Biometrics are enrolled and bound to identity information centrally. Biometric authentication takes place on a central server against data stored securely on a server. A biometric match is required on the server to enable authentication. The solution grants access to information and assets to customers or employees, by means of an architecture analogous to using usernames and passwords to enable secure access to networks and data. In-band and out-of-band authentication are supported.
Aware’s Mobile SDKs can be used to capture biometrics on a device. Alternatively, BioComponents can be used within WebEnroll or URC to enroll biometric images (fingerprint, face, and/or iris) from the applicant. Biometrics are submitted securely to BioSP running on a central server. Identities are stored securely in BioSP Subject Manager. A biometric match is performed by Astra with Nexa fingerprint, face, or iris matching algorithms.
Match-On-Device is implemented in Aware’s FIDO® Suite solution. Biometric capture and authentication is performed on the device using Aware’s FIDO® UAF Authenticators. A biometric match on the device is required to satisfy a PKI challenge/response exchange with the server. The biometric reference is stored on the device and only PKI data is exchanged.