This implementation was done for a leading commercial bank, headquartered in Chennai, India, which has completed 100 years of operation.

OBJECTIVE OF THE ESTABLISHMENT

Secure CBS Login by enabling Biometric based 2nd factor authentication
Secure Windows Login to enhance security, using Biometric Authentication for Windows Active Directory

THE EXISTING SYSTEM USED BY THE BANK

No. of users: 7,000+ concurrent users
CBS  – Flexcube
CBS uses simple password for login into the application, where user shares the password for easy access, which in turn leads to human error and improper audit trails
Windows Active Directory was protected by Single Factor Authentication (Password)
Problems with the conventional ‘User ID & Password’ based security systems are:
Password/Identity theft was possible and exchange of password within colleagues was common
Password policy was required to ensure consistency and uniformity
Periodic password changes required to ensure data security

 

THE BANK’S REQUIREMENT

Enable 2nd factor fingerprint biometric in CBS
Windows Active Directory Synchronization
Password Policy Maintenance
Automatic, Periodic Password change
Biometric Integration with Windows Active Directory
Offline Biometric Verification for Windows Login

HOW PRECISION HELPED SOLVE THE ISSUE?

Precision Biometric proposed InnaIT – 2FA and BioWinAD to be integrated with the existing CBS and Windows Active Directory to provide the required Biometric based authentication

InnaIT – 2FA: The solution is designed to integrate Fingerprint Biometric with the existing application as an enhanced security layer. 2FA solution is a client server / browser-based environment.

2FA consists of the below mentioned three components:

Client Driver – The client-side driver needs to be installed. It contains the fingerprint capturing and extraction process.
InnaIT Server – InnaIT Server Component contains the fingerprint matcher, DB and Application Configuration Modules.
Hardware – Scanner will be connected to every PC/ Thin client via USB port

InnaIT – BioWinAD: The solution is designed to integrate the Biometric solution in a client server / Windows Active Directory based environment. BioWinAD solution consists of the below mentioned four components:

AD Client – AD client manages Client/Server communication and configuration of the server
Device Driver – The client-side driver contains the fingerprint capturing and extraction process
InnaIT Server – InnaIT Server contains Biometric Engine, Database, Configuration and Synchronization Modules
Password Manager – Password Manager manages the password of Active Directory users and changes the password automatically as per the Active Directory Password Policy and converts the AD password into random string for enhancing security.

HOW DID IT BENEFIT THE ORGANISATION?

This integration by Precision helped the bank enhance security with Biometric Authentication, which preserves the confidentiality of sensitive data. It can also capture User Access Logs for Audit & Compliance.