Security

BOPS Enables Widespread use of Biometrics for Access Control

Copy article link
Passwords are old fashioned, impractical and insecure. Enter increasingly pervasive biometric technology and the promise to guarantee the identity of who is at the other end of a mobile device or reader, enabled by BOPS (Biometrics Open Protocol Standard). This has lead to biometrics industry leaders, such as Hector Hoyos, CEO of Hoyos Labs, predicting that Smartphones will undergo a revolution in the coming years as a biometrics hardware device, not least for access control. Memoori's 2014 Security report showed that growth in the sales of Access Control has increased to 10% as it moved into IP Network systems and biometric and identity management systems. A 2015 update to our Security research will be published next month. In September this year the Standards Association of the IEEE (the Institute of Electrical and Electronics Engineers) approved standard 2410-2015 or BOPS as the global standard for identity and authentication on the Internet and mobile devices. The purpose […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $200 per year per user (just $17 USD per month) for Access to Quality Independent Smart Building Research & Analysis!

What Exactly Do you Get?

  • Access to Website Articles and Notes. Unlimited Access to the Library of over 1,700 Articles Spanning 10 Years.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

Want a Corporate or Group subscription? Get in touch.
Email us at: support@memoori.com

Passwords are old fashioned, impractical and insecure. Enter increasingly pervasive biometric technology and the promise to guarantee the identity of who is at the other end of a mobile device or reader, enabled by BOPS (Biometrics Open Protocol Standard).

This has lead to biometrics industry leaders, such as Hector Hoyos, CEO of Hoyos Labs, predicting that Smartphones will undergo a revolution in the coming years as a biometrics hardware device, not least for access control.

Video Analytics

Memoori's 2014 Security report showed that growth in the sales of Access Control has increased to 10% as it moved into IP Network systems and biometric and identity management systems. A 2015 update to our Security research will be published next month.

In September this year the Standards Association of the IEEE (the Institute of Electrical and Electronics Engineers) approved standard 2410-2015 or BOPS as the global standard for identity and authentication on the Internet and mobile devices.

The purpose of BOPS is to provide an open and biometrics-agnostic multilevel security protocol and platform. In other words it allows non-technical users to interact with a system using multi-factor authentication (for example, biometrics) that integrates with systems in a simple manner (from a technical point of view).

BOPS consists of a set of rules that governs and safeguards communications among a variety of client devices, including mobile phones, desktop computers and ATMs. It is a trusted server that manages the acquisition and manipulation of biometric data that's captured by those devices. The BOPS guidelines make use of the U.S. Department of Defence’s Trusted Computer System Evaluation Criteria (TCSEC) and are biometric-neutral.

"Identity is the true currency in today's world. Without proper standardisation in place to clearly secure and authenticate someone's identity online in a comprehensive end-to-end manner, we will continue to see a plethora of hacks and cyber-attacks, which cost financial institutions billions and make consumers fear for their personal data", said Hector Hoyos. "The IEEE has taken a very forward-looking stance in adopting BOPS as the global standard for digital identification and authentication".

As a function of submitting BOPS to the IEEE for review, HOYOS Labs has made the BOPS protocol open to any organisation that desires to use it for digital authentication purposes. This development has drawn attention from a number of big industries and, perhaps unsurprisingly, the financial industry leads the line.

"BOPS represents a breakthrough in financial transactions. For the first time, financial brokers and customers are offered unique, repeatable assurance that every transaction can be tied to a person without question. The timing could not be better, as banks and financials are moving away from passwords and PINs, as we seek better vehicles to safeguard our data. This level of assurance stands head-and-shoulders above traditional authentication frameworks that suffer hacks on a daily basis", explained Kevin McNamara, CEO of McNamara-Group and formally Vice President of R&D at JPMorgan Chase.

[contact-form-7 id="3204" title="memoori-newsletter"]

BOPS integrates its security protocol into a single layer in which certificates are automatically managed. This design reduces the number of fail points and mitigates risk of security poisoning by removing multiple vendors and reducing the attack surface. It instruments the binding of the person to the role, location and resources that the person is given access to and the device(s) that he or she is authorised to use, and all within the single layer.

It also uses a highly secure technique called visual cryptography to encrypt channel transmissions and certificate bindings. The biometrics vector is split into two “halves,” and each half is encrypted in such a way that no useful information can be extracted should either portion be compromised. This design allows an individual to link multiple devices to his or her identity without creating duplicate identities on the server, which has the added benefit of guaranteeing the security of the biometric vector itself.

"The IEEE defines what the most important and valuable components of technologies are via its standard-setting functions," said Scott Streit, IEEE 2410-2015 Committee Chairman. "Creating the standard for online authentication of identity is vital to secure the future. Propagating this standard globally will help to defuse the ticking time bomb of cyber fraud and identity theft".

Most Popular Articles

Energy Storage Stem Examined
Energy

Stem Behind-The-Meter Energy Storage Business and Financials Examined

In this Research Note, we examine Stem, the first pure-play smart energy storage company to go public in the US. This article is based on their 2022 annual results, 10K Report, investor presentations and previous analysis. Founded in 2009, Stem is an energy storage company that offers commercial and industrial (C&I) customers a complete solution […]

Trane Nuvolo Workplace Management Acquisition
Smart Buildings

Trane Augments Integrated Workplace Management Portfolio with Acquisition of Nuvolo

This Research Note examines what’s behind the bolt-on acquisition of Nuvolo, the workplace management software company announced this week by Trane Technologies, the US HVAC equipment firm. Trane is considered to be a competitive second-tier supplier in the world building controls market, behind Siemens, Honeywell, Johnson Controls and Schneider Electric. In a move which emulates […]

Clockworks Analytics FDD
Smart Buildings

Clockworks Analytics Fault Detection and Diagnostics Business Examined

In this Research Note, we examine Clockworks Analytics, the US provider of building analytics software. This article covers the development and growth of the company, channel partnerships and funding rounds through to Series E in August 2023, supported by Schneider Electric, their long-standing strategic investor and partner. Formerly known as KGS Buildings, the company was […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy