Swipe ID

Ultimate security at your fingertips

Our lives are becoming fully digital.

Which brings tremendous opportunities.

But also tremendous risks…

Risks related to your (online) security

identity fraud, profiling and privacy.

Swipe ID eliminates these risks.

ahora-swipe-id

Swipe ID is the safest, most intuitive and most versatile personal identification device.ahora-swipe-id

ahora-swipe-idThe alternative for traditional access protocols. Authenticating persons, not identities.

 

 

Overview

 

Swipe ID is a small (pocket size) personal device suitable for all your identification, authentication and authorisation needs. It is the safest, most intuitive and versatile identification device available. One device that can communicate with your smartphone, computer and any real world place fitted with our custom made receiver.

Transfer money, access websites, open the door of your property or access the VIP area of your favourite club: the versatility of your Swipe ID offers you an all-in-one access solution and it provides you with the ultimate level in online and offline access security.

 

Read more...

Swipe ID offers accurate and convenient identification possibilities. Just a simple finger swipe is enough to be identified and gain access for many kinds of online use (website, cloud storage, online payments, etc.). It also provides secure access to many real world places (member clubs, gyms, entering your home or car, etc.).

In addition, Swipe ID gives you individual control over your identity; images of your fingerprint are not stored. Moreover, no personal data is stored in our database, the Central Matching Base. And finally: one-time only enrolment is valid for all online and offline access applications and purposes. This eliminates the need for your biometric data to be stored at several different places, which may increase the chance that your (stored) biometric data will be stolen and misused.

Swipe ID is a personal device; no one else can use it, except the person who originally registered it. Each user has a personal Swipe ID attached to their user account, based on the serial number of the device.

We currently offer 2 models of Swipe ID version 1: a wireless model and a USB model. The USB model connects to your computer and will be used for online purposes, for example to perform an online payment or access your cloud storage. The wireless model can also be used offline and works with bluetooth. It does not need a connection to your computer for certain specific applications like opening the door of your car or accessing your soccer stadium.

We are currently working on Swipe ID version 2: this version consists of a cover for your mobile phone. It will offer higher convenience since it eliminates the need for a separate device to carry along, as is the case with Swipe ID version 1. The separate cover incorporates our technology and the finger sensor and is attached to your mobile phone, whilst it keeps independency from your phone’s technology. This setup eliminates the possibility of hacking your Swipe ID through your mobile phone’s technology, so it maintains maximum security.

Facts & Figures

Access protocols:

Time to change

When a credit card is inserted into an ATM, the person is not identified and thus the money gets collected anonymously.

When a password and username are entered for any kind of online or physical access, the person is not identified and thus access is granted to an anonymous person.

These examples show that common access systems only identify ID’s like passwords, usernames, keys, swipe cards and regular biometric ID’s. Individuals are not identified. This fact is the main cause of all identity fraud, a problem becoming bigger every day.

Read more...

The basic operating tools of IT systems that are integrated in all types of access control systems are passwords, user names and access codes or passes. IT systems can always be compromised when the current access protocols using these tools are maintained. This applies to online and offline access protocols. Therefore, access protocols need to change in such a way that persons will be identified, not ID’s that can lead to impersonation.

Swipe ID is about to change the protocols of access control disruptively. From now on real people can be identified instead of ID’s. We protect users against ID fraud, with the safest, most intuitive and most versatile identification system to date.

Identity theft & identity fraud

According to the United States Department of Justice, identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.

Identity theft refers to the preparatory stage of acquiring and collecting someone else’s personal information for criminal purposes. Identity fraud is the actual deceptive use of the identity information of another person (living or dead) in connection with various frauds.

Read more...

Consider the following figures:

  • A 2015 research found that 12.7 million people were victims of identity fraud in the US alone: 1 victim every 2 seconds. $16 billion was stolen from consumers.
  • The most common form of reported identity theft and fraud  in 2014 was government documents/benefits fraud (39 %), loan fraud (24 %), credit card fraud (17 %), phone/utilities fraud (13 %), and bank fraud (8 %).
  • Direct and indirect losses in the US from identity theft in 2012 totalled $24.7 billion.

In addition (but related) to ID theft and fraud, there are growing concerns over and problems caused by shrinking privacy in a data-driven economy where companies collect information derived from a number of resources to build comprehensive profiles on individuals in order to sell products and to sell dossiers on behaviour.

Security in online banking & mobile payments

This section explains the most important aspects of current and upcoming financial regulations and guidelines that are related to Swipe ID and electronic transactions*.

