New NIST protocol enables secure biometric data access

The protocol enables interoperability by adding a device-independent web-services layer in the communication protocol between biometric devices and systems
The protocol enables interoperability by adding a device-independent web-services layer in the communication protocol between biometric devices and systems

The WS-Biometric Devices (WS-BD) protocol allows desktops, laptops, tablets, and smartphones to securely access biometric sensors that capture fingerprints, iris images, and face images using web services. The protocol enables interoperability by adding a device-independent web-services layer in the communication protocol between biometric devices and systems, NIST said in a release.

Biometrics are playing an increasing role in security, access control, and identity management. Fingerprints are often used in conjunction with passwords for computer security. Many jobs require employees to provide biometrics; using WS-BD equipment could potentially reduce costs by facilitating interoperability in biometrics devices, NIST explained.

The new protocol “would be useful to many organizations that house biometric systems, including border control and customs agencies", explained computer scientist Kevin Mangold.

Using current biometric systems, when one biometric sensor breaks, it can be expensive and time-consuming to find a replacement because manufacturers often change product lines and phase out previous generation devices. A few broken devices could entail having to rebuild the entire system, upgrade devices and drivers that may be incompatible with host operating systems, and retrain personnel, Mangold said.

The WS-BD protocol will simplify setting up and maintaining secure biometric systems to verify identity because such biometric systems will be easier to assemble with interoperable components compared to current biometrics systems that have proprietary device-specific drivers and cables, according to NIST.
 

What’s hot on Infosecurity Magazine?