Connect with us


Biometric Authentication – A Cure for the Common Password



Written by Debra Miller, the Digital Marketing Communications Manager at HID

From 2019 through 2021, nearly 1,900 healthcare data breaches of 500 or more records have been reported to the Health and Human Services Office for Civil Rights. Those breaches exposed the sensitive and supposedly protected health information of 49.8 million individuals in 2021, an 11% increase compared to 2019. The reasons for security attacks are obvious and not so obvious.

The Root Cause of Most Healthcare Security Breaches
The human element, such as phishing, stolen credentials, and human error, causes 82% of data breaches. It is little wonder that these conditions pose critical security and financial risks to the healthcare industry.

One of the obvious reasons for security breaches is that healthcare workers log in to multiple computer systems dozens of times per shift. Consequently, healthcare workers must remember eight to 20 passwords to access patient-care applications.

Because they work under extreme time constraints and need to remember complicated, ever-changing passwords, some healthcare workers engage in risky password behaviours. For example, 51% of people reuse work passwords in their personal lives. Unfortunately, 44% of people know the risks of reusing passwords but do it anyway; and 69% of employees admit to sharing passwords with colleagues at work. These conditions lead to compromised, weak, and reused passwords, causing 81% of data breaches.

Moreover, for the past 12 years, healthcare, one of the more highly regulated industries, has suffered the highest average cost due to system breaches.  An individual’s health data on the black market can be worth more than a credit card because patient records often contain all their personal and financial information (PII).

Malicious actors also seek healthcare organization vulnerabilities in not-so-obvious ways, like those found in outdated IT infrastructure or software. Another not-so-obvious target is a healthcare worker’s use of personal devices that connect to the network. And even internet-connected medical devices like insulin pumps and heart rate monitors are an easy gateway to accessing the servers holding patient data.

How Biometric Authentication Provides a Cure for the Common Password
Preventing those breaches is critical to protecting patient privacy and confidentiality. This makes biometric authentication a critical element of a healthcare organization’s identity assurance strategy.

Biometric authentication delivers the highest level of identity assurance. While passwords are easy to forget, and wristbands and ID cards can be misplaced or stolen, biometric markers are unique to each individual and cannot be lost or forgotten. Biometric technology relies on something we always have with us: our fingerprints or faces.

Here’s how biometric authentication works. It compares two sets of data, the first is preset by the device owner, and the second belongs to the device visitor. If the two data are nearly identical, the device knows that “visitor” and “owner” are one and the same and gives access to the visitor.

Biometric authentication provides a cure for the common password by providing healthcare organizations with the following benefits:

  • Irrefutable proof of presence for regulatory and legal compliance. Biometric authentication provides instant insights into who accessed which systems and resources and accurately identify patients across multiple systems and facilities.
  • Fast and easy patient identity assurance. Biometric matching takes a fraction of a second. Accelerated access to patient data enables clinicians to be more productive and provide better care throughout the patient journey. Biometric authentication streamlines patient registration, check-in, and care eligibility verification. And, in a health emergency, quick, easy, and comprehensive access to medical records saves lives.
  • Minimized human intervention for improved data accuracy. Biometric identification is automated, frictionless, and sterile. It ensures data accuracy even when people wear surgical masks, and it eliminates duplicate medical records. Fingerprint scanners have accuracy rates above 99.5%. Best-in-class facial recognition systems deliver an error rate of just 0.08%.
  • Mitigated risks of patient misidentification. Patient misidentification costs the healthcare system billions of dollars each year. And more important, it can lead to tragic medical errors that cause temporary or permanent patient harm. Biometric technologies mitigate these risks by increasing accuracy and tying identification to something people always have with them — their fingerprints or faces.
  • Reduced identity fraud. Nearly 43,000 cases of medical identity theft were reported to the Federal Trade Commission in 2021. By extending security to systems that contain personal and sensitive data, biometrics increases the privacy of those individuals and reduces the risk of identity theft.


RAC Successfully Conducts Facial Recognition Technology Trial at KKIA



Riyadh Airports Company (RAC), which operates and manages King Khalid International Airport (KKIA), has announced the successful trial of Smart Path, a facial recognition technology, at International Terminal 2 in partnership with the air transport technology company, SITA.