In recent years, the security risks related to electronic payments have increased, which is due to the greater technical complexity of electronic payments, the continuously growing volumes of electronic payments worldwide, the emerging types of payment services and the rising use of payments done through mobile devices.

Read more...

As safe and secure payment services constitute a vital condition for a well-functioning payment services market, users of payment services should be adequately protected against such risks. Swipe ID accomplishes this, since it aligns with the Second Payment Services Directive (PSD2) that has been created for this purpose.

PSD2 is a fundamental piece of payments-related legislation in Europe, which entered into force in January 2016. PSD2 is the product of a review of the original Payment Services Directive and requires payment service providers (PSPs) to make a significant number of changes to existing operations. PSD2 will set out a common legal framework for businesses and consumers when making and receiving payments within the European Economic Area (EEA).

PSD2 must be transposed into national law by Member States by 13 January 2018, which means that the majority of the legal provisions will apply from that date. However, PSD2 empowers the European Banking Authority (EBA) to develop a number of guidelines and technical standards, including a mandate to deliver regulatory technical standards (RTS) on strong customer authentication and secure communication, implementation of which will run to a different timetable. In short, this means that the RTS will apply at the earliest from September 2018 but the deadline could extend into 2019 depending upon how long it takes to finalize and publish the RTS.

PSD2 also originates from the high level of fear and distrust with consumers especially regarding embedded banking applications currently used on mobile devices. This is fuelled by the fact that hacking mobile telephones is gaining popularity, and thus also hacking and unauthorized entering of (banking) applications used with the phone.

Furthermore, research shows that European consumers are ready to use biometrics for securing payments, likely caused by the increased popularity of hacking mobile phones: 2/3 of consumers want to use biometrics for payments. Fingerprint recognition has proven to be the most popular and the most secure form of biometrics.

Due to the developments and upcoming legislation described above, and in order to be able to offer the most secure and most convenient solution possible, the second version of Swipe ID will be a mobile phone cover that incorporates our technology. This aligns perfectly with the Regulatory Requirements for (mobile) Internet payment and covers even more than the elements mentioned by the EBA as regards to the proposed Regulatory technical Standards on strong customer authentication and secure communication. According to the EBA, strong customer authentication is the most efficient measure to fight against (identity) fraud. Although not a firm requirement imposed by the EBA, according to us, (mobile) Internet transactions can however only offer the strongest form of customer authentication when a separate hardware device is complemented with a biometric characteristic. That is why the second version of Swipe ID will continue to be a separate hardware device.

The second version of Swipe ID will however be more convenient since it eliminates the need for a separate device to carry along – as is the case with Swipe ID version 1 – since the separate cover is attached to one’s mobile phone, whilst keeping independency from the phone’s technology/software. This setup maintains maximum security: due to the technological independency from the attached Smartphone and our “known hardware” philosophy (see section “Central Matching Base”), hacking of Swipe ID phone covers and/or performing unauthorised transactions with our technology through the phone, becomes impossible. Swipe ID’s phone cover thus provides the highest possible form of (future proof) access security and combines this with utmost convenience. The applications and scalability for Swipe ID Smartphone covers are massive, keeping in mind that for 2017 the number of mobile phone users is forecasted to reach almost 5 billion.

However, we don’t impose the setup of having a separate device (whether being version 1 or 2 of Swipe ID) on all our partners. For example our bank partners also have the possibility to use third party identifiers (like a mobile phone) to connect to our platform (thus not using Swipe ID hardware devices). This enables our bank partners to have one single platform for all types of clients and offer all these clients a high level of usability but offer the device itself only to certain clients (see also section “Why yet another device?”). For clients that have a small amount of credit, movements and transactions on their account, our technology can be integrated in the third party device. In this way it offers a market-conform level of security whilst also offering a high level of usability. And for clients that have a more substantial amount of credit, movements and transactions on their account, a separate Swipe ID device can be provided for the utmost level of security.

* Part of the information in this section is sourced from www.paymentsuk.org.uk and www.eur-lex.europa.eu.

Biometrics & common access systems

Biometrics refers to metrics related to human characteristics. Biometric identifiers are the distinctive, measurable characteristics used to label and describe individuals. Biometric identifiers are often categorized as physiological versus behavioural characteristics. Physiological characteristics are related to the shape of the body, for example a fingerprint. An example of a behavioural characteristic is a person’s voice.

Biometrics being employed to identify persons is now the next hype. All sorts of clever combinations of different biometric ideas are now in fashion. Whilst many technology firms are now investing large sums of money in alternative biometrics, none of them addresses the possibility/danger that a Biometric ID can also be impersonated.

