders. Sold-out event SIA Honors Night 2018 was a sold-out event held at the Current at Chelsea Piers. The awards presented at SIA Honors Night 2018 were: SIA Progress Award (presented by SIA’s Women in Security Forum) – Eddie Reynolds, president and CEO, iluminar Inc. Women in Biometrics Awards (co-founded by SIA and SecureIDNews and co-presented with sponsors FindBiometrics, IDEMIA and SIA’s Women in Security Forum) – Kelly Gallagher, senior account manager at NEC Corporation of America; Lisa MacDonald, director of the Identity Management Division in the Office of Biometric identity Management at the U.S. Department of Homeland Security; Colleen Manaher, executive director of U.S. Customs and Border Protection; Lora Sims, senior biometric examiner at Ideal Innovations, Inc.; and Anne Wang, director of biometric technology research and development at Gemalto Cogent SIA Insightful Practitioner Award – Guy M. Grace, Jr., chair of the Partner Alliance for Safer Schools Steering Committee and director of security and emergency planning for Littleton Public Schools in the Denver suburb of Littleton, Colorado Jay Hauhn Excellence in Partnerships Award – Larry Folsom, co-founder and president, I-View Now George R. Lippert Memorial Award – Pat Comunale, retired security industry veteran, former member of the SIA Board of Directors and former CEO and president for Tri-Ed Distribution, an Anixter company Standout keynotes SIA Honors Night also highlighted Mission 500, a charity that advocates for children and families living in extreme poverty in the United States Honors Night guests enjoyed keynote remarks from Bonnie St. John, a Paralympic ski medalist, Fortune 500 business consultant, Rhodes scholar, former White House official and best-selling author. St. John discussed her journey to become the first African-American ever to win medals in Winter Olympic competition despite having her right leg amputated at age five and shared her top lessons from mentors and her advice for cultivating resilience. SIA Honors Night also highlighted Mission 500, a charity that advocates for children and families living in extreme poverty in the United States; each year, SIA Honors Night raises funds for Mission 500. SIA presented 26 engaging education sessions through the SIA Education @ ISC East program, including two standout keynotes and four hands-on workshops. Hundreds of conference attendees participated in these sessions, with impressive speakers like Valerie Thomas, ethical hacker and executive consultant at Securicon; Pierre Bourgeix, president at ESI Convergent; Scott Swann, president and CEO of IDEMIA National Security Solutions; and Jumbi Edulbehram, regional president – Americas, Oncam. SIA sponsored Infosecurity North America’s Keynote Stage, the central hub of the event Confronting emerging threats Highlighted education sessions at this year’s conference included: Friend or Foe? Technology Disruption and the Physical Security Industry, a keynote address by Philip Halpin, senior vice president and head of global security at Brown Brothers Harriman, one of the country’s oldest and largest privately held financial firms 21st Century Best Practices: Reporting From the Front Lines on How Law Enforcement and the Security Industry Are Confronting Emerging Threats, a keynote address by James A. Gagliano, a retired FBI supervisory special agent, CNN law enforcement analyst and adjunct assistant professor at St. John’s University Cybersecurity professionals ISC East 2018 was co-located with two additional conferences – Infosecurity North America and Unmanned Security Expo Additional cutting-edge topics covered in the education sessions included the move to smart cities, convergence in the security industry and the use of artificial intelligence in video analytics. ISC East 2018 was co-located with two additional conferences – Infosecurity North America and Unmanned Security Expo. SIA sponsored Infosecurity North America’s Keynote Stage, the central hub of the event, which featured a presentation from world-famous hacker Kevin Mitnick, insights from Dave Hogue of the National Security Agency’s Cybersecurity Threat Operations Center, a discussion on the cyber skills shortage gap and ways to attract, develop and retain talented cybersecurity professionals and more. Handle sensitive data Additional events at ISC East 2018 included: A breakfast presented by ISC Security Events and SIA’s Women in Security Forum featuring a panel discussion celebrating women in security and supporting the participation and advancement of women in the industry Paid hands-on workshops providing cutting-edge information and valuable insights on the most current business trends, technologies and new developments in security Free exhibitor product training sessions sharing live, in-depth demonstrations A meeting with SIA’s Data Privacy Advisory Board, which provides information and best practices to help SIA members handle sensitive data in a safe and secure manner to protect the personally identifiable information of their employees, partners and customers from potential breaches