The technology, which was tested at check-in counters and boarding gates recognizes the passengers’ digital identity when stepping up to the camera. The facial image is directly linked to the passenger’s physical passport and travel documents at check-in. This allows them to be identified at security or boarding by simply taking a picture.

This trial is part of RAC’s effort towards digitally transforming King Khalid International Airport into a smart airport in the future in compliance with the standards of the International Air Transport Association (IATA).

RAC s’ teams are currently working on the preparations of a self-service assessment project combining multiple other self-service technologies, which are anticipated to increase passengers’ satisfaction and improve their travel experience.

Commenting on the importance of the step, Eng. Mohammed bin Abdullah Al-Maghlouth, CEO of Riyadh Airports Company said: “As our strategy at Riyadh Airports is to cope with the innovational shift of international travel trends and passenger’s needs, we have conducted the Digital Path” trial as part of the airport’s future digital road map and our efforts to digitize passengers’ journeys.”

RAC’s team also spoke about how they seek every potential opportunity of technology to improve operational processes and travel procedures. This requires adopting new strategies and using the latest technologies to reduce the time taken to complete the procedures, with the aim of adding a positive impact to our performance and passengers’ satisfaction levels.

Hani El Assaad, President of Middle East & Africa, SITA, said, “We’re excited to partner with Riyadh Airports Company to trial the latest cutting-edge biometric solutions in the region. The airport of the future will leverage technology that enables safe, seamless, and easy travel every step of the way. This successful Proof of Concept highlights the power of SITA Smart Path biometrics to deliver a fluid journey where a passenger’s face becomes their boarding pass, from check-in to boarding.”

Continue Reading


Apple Announces Encryption for its iCloud Backups



Apple announced on Wednesday that it will be bringing end-to-end encryption to most of iCloud with a new optional feature called Advanced Data Protection. Previously, only 14 data categories within iCloud were protected. This new feature will extend that protection to 23 data categories, including photos, notes, voice memos, reminders, Safari bookmarks, and iCloud backups of device contents.

However, not all data will be encrypted in this way. Notably, calendar and mail data will not be affected by this change. Apple says that these data categories are not covered “because of the need to interoperate with the global email, contacts, and calendar systems.”

US-based participants in the Apple Beta Software Program can start using Advanced Data Protection today, and the feature will roll out to more Americans by the end of the year. If you’re outside the US, you’ll have to wait until 2023 to use the feature, according to Apple.

Advanced Data Protection is the main focus of today’s announcement, but Apple also revealed two other privacy and security features related to iCloud. First, iCloud users can now use hardware security keys like YubiKeys. Both NFC keys and plug-in keys are supported.

Second, there is a new feature called iMessage Contact Key Verification that can alert high-risk users, such as journalists, if their conversations are being hijacked or monitored by state-sponsored actors.

Apple also confirmed that it is no longer working on a controversial system that was designed to identify child sexual-abuse material on users’ iPhones. The company changed its plans after facing significant public backlash over privacy and security concerns.

Continue Reading


Invixium Launches IXM VERTU



Invixium has announced the launch of IXM VERTU, a modern access control reader capable of reading RFID cards along with mobile credentials via BLE or NFC from up to 8 cm away. Installation takes mere minutes and configuration is easily completed for Wiegand or OSDP through a configuration app. For clients that already have an access control software solution, IXM VERTU can seamlessly be added to their existing access control system. Invixium’s suite of biometric products along with IXM VERTU will be on display during the ASIS Middle East exhibition at stand F7.

VERTU’s rich combination of features is built into a sleek, elegant two-tone enclosure that can be easily mullion mounted in small spaces and door frames, complementing any new or existing décor. Its IK08 impact and IP67 ingress ratings allow IXM VERTU to be installed indoors or outdoors. The durability and appealing design of VERTU make it a great choice for businesses of all sizes and industries.

Shiraz Kapadia, CEO, and President of Invixium, expressed his excitement at the new possibilities for Invixium customers with the launch of IXM VERTU. “While biometrics is the heart and soul of Invixium, we are humble enough to admit that not every door requires the extreme level of security that biometrics offers. VERTU strikes the perfect balance of sleek design and security,” he said.

Continue Reading

Follow Us


Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.