Read more...

When your Biometric ID is copied or stolen, we have a much worse situation than in case of theft of a “regular” ID. This is because the theft of your Biometric ID will victimize you for the rest of your life because we cannot replace a finger, face, voice or eye when your Biometric ID is stolen. Contrary to Swipe ID (we do not store fingerprints) most biometric access control databases do store Biometric ID’s, thereby putting you at risk.

Furthermore, the ongoing increase in tracking, tracing and profiling consumers for commercial purposes is neither stopped by common Biometric systems. Many companies collect your personal information with a view toward compiling a complete 360-degree picture of your life. Google is one of the biggest companies collecting many different bits of information to profile us. However, the privacy concerns surrounding it are becoming bigger and bigger and they need to be addressed.

Both problems described above are solved by the Swipe ID: with your personal Swipe ID your identity is protected and identify fraud becomes impossible since we do not store your fingerprint. Furthermore, we do not profile you, thereby giving you back full control of your privacy.

Why yet another device?

 

Several new biometric authentication technologies and devices have become available over the past few years in many different forms. This raises the question why we felt the need to create yet another separate device, with yet another new (database) technology.

Furthermore, it raises the question why our technology could not be integrated in other technologies and thus why it needs to be an independent (separate) device. In other words, what makes Swipe ID and the technology involved so different and better than anything else on the market, what justifies the creation of yet another separate device?

Although a new, separate device might not seem convenient (to carry around) and thus might seem illogical at first sight, we wanted to develop a completely new ecosystem altogether. The reason for this, is that we want to offer a solution that fulfils all of the following requirements.

Click here to learn more

  1. The most secure and best protected way for online and offline access, protecting one’s personal data and avoiding unauthorized access;
  2. The most trustworthy way for online and offline access, circumventing the limitations of False Acceptance Rates (FAR);
  3. The fastest response time (matching < 1 second) when dealing with a high volume database (i.e. billions of fingerprint templates);
  4. The most versatile device that can be used for many different applications and services, online and offline;
  5. Easy integration from a software perspective, stimulating collaboration with many businesses, sectors and markets;
  6. The highest scalability provided by the natural result of requirements 4 and 5.

Since the combination of a platform with an integrated device that offers all of these characteristics does currently not exist in the market, our company Primary-Net has worked towards a solution offering the combination of the benefits described above, the result being Swipe ID (device) and Biocryptology (technology). This combination of benefits cannot be obtained by incorporating (part of) our technology or device in other systems or in collaboration with existing devices. Therefore a separate technology and device needed to be developed. These above-mentioned characteristics will be explained below

 

1) The most secure way for online and offline access

Swipe ID and Biocryptology offer the most secure way of authentication, due to several reasons.

First of all, it is based on a closed end-to-end system where only “known hardware” communicates with other “known hardware”: unknown elements can’t access our data or devices. If unknown elements try to enter our database or the authentication/ communication process (which is very unlikely to happen), it is impossible to perform a matching. Swipe ID can be registered to 1-person-only, based on its serial number.

This means that on the user’s side two elements need to be present at the start of the matching process in order for it to work: a (living) finger and the corresponding device (= known hardware), that has been previously registered to the user that swipes his/her finger. Since it is a personal device no one else can use it (and it is no problem when it gets lost or stolen). The concept of allowing only communication between “known hardware” is the only way to make sure that hackers/criminals won’t be able to get unauthorized access, since our system does not allow unauthorized/unknown hardware to submit a request for access.

This also means that technologies not working through this method (i.e. all other currently available biometric access control technologies) cannot be as secure as Primary-Net’s technology. Working with other (external) technologies and/or devices not known to the system makes the matching process a priori less secure and puts database protection at risk since it opens the door for hackers and unauthorized matching. Primary-Net believes that this should be stopped at the “front door” and attains this by not allowing unknown sources (that could have a bad intention) to connect to our system in the first place.

Secondly, our technology and Swipe ID work with 1 central database; no third party databases are involved in the matching process. Additionally, if the client wishes, there is the possibility of a distributed database to be installed at one or more different client locations that optionally connect to our central database. The main benefit of working with one central database for all possible applications is that it avoids the need for a person to register one’s personal data in various databases and/or with various parties. This is however still a common situation nowadays: people leave their fingerprint details with airport security, the hospital, their local gym and their employer’s office (to name just a few). In many cases this even concerns full fingerprint details (Please note: Primary-Net does not store full fingerprint details, just templates, see further on).

