Interview with John D. Petze, President and Chief Executive Officer, Privaris
FB John, can you please provide our readers with a brief background of the company? JP Privaris was founded in 1999. Since day one our focus has been on identity verification solutions. We’ve spent many years developing a unique and practical approach to biometric security that we’re very proud of. One that allows individuals to easily verify their identity using their fingerprint and replace all of their passwords and access cards, yet protect their right to personal privacy. And for organizations, it offers the heightened security of biometrics without the need to install any new equipment or replace existing physical and logical access control systems. FB You do have a unique approach to the marketplace that involves your plusID Biometric token. Can you elaborate on that process for us? JP Sure, I’d be glad to! Typically when we think of biometrics an image forms in our minds; for example, biometrics readers installed on every door or gate or PC that you want to protect. That is how biometrics has traditionally been implemented. You enroll your biometric data into a back-end database, then present your finger to a reader on the front-end. It compares it against the image in the database and determines whether to allow you access. Privaris has created a more personal approach to biometrics with a biometric reader that fits on your key chain and in your pocket, as opposed to having readers bolted to every door and installed on every computer. It’s a small key fob, called plusID that performs all biometric processing internally, so there’s no need for a biometric database and no need for users to relinquish their most sensitive of personal data. And it is very easy to use. For example, when you want to enter your building in the morning, you’d pull out your keys as you approach the door and grab your plusID personal token. Press a button to turn it on, swipe your finger across the reader, and it matches your fingerprint against the template that is securely
stored inside your own device. There is no connection to any back-end system or database. If there’s a match, plusID transmits the appropriate access credential. So your biometric information never leaves your device. It is only ever used to trigger the release of industry standard credentials. For example, plusID emulates an access or key card by transmitting a card id to the reader to open the door, but only after a successful fingerprint match. plusID supports the standard RFID technology that is utilized in access cards and is licensed to work with all HID, Casi and Indala door readers. FB So basically you are addressing one of the privacy concerns about biometrics that might be out there. JP We think that we are directly addressing the main privacy concern that is out there which is – “why should I have to give up my biometric data?” And the reason has been – “that is the only way the system works, so just do it!” But that is not a good enough reason; there is really no need for people to have to give up something as private as their biometric information for storage in a database that’s a hacker’s target. They can match their fingerprint to their own device, prove that they are who they say they are, and then deliver whatever credentials are required for different types of transactions, be it physical access, logical/IT access or credit card purchases. Privacy isn’t the only thing we address. We think that the complexity and cost of installing specialized biometric readers on doors and computers has been holding back biometric deployments. It’s expensive and it’s disruptive. If it’s a nice building, you are talking about drilling holes in marble and granite. We eliminate the need to install anything. Our technology is compatible with existing access control readers and systems so that you can go from a conventional system to a biometrically secure system overnight, simply by issuing plusID fobs to your users in place of cards that can be lost or stolen. Each plusID holds up to four access cards of varying formats for different buildings and facilities. FB Just to follow up on that, John, how do you get your products to market? JP Our products go to market through channels, but in talking about channels we have to separate physical from logical access. In the physical access market, they go through the established channels for physical access control products. Our partners represent the plusID line of products, some with private label arrangements. We have distributors who sell to contractors and people who install security systems, and then we have select system integrators who we work with that implement turnkey solutions for customers.
In the logical access market, the channels are less well defined because it is a newer market. We work with specialty system integrators in the IT security market who are implementing logical access solutions and identity management systems for enterprises. FB That leads well into my next question regarding convergence, which I am sure you are aware is a hot topic these days. Your company seems very well positioned to address this area. JP Convergence is a very important trend and we can help organizations get there faster and simpler. If you want to converge your physical and logical access you have to do a few things. One of the most obvious is that all systems are going to run across the IT network managed by the information technology side of the business. Another change relates to management. Typically in order to truly apply convergence you need to convert management so that both your physical and logical security systems report up through the same executive team. But the third thing is – how are you going to do it? It is tough to have convergence if you can’t have a credential solution that works across both your physical and logical domains. Having separate passwords for computer access and cards for building access prevents you from achieving smooth convergence. Our plusID device is a universal credential that gets you in the door and logs you onto your computer. We haven’t described logical access in detail, but when you connect it to your computer via USB it instantly presents itself as a smart card to the Windows operating system. But it is a special smart card. It’s a smart card that won’t complete the logon process until you match your fingerprint to it, at which point it completes the credential transfer for logical access. So we believe that we have a tool that allows the organization to move forward with not just the convergence of physical and logical security, but with true identity convergence across the enterprise. With plusID, there’s no need to have separate issuing and management processes for the two domains. FB What would you say are the greatest challenges in the identity verification industry today? JP One of the biggest challenges in the industry is fragmentation. There are so many different ways to solve a small piece of the identity verification and identity authentication challenge, and most companies are looking at a combination of many different components. While our biggest challenge as a company is education. People are not aware that anything like plusID exists, or is even possible. It’s up to us to show that biometrics can be portable and private, and that a single token can hold multiple credentials (like a wallet) for secure access everywhere it’s required. So education for us is key, to make people aware that biometric security has moved far beyond the need to mount specialized equipment on every door, gate and PC.
FB Well, John, I would like to thank you very much for taking the time to speak with us – it has been very educational!
If you would like to learn more about plusID Biometric token, please visit findBIOMETRICS.com.