Is multi-factor authentication the future of access credentials?

Feb. 7, 2018
Recently debuted S-Badge from GNS features biometric, location and secure element authentication

Among the latest and greatest tech gadgets and smart home products on display at CES 2018 last month in Las Vegas was a solution for high-security applications that one wouldn’t normally expect to find at a consumer-focused tradeshow. The S-Badge from Global Net Solutions (GNS) is an Internet of Things (IoT)-based access control solution that leverages a combination of Bluetooth Low Energy (BLE), multiple data sensors and RFID technology to track people and assets throughout a facility or campus environment.

On the surface, the S-Badge looks similar to most other smart card credentials, but what separates it from traditional counterparts is that it features a three-factor authentication process, which includes:

  1. Biometric Authentication – the badge must be activated using fingerprint verification, which also measures moisture, temperature and electricity in the live skin to ensure that only the authorized individual can activate the badge.
  2. Location Authentication – the badge communicates with surrounding gateways to verify its authenticity and exact location at any time;
  3. Secure Element Authentication – an individually programmed NFC chip verifies whether the user is authorized to access a specific area or assets.

According to Michael Elias, Director of Business Development for Global Net Solutions, the current model for both physical and logical access deployments that leverage some type of credential, be it a smart card of RFID-based solution, is flawed in that organizations have no real way of determining who is actually using a badge in real time. The S-Badge seeks to alleviate this by having fingerprint authentication directly on the credential itself and going beyond the purview of most access control solutions to provide intelligence about where a particular badge is within an environment. And given many of the concerns surrounding privacy today, Elias says that the S-Badge can only be tracked on the premises where their system of on-site LoRa gateways are installed.

“With this particular badge, if you lose it, no one can use it. It’s a piece of metal that is dead without your fingerprint authentication,” Elias says.

In addition, Elias says that they added physical security on the S-Badge itself by using a printing technology that makes the surface of the badge waterproof, anti-scratch and impossible to print over.

“Many badges today have a certain layer of lamination that, if removed, could be reprinted or laminated over. In our case, you cannot do that,” Elias explains. “We also secured the fingerprint scanner itself to make it very robust to identify the live skin of the finger. If I were to cut my finger off, it’s not going to work. It detects moisture, electricity and temperature of the live finger and if any of them do not match along with the fingerprint, it physically is not going to work.”    

GNS also took safety into consideration in the development of the S-Badge, embedding an SOS button on it to give credential holders the ability to signal for help in the event of an emergency either inside or outside of a facility.

“We can get your location and if you start walking faster, for example, we can detect how fast you are walking, running, etc. and send an updated location,” Elias says. “That provides first responders with an insight that haven’t had before and is something they have been longing for.”

On top of the security and safety aspects of the S-Badge, it also offers artificial and business intelligence features to provide end-users with a more comprehensive view of the behaviors of its employees. For example, the solution features a dashboard which enables organizations to look at the trends of normal behaviors of every single person who carries a badge within their facility.

“For example, if you normally work at gate 22 in an airport and all of a sudden we see you at the sorting facility downstairs, it raises some questions,” Elias says. “Now we can track potential insider threats and tackle them before they actually happen to prevent even higher-level breaches.”

The S-Badge currently works with NFC readers that operate on the 13.5 MHz frequency. The company is working to integrate its software with Genetec via an API plug-in. Elias says any high-security application is a target vertical for the S-Badge including, airports, hospitals, higher education campuses, critical infrastructure sites, research labs, and government facilities.

“The badge is only a badge. It looks like a badge and acts like a badge, but it does have a lot more than just an RFID tag or an NFC tag even. In today’s world with the conventional way of doing it, no one can provide you a location of a badge, so there is no safety mechanism embedded in any of the badges today,” Elias says.  “Secondly, if I were to add biometric authentication like we’re doing here, I would have to have a biometric (reader) on every single door and the reader would have to carry all of the templates locally or put it in a centralized place on the network. In both cases, it is a huge liability. There’s a huge difference between what exists in the market today and what we’re offering.”  

About the Author: 

Joel Griffin is the Editor-in-Chief of SecurityInfoWatch.com and a veteran security journalist. You can reach him at [email protected].