Registering one’s data in various databases increases the risk for identity fraud and according to Primary-Net this should be avoided and thus explains the creation of a central database, the Central Matching Base. We have designed the Central Matching Base, our technology and Swipe ID in such a way that it can work with all kinds of parties that want to collaborate with us (based on low cost and easy implementation). The bottom line is that there is only one central place where one’s details (i.e. templates, not fingerprints) are registered. Swipe ID users don’t need to leave their details elsewhere anymore.

Thirdly, the device itself offers a Life Detection Sensor, a 3-D Radio Frequency fingerprint scanner, electronic tamper protection, time stamping and hashing. A high-level encryption algorithm makes sure that the communication between the database and the device is highly secure. Although these features by themselves are not unique, they are of the highest possible level and thus add value to the security of Swipe ID and our technology.

Fourthly, no fingerprints are stored (neither in the device, nor anywhere else in our system). Just templates are stored, these are simplified and vectorized representations of a fingerprint, not containing information of interest to criminals/hackers. Many common biometric systems do however store full fingerprint details, which make these systems highly vulnerable in case of database theft, since the registered persons are victimized for the rest of their lives because fingerprints cannot be replaced like a username or password.

2) The most trustworthy way for online and offline access

Swipe ID circumvents the limitations of the False Acceptance Rate (FAR), the typical downside of matching systems. This makes our system highly reliable. The FAR, is the measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user. A system’s FAR typically is stated as the ratio of the number of false acceptances divided by the number of identification attempts. Since Swipe ID is a personal authentication device with maximum 6 fingerprint templates registered to the serial number of the device, a “false acceptance” is almost impossible. This is because it is highly unlikely that a criminal’s fingerprint will look similar to one of the (maximum) 6 fingerprints of the person that originally has been registered to the device.

The FAR is however an issue in case several thousands (or more) persons have registered to the same biometric device (which occurs with common biometric access systems) since in that case the chance that the criminal’s fingerprint looks similar to one of the other thousands of fingerprints is higher and thus also the chance for gaining unauthorized access (=FAR) is higher. Commonly employed biometric access systems allow more than one individual to register to the device and to use the system (in many cases thousands or even tens of thousands of users are registered to the same device). Swipe ID is a personal device that works with only one registered user and his/her corresponding fingerprint templates, making a FAR almost non-existent.

The only way that Swipe ID could have a FAR comparable with common biometric systems is in the event that tens of thousands of criminals will swipe their living finger (no copies) on 1 specific, stolen personal Swipe ID, a situation that is obviously highly unlikely to occur (apart from the fact that a stolen Swipe ID will already have been reported as stolen and thus will have been excluded from the system anyhow).

3) The fastest response time with a high volume database

None of the currently available Biometric systems work with a personal device where the serial number (or any other unique identifier of the device) plays a key role in the matching process. In the case of Swipe ID the personal device guarantees that (when applying for access) the Central Matching Base has to compare the template that it receives only with a maximum of 6 templates as registered to the corresponding Swipe ID’s serial number. This type of matching is called “One to Few” and offers the big advantage that it can perform matching < 1 second when dealing with a high volume of database entries (i.e. billions of fingerprint templates). In the case of any other biometric access system currently on the market, such a fast response time cannot be reached due to the fact that it needs to search the entire database (with maybe hundreds of millions of fingerprint data) that could result in a response time of many seconds, something that would (commercially) not be acceptable.

4) The most versatile biometric access device

Swipe ID does not have just one use, like most of the currently available biometric access control devices. Swipe ID is the most versatile identification device available, just one device that serves for all online access and offline access, replacing all access codes, passwords, login names, car fobs, passports, boarding passes, credit cards, etc.

It is suitable for many different applications, from online banking and e-Commerce to Time & Attendance and secure access to real world places, like member clubs, stadiums, gyms, properties, vehicles, etc.

5) Easy integration

Throughout our secured API and pre-developed modules, any company can easily integrate an existing system with our user identification, authentication and authorization module in any website or identity server (LDAP, Active Directory, etc.). For the physical perspective we employ/install our “N3 device” that provides the connection with the Swipe ID in order to give physical access.

6) The highest scalability

Since Swipe ID can be used for many different purposes, combined with the fact that our technology can be easily integrated, the business model is also highly scalable, which is very beneficial from a commercial point of view. Other Biometric access control systems currently on the market are not capable of scaling to the level that Swipe ID can. Swipe ID is therefore the only system that is capable of becoming the worldwide standard for secure access control.

How & Where

 

How Swipe ID works

Swipe ID is a personal device that can be registered to one person only. When you want to gain access to any offline or online location, you just swipe your finger over your personal Swipe ID. The incorporated spoof-proof radiofrequency sensor with Life Detection then captures an image of your fingerprint.

