With more and more software and services moving to the cloud, cyber security measures aimed at preventing the loss or theft of data have never been more crucial. Server breaches can expose credentials, and passwords can be subject to attacks—more than 40% of consumers have been victim of credit or debit card fraud. There's a growing demand for secure online access via mobile devices and computers, and many are turning to biometric forms of authentication because of their secure and convenient protection. Biometric security has a critical role to play in helping consumers and IT admins manage passwords, guard against wrongful access to sensitive devices, and reduce fraud and identity theft.
As the standard in device security for more than 35 years, Kensington is expanding their expertise to data security by introducing the world's first fingerprint security key to support Windows Hello and FIDO universal 2nd-factor authentication. The VeriMark™ Fingerprint Key is designed to provide simple, fast, and secure fingerprint-based security on any Windows PC, improving employee compliance with corporate cyber security policies. Learn more about how advanced fingerprint-based biometric technology can offer unprecedented cyber security in a convenient, portable package.
Universal 2nd-Factor Authentication Enhances Cyber Security
Cybercrime is the fastest growing type of crime impacting organizations—global cyber attacks are projected to cost companies $2.1 trillion annually by 2019. The volume, scope, and cost of cybercrime has increased rapidly, and improving authentication methods to prevent unauthorized access to compromised devices is an important cybersecurity need. Passwords are an area of particular concern, and password management presents a challenge to IT professionals in charge of corporate networks. Strong passwords can be difficult to remember, and a whopping 50% of IT calls are for password reset. Many organizations have policies in place to guard against cyber theft, but employees may not all be in full compliance. 33% of employees admit to sharing passwords with co-workers, while 65% of employees admit to using the same password across applications. Both of these common employee actions render traditional one-factor logins that require only a password vulnerable if a device or password is compromised.
One way online services are bolstering existing password security is by implementing Fast Identity Online (FIDO)'s Universal 2nd Factor (U2F) authentication, adding a strong additional factor to user logins. The first factor is a username and password as before, and the second factor requires that the user present a device to verify identity. A second factor might be a message sent to a mobile phone via SMS, but waiting for a code to arrive can slow down workflow. A faster and more convenient way is possible using biometric security, which simplifies authentication with one biometric authentication device, able to work across all services and all the devices people use throughout the day. Along with being easier to use, biometric security is especially strong, as biometric data never leaves a device. Unlike daisy-chained passwords, there are no potentially compromising links between services or accounts. Compared with YubiKey and other biometric devices, fingerprint biometrics are one of the most secure and mature authentication methods because fingerprints cannot be guessed, forgotten, or misplaced. Fingerprint biometrics are much harder to fake than identity cards. Fingerprint scanners are quick and easy to use, making fingerprint-based biometric 2nd-factor authentication a simpler way to avoid cyber theft.
Convenient Next-Gen Cyber Security with VeriMark™ Fingerprint Key
Boost security and productivity by simplifying your Windows logon and two-factor authentication access with Kensington's compact VeriMark™ Fingerprint Key. Universal integration provides simple, scalable, out-of-the-box access for Windows computers and platforms including Windows Hello—and integrating biometric devices offers a simpler and more secure authentication for Windows Hello than iris scan or facial recognition. Enjoy seamless interoperability with all your favorite cloud-based services and software providers that employ FIDO Universal 2nd Factor authentication, including Google, Dropbox, GitHub, and Facebook. The fingerprint key also supports popular password manager tools like Dashlane, LastPass (Premium), Keeper (Premium), and Roboform, allowing your fingerprint to authenticate and automatically fill in usernames and passwords for websites, logins, and file encryption/decryption. With the VeriMark™ Fingerprint Key, you can improve your experience in a two-factor authentication world and enjoy unprecedented cyber security in the cloud.
While some fingerprint scanners require your finger to be placed in one specific position to avoid read errors, the VeriMark™ Fingerprint Key accurately scans prints from any angle with 360° readability. Kensington's fingerprint algorithm exceeds swipe sensors and industry standards with a False Rejection Rate (FRR) of 3% and a False Acceptance Rate (FAR) of 0.002%, offering superior biometric performance with anti-spoofing protection. When you choose the VeriMark™ Fingerprint Key, you'll get an accurate fingerprint reading from any direction—the first time.
Unlike bulky old school fingerprint readers, the VeriMark™ Fingerprint Key is tiny and portable. For the smallest size touch sensor currently available, its compact design makes it easy to carry the low-profile USB dongle on the go, by attaching it to a standard keyring. The low-profile USB sensor is small enough that you could safely leave it plugged into your laptop when you slip your computer into your bag to go mobile. The VeriMark™ Fingerprint Key allows users to have a quick and secure login wherever their work takes them.
For IT admins working with shared devices and hot desking environments, the VeriMark™ Fingerprint Key offers several options for logging in users and managing keys. The fingerprint key can be registered to one Windows account on multiple devices. It can also be registered to allow multiple user's fingerprints to sign in to one Windows account on one device. In the event that a fingerprint security key is lost or stolen, users will still be able to login to their Windows account through their regular password or pin until the VeriMark™ Fingerprint Key can be located or replaced. For U2F login, a user's regular password with OTP phone messages will enable login to Google, Dropbox, and other accounts. A lost key won't compromise your organization's security, as no one can steal fingerprint or login data from the key—the fingerprint image/file is encrypted through a secure algorithm and stored in the computer's settings. IT professionals can simplify password management and help employees protect against unauthorized network access on compromised computers with the VeriMark™ Fingerprint Key.
VeriMark™ Fingerprint Key and the GDPR
Because the VeriMark™ Fingerprint Key utilizes biometric data—fingerprints in this case—you may be wondering how it relates to privacy laws around the world, including the European Union's General Data Protection Regulation (GDPR).
With GDPR regulations to protect "sensitive personal data" including biometric data in mind, Kensington has implemented a host of security features in the VeriMark™ Fingerprint Key. First, fingerprint data is only stored on the host device—no data is collected by Kensington. Second, as a match-on-host sensor, Kensington's VeriMark™ solution manages fingerprint templates via the host system. These fingerprint templates are encrypted and stored in Windows Biometric storage on a trusted execution environment, which adheres to both the Windows Biometric Framework (WBF) and FIDO Alliance standards. From start to finish, the data is protected by Synaptics' SentryPoint. Fingerprint data is encrypted to the AES 256 Standards, and the communication channel between the key and the host device is encrypted using the TLS 1.2 protocol. Ultimately, the VeriMark™ Fingerprint Key is designed to securely protect the fingerprint data it collects, and can be used to support a company's cybersecurity measures consistent with the GDPR.
Combining advanced fingerprint technology with a convenient login experience, the VeriMark™ Fingerprint Key offers the same uncompromising security that has made Kensington The Professionals' Choice™ for more than 35 years. As the world's first fingerprint security key to support Windows Hello and FIDO universal 2nd-factor authentication, the VeriMark™ Fingerprint Key provides cutting-edge protection for today's cloud-based world without compromising simplicity of access. Visit Kensington's Security Solutions site to learn more about how Kensington biometric security can help you protect against unauthorized device access while providing simple, fast, and secure logins.