NEC is to demonstrate a way for remote access to a VPN (virtual private network), using a combination of biometric identification of the user and authentication via a mobile SIM card at CeBIT in Hanover, Germany.
The product firm reports that a common procedure for identifying oneself to a computer system involves entering a user name and password. This process harbours a number of risks because it is based on knowledge. A user may chose a complicated password hoping that it is secure, but writes it down somewhere in workplace because this person can’t remember it, or choose a simple password which can be easily guessed.
There are additional procedures involving tokens, like a smart card, but these are also problematic, it is claimed. As soon as the user tells someone else his password or gives away his smart card, the potential for abuse rises greatly. Compared to these solutions, NEC provides a biometric solution with extra security, according to the firm: users are identified according to individual physical features. The demonstration is using an NEC laptop PC with built-in fingerprint reader and a NEC 3G mobile phone.
The benefits for users are secure access to the office LAN from anywhere with no tokens or passwords (1024 bit encryption). It will be more comfortable for the user as there will be fewer components to carry. Also, no additional hardware is needed. This solution works with a number of off-the-shelf applications (VPN, SSL authentication, Windows Logon, etc) and results in a better user experience, it is claimed.