Your fingerprint is then transformed into a template. The template is a vectorized representation of the most important characteristics of your fingerprint. An image of your fingerprint is not stored; the template is just a small piece of information (2,2Kb) of the whole finger data. This data is not of interest to anybody trying to commit identity fraud with your fingerprint.

Read more...

Before sending the template to the user database, it is digitally signed, time stamped and hashed for additional security. The user database then checks which person is registered to the serial number that it receives and whether the serial number involved has no cases of loss or theft registered. If that is all OK, then the user database communicates with the Central Matching Base which person is involved, which enables the Central Matching Base to determine which (maximum 6) templates are eligible for matching. The Central Matching Base then compares the received fingerprint template(s) with the stored templates that were registered to the user when he/she enrolled. If there is a match between the received template and one of the previously registered templates that correspond with this person (and thus corresponds with the Swipe ID serial number), only then access will be granted. The matching process allows you (after positive authentication) to perform a secure action, for example to make an online payment, access a certain website or open a door.

Matching can also be done locally (i.e. not through our Central Matching Base). For example, the door of your home or car could be opened with your Swipe ID when our small receiver has been installed inside your property or vehicle. In that case the receiver performs the task that would otherwise be performed by the Central Matching Base.

Signup and login

After you have requested a Swipe ID online or through one of our partners (available Q2 2017) and you have received the device by mail or collected it from one of the pickup points, the process to signup is as follows:

  • The first step is to download the app from our website. By clicking “Download Swipe app” you will be guided through the installation process.
  • After the app has been installed, the following message appears:

Please connect your Swipe ID”.

Read more...

• In case of enrolling through the Swipe ID USB version, the system will ask:

“Please place your index finger on the Swipe ID finger scanner”.

Subsequently, the message appears:

“Now place the index finger of your other hand on the Swipe ID finger scanner”.

• In case of enrolling through the Swipe ID wireless version, the system will ask:

“Please place your thumb on the Swipe ID finger scanner”.

Subsequently, the message appears:

“Now place the thumb of your other hand on the Swipe ID finger scanner”.

• When signing up, you will enroll a minimum of 2 fingers. After registering your 2 fingers, you decide which other finger(s) will be registered, if any.

When you want to login and gain online or offline access, the only thing you have to do is swipe your finger(s) over your Swipe ID. The enrolment that you have done at the start is valid for all access applications. So no further processes or actions are required if you want to gain access.

Identification Levels

Depending on the type of use of your personal Swipe ID, various identification levels can be assigned.

Level 0 – Starting level of identification
All users start with identification level 0, allowing anonymous enrolment. This means that you can enrol with any chosen personal details. This level is a Do-It-Yourself online enrolment for personal use, as described above.

This type of enrolment is suitable for situations without a verified authentication procedure, for example to access Facebook or your email account or to disarm your property alarm system or open your car door.

Read more...

Level 1 – Basic level of identification

If you want to raise the identification level, somebody else must verify your personal information. This can be done using our MP terminal installed at the organization/company wishing to use this service (the MP terminal is a multifunctional/enrolment device developed by us). An example of where it could be suitable to have identification level 1 is a discotheque that wants to verify visitors, ensuring they are over 18 years old. When entering the discotheque, just by swiping one’s finger the user gets access to the premises (obviously the user first needs to enrol with the discotheque where the MP terminal is installed and prove he is over 18 years old).

Level 2 – High level of identification

In this case a more profound identity check takes place at the premises of the company/organization involved, for example your employer or your bank. For professional use this will include additional information as regards to your identity and work related permissions (to access certain restricted areas for example). In this case enrolment takes place at your employer’s premises. For banking use, the additional information will also include bank and/or payment information. For banking purposes your enrolment will take place with your local bank.

Level 3 – Ultimate level of identification

This level is used when you wish to replace any and all other methods of identification. This level is suitable for governmental and police enforcement purposes, when all your information is verified by the local police station and/or by any other governmental institution. This type of enrolment replaces any kind of official identification. This means that (for example) your passport or governmental ID card will be replaced by your personal Swipe ID.

All identification levels above 0 (thus level 1, 2 and 3) lock down the verified user information: You can’t modify it without loosing the level. If you change your information, you will loose the identification level assigned and you will automatically drop back to level 0. If you want to recover the (higher) identification level, you need to be validated again (if you want to unsubscribe, you can always delete your account).

