Security with bite: 15 technologies tested

Summary:In this special review, we round up the various authentication devices on the market. From fingerprint scanners, to single sign-on software and biometric technology -- we have the authentication market covered.


Contents
Introduction
Authentication vs authorisation
Passwords and token devices
Single sign-on
Smartcards/Proximity Cards
Smartcards (cont.)
Biometrics
Biometrics (cont.)
Digital Certificates/Signatures
Notebook with fingerprint scanner
Vendors
About RMIT

Server side computing definitely has its benefits. HP submitted its NC6220 notebook for this roundup as it incorporates a smartcard reader. The reader is placed between the secure digital (SD) memory card reader and the PCMCIA card slot on the left-hand side of the notebook. A fingerprint reader would also have been a nice inclusion, but every little step in the right direction helps.

There are a few companies around who make smartcard authentication, access control technologies their livelihood some have also branched out into other similar technology areas to complement their smartcard range. Three of the larger vendors are LM Gemplus, Giesecke & Devrient, and Keycorp -- all three submitted cards, software, and readers for this review.

LM Gemplus sent us its GemSafe cards and a USB reader (which is also available as a serial interface device) along with its GemSafe software v4.2.0. After taking some time to install -- no wonder seeing as the Gemplus smartcard reader tools takes up 119MB and the GemSafe Libraries and further 116MB -- the application software the system was rebooted. The GemSafe Toolbox is a very impressive tool with quite a lot of functionality and an up-to-date look and feel.

There is also another utility called SmartDiag, which further assists administrators. Overall GemSafe is a very neat and refined smartcard system.

Giesecke & Devrient was kind enough to send us one of its pre-sales engineers to go through some of its products with us. We had a brief look at several products relating to smartcards and authentication, among these were the TODOS system which is a token-type device with a smartcard slot built into it that enables card information to be read onto the small integrated LCD screen -- there are many varying applications for this from financial transactions to password supply.

There was also USB and PCMCIA smartcard reader/writers and associated applications (Safesign) as well as a USB plug device (similar to a very small USB memory key) which has a smartcard chip embedded into it. This is ideal for secure software/system locking as well as very portable authentication and portable configuration settings for applications such as remote office VPN connections and authentication and so on. Included with SafeSign there is a neat token management utility which lets the administrators see at a glance what is on each card.

Keycorp's system was very neat. The application software included was called SCB single sign-on and SCB Secure Logon, and the names are self explanatory.

Installation and configuration was a breeze. We setup a card and had a brief look at the single sign-on component. A SSO wizard is provided which allows the user to record logins for either Windows type or HTML forms.

Recording is a little more complex, however, than some other SSO technologies we have seen but it is certainly not hard by any stretch of the imagination.

An example of the added functionality and versatility of smartcards is their ability to be incorporated with other card technologies such as magnetic swipe for use as physical access devices or even bank cards, they can also be printed with photos and other identification information.



Vendor BQT
Web www.bqtsolutions.com
Phone 02 8817 2800
Technology Biometric fingerprint scanner and smart cards
Model mib-BT913U
Price N/A
 
Interoperability
Support for Windows NT, 2000 and XP. The fingerprint is stored on a card which the user must also have for the authentication process.
Futureproofing
Very secure, multiple factor authentication system.
ROI
N/A


Service
N/A


Rating
½


Vendor Giesecke & Devrient
Web www.gdaus.com.au
Phone 03 9765 1200
Technology Smart cards and associated devices

Model N/A
Price N/A
 
Interoperability
½
G&D have a range of tailorable solutions that revolve around smart card
technologies.
Futureproofing
½
Due to the varying applications that G&D’s product range can be used for the future can be well planned.
ROI  
Around AU$150 per seat is average and a worthwhile investment in security. Particularly considering smart cards can also be printed on and used as staff ID.
Service  
12-months warranty, 2-days on-site support, 3-months telephone support.
Rating

Topics: Security, Hardware, Health, Software

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.