Where to use Swipe ID

Your Swipe ID can be used for many different purposes. It is faster and more convenient than the process of entering a password, username and/or security code. But most important of all: it is highly secure.

Since many different functions can be performed for various purposes online and offline, your Swipe ID eliminates the need for registering your personal details (like your fingerprints) with various parties in different databases and/or on various devices, which increases the risk for identity theft and identity fraud.

Just one device is needed for all different purposes. And since you only need to enrol once for all possible purposes, it doesn’t just make Swipe ID the most secure device available, but also makes the entire process very convenient.

Some of the most important uses of Swipe ID are mentioned below.

Read more...

Bank payments & online transactions

With your personal Swipe ID you can make any kind of transaction online and perform payments from your bank account, provided that your bank collaborates with us. Furthermore, purchasing goods and services online has never been so secure and convenient; your Swipe ID offers the ideal solution for all your e-Commerce transactions.

Furthermore, Swipe ID fits in perfectly with the regulatory requirements for Internet payment security set by the European Banking Authority (EBA) and it also covers the elements mentioned by the EBA as regards to the proposed Regulatory Technical Standards on strong customer authentication and secure communication (for further details see section “Security in online banking & mobile payments”).

Computer files, cloud storage and websites

Employers and private users alike can also use Swipe ID to secure access to certain computer files, cloud storage and other online access applications. Or maybe you don’t want your partner to be able to enter certain websites on your behalf.

Residential security

Swipe ID can also be used for opening the door of one’s property. Biometric door locks excel in security protection, convenience and speed. In addition, Swipe ID can also be used for arming/disarming a property alarm system.

Vehicles

Not just for static property like a home but also for moving property like yachts and vehicles, Swipe ID offers a highly secure and convenient access solution. Many car manufacturers are already incorporating this state-of-the-art technology in their latest models.

Real world places

Swipe ID offers the possibility to all kinds of real world places to incorporate our disruptive access technology. Some examples where Swipe ID could be used for convenient and secure access are discotheques, member clubs, gyms, football stadiums and big events.

Other uses

In addition to the above-mentioned uses, Swipe ID can also be used in other sectors like border control (immigration services, airports), law enforcement situations, medical environments and Time & Attendance.

Technology

Biocryptology

Swipe ID is based on Biocryptology®, a disruptive biometric-based authentication technology. The term emphasizes the relevance of encryption to make biometrics based identity verification and electronic transactions private and secure.

It consists of unique biometric identification and anti-tampering mechanisms combined with a high quality encryption algorithm. The sum total of which provides extremely robust security, addressing some major challenges facing current access protocols today.

Read more...

Biocryptology is based on the principle that biometric information is encrypted. The biometric information consists of a fingerprint scan that is captured by the tamper-protected biometric device, the Swipe ID. This biometric information is then transformed into a vectorized representation of the user’s fingerprint. This vectorized representation is called a template.

For authentication, a biometric verification or identification takes place, whichever applies (verification answers the question “Is this person who he says he is?” whereas identification answers the question “who is this person”?).

Biocryptology uses several algorithms, among others symmetric encryption keys, which offer the highest form of security (keys are pieces of information that determine the functional output of the algorithm). These encryption keys use a large key space (256 bits) and are not stored in the software so they don’t travel through the system, nor can any administrator or privileged user gain access to them.

Instead they are stored in a Hardware Security Module (HSM device) in a safe, fixed place being separated from the Central Matching Base (our database). This ensures maximum protection of the keys against theft and any type of external reading. The keys can only be used internally by the Swipe ID and our platform.

Central matching base

Biocryptology authenticates (matches) a user in a central place (the Central Matching Base) or in the N3 receiver (in case of offline use, for example for opening your car door).

The Biocryptology platform consists of a closed system with only “known hardware” being able to communicate with other “known hardware”: It’s of course much easier to protect data when stored in a closed system with devices that must be known by the platform instead of having data stored inside many different (third party) devices that are not known by the system, as is the case in many common biometric access systems.

Read more...

A great contribution to the high level of security in our systems is provided by the fact that our entire platform with all connected devices is a complete end-to-end authentication solution developed in-house. Only Swipe ID can communicate with our own Biocryptology platform.

Since the involvement of third parties usually increases the risk of compromising security and privacy of the users, we have decided not to depend on third parties to deliver a complete authentication platform. Hardware, firmware, software, server communications, etc.: everything is developed by our own company, which guarantees the highest security standards, highest convenience for use and integration and the lowest costs.

Most of the common biometric access systems do not provide full transparency about where and how they store data and neither what they store exactly. Do they store full fingerprint details or just a template? And: how is that database protected?

Users that register their biometric details with various parties or a party that does not provide the highest level of security, find themselves in a risky position, due to the fact that their fingerprint details could be stolen. When a Biometric ID (like a fingerprint) is stolen, we have a much worse situation than in case of theft of a “regular” ID. This is because the theft of a Biometric ID will victimize the person for the rest of his life because we cannot replace a finger, face, voice or eye when a Biometric ID is stolen. 

The combination of the Swipe ID, the Central Matching Base and the “Known Hardware” feature eliminates the need for a person’s biometric data to be left at many different places, which would increase the possibility that the (stored) biometric data will be stolen and misused. Even if a hacker would be able to enter our highly protected Central Matching Base or N3 receiver, he will not find any information that could be used to commit identity fraud since only fingerprint templates are stored.

Security features

Swipe ID and our platform offer the highest form of security in hardware, software, firmware, protocols, database management & protection and physical security of our premises.

Swipe ID security features:

  1. 3-D Radio Frequency sensor

In our aim to make the Swipe ID spoof-proof, we have studied many different models of fingerprint readers. From all these models we selected the one that is the most convenient and that offers the highest quality. Our 3-D Radio Frequency sensor captures a 3D image of the fingerprint instead of a 2D picture, which provides additional information to the matching system and avoids spoofing with basic tactics.

Read more...

2. Life Detection Mechanism

Every Swipe ID incorporates a Life Detection Mechanism. This obligates the user to swipe a (living) finger by the sensor. This is another unique feature in our attempt to make the device spoof-proof.

3. Anti-tampering mechanisms

Swipe ID also offers an Active Electronic Tamper Protection (which is the highest form of tamper protection), making the Swipe ID resistant to hardware attacks.

Platform security features:

  1. Data Protection

Data is protected behind several layers in our platform:

Firewall: evaluates every connection to the system and detects whether an intruder got access to the system, or if the system has been attacked or abused.

Secure API: every system that is able to access our platform needs a special key to be allowed. Keys are renewed from time to time to avoid any security compromise.

Backend: verifies every transaction and keeps out any inconsistencies. In case someone is trying to access the system in a way that is not allowed, the system detects it and blocks the connection.

Database: our database is secured with encryption and blocked access embedded in the infrastructure; only our backend is able to communicate with it. Additionally, all data is protected for editing, so if any external source gains access and changes something, we will detect the change and put the register under quarantine.

Private networks: all above-mentioned layers are separated in different levels of private networks, so there is no direct access from one layer to the other layer. Only our own apps can cross those barriers.

Code signature: all applications are digitally signed, and every time that a server (re)starts or a new server joins the system, those signatures are verified, so any modification in our applications can be detected immediately and put under quarantine.

  1. Periodic system/database integrity checks

Biocryptology applies periodic system/database integrity checks, which means that an automatic system verifies internal signatures in the software and database that nothing has been modified in the core system. This allows a system administrator to check if an unauthorized person accessed the system and/or made changes to the system.

  1. Controlled and secured access

Biocryptology has a controlled and secured access to system administration. Only through our own Swipe ID, a system administrator can log in to the system. Every operation done by the system administrators is monitored and saved for future audit. Revocable access exists at any time. This is a far better and more secure way than accessing the servers with a username and password.

  1. No vital information stored

The Central Matching Base only stores your fingerprint template. This information cannot be used for impersonation as regards to identity fraud. So even when a hacker would be able to access this database, he wouldn’t find any data that would enable him to commit identity fraud.

General security features:

  1. Random Key Generation

Keys are used to encrypt/decrypt information. Biocryptology secures the biometric data and the communications between the Swipe ID and our platform by Random Key Generation. Random keys make it more difficult for an attacker to unravel the information.

  1. Digital Signatures

Biocryptology also secures the biometric data and the communications between the Swipe ID and the Central Matching Base (or N3 Receiver) by digital signatures. Every message between the Swipe ID and the server is signed digitally, which means that only our own developed devices are able to communicate with our matching server. In case of offline use, digital signatures are applied to the communications between the Swipe ID and the N3 receiver (that is installed inside the property, car, etc.).

  1. Time Stamping & Hashing

Finally, Biocryptology secures the biometric data and the communications between the Swipe ID and our platform by time stamping mechanisms combined with hashing (hashing is a function used to map data of arbitrary size to data of fixed size). Each message is time stamped using our platform’s certified time reference and then is hashed with a 256bits digest algorithm. This means that if there is a time delay between the Swipe ID and our platform, if the hash code is being changed, or if there is a “replay back attack”, the platform or the Swipe ID will refuse the message and will request a new message from the device or server. This means that a hacker (“man in the middle”) can’t intercept data during communications without being detected. In case of offline use (with the mobile Swipe ID), the time stamping task is performed by the internal certified time reference inside the Swipe ID itself, communicating with the N3 receiver.

Browsers and operating systems

The Swipe ID is compatible with the following browsers:

  • Windows: Internet Explorer 11, Microsoft Edge, Mozilla Firefox (from V.47) and Google Chrome (from V.45).
  • Mac OSX: Safari (from V.9), Mozilla Firefox (from V.47), Google Chrome (from V.45).

Furthermore, the system is compatibility with the following Operating Systems:

  • Windows: 7, 8 and 10 (32 bits and 64 bits).
  • Mac OSX: 10, 11 and 12 (Yosemite, El Capitan, Sierra).
  • Linux: Ubuntu and Debian.

The platform and the Swipe ID work on tablets, laptops, desktop computers and mobile devices.

About Us

Swipe ID is developed by Primary-Net, a privately owned authentication technology firm. The company develops biometric and authentication management technology, specifically designed to address the growing global problems facing security, privacy and identity theft and fraud. This technology makes it easier and safer to gain access to and deal with the growing number of security measures required to protect identities nowadays.

Primary-Net was founded by a visionary engineer. After having earned his spurs in the oil industry with the invention of unique technologies and products and the registration of over 250 patents, he accomplished something that was widely believed to be impossible: the construction of a private, members-only race resort inside a nature reserve near world-famous Marbella (Spain): the Ascari race resort.

Read more...

ascari-pytIn search of a new, sophisticated access system for this exclusive resort in 2011, the founder of Primary-Net realised that there were no systems available that fulfilled his wishes. It needed to offer his members secure entry and access and guarantee utmost privacy. Furthermore, the system needed to be free from using keys or passwords and should be able to give access by just using one’s finger. Lacking the commercial availability of a highly secure biometric access control system, he started developing his own. The result was an innovative and very secure biometric access system for the resort that is still in use today.

Building on this accomplishment, he started his next big dream of creating the ultimate biometric solution for online identification, authorisation and authentication. It (again) needed to offer the highest level of security and be able to eliminate the use of passwords and user names. Based upon the knowledge gained with the development of the race resort’s offline access control system, together with a team of professionals from various disciplines, Primary-Net created Nexus Smart Pay, a payment system offering the highest level of convenience, speed and security for merchants and consumers alike.

nexus-swipeThis system was tested extensively in a real life situation in the USA. During a trial period of 3 years, Nexus Smart Pay offered many different types of merchants and consumers the possibility to pay for goods and services with just a scan of their fingerprint. The system was offered for free and solely served to test and fine-tune the technology. It has not recorded even one false transaction since the first day of operation, thereby providing the highest level of security in online payment solutions.

swiper-pequenoHowever, Primary-Net and its founder did not stop there. The company continued searching for the ultimate disruptive solution. A solution that would create a secure, new access control protocol. And that could be implemented worldwide in all possible sectors, for offline and online use.  A true game changer in the access control industry, setting the standard for security in biometric access systems. In other words: The Next Big Thing. After many years of development and fine-tuning this cutting edge technology, Primary-Net proudly presents the revolutionary Swipe ID.

Partners

We believe that there should not be any room for any kind of consumer insecurity regarding impersonation or identity fraud.  Whether it’s in banking, in your online life or in your daily offline life. And we believe Swipe ID is the answer. If you endorse our mission to take personal identification and authentication to the next level, we would like to get in touch.

We are very interested in forming partnerships with companies, institutions and individuals that are just as enthusiastic about Swipe ID as we are. Parties who believe that this is the Next Big Thing in security and who want to play an active role in shaping the worldwide revolution that we are going to create by changing the game and disruptively altering the access control landscape worldwide.

Due to the versatility and usability of the Swipe ID, we are looking for partners in different sectors and industries. Swipe ID can be implemented easily, is very cost-effective and highly suitable for all kinds of online access, offline access, Time & Attendance systems and access to many different real world places. Swipe ID is one device for all possible identity checks. In combination with our Central Matching Base and N3 receiver it offers the most secure access control system available.

To make the most of every partnership, we have a partner license program for banks and large corporations. In addition, we offer installation companies and third-party developers an excellent opportunity to join the Swipe ID revolution that will start in the second quarter of 2017.

If you are interested in finding out how we could set up a fruitful collaboration, please contact us by using the form below.

Contact

Contact form

13 + 4 =