Superior Security for a Smarter Cloud

Author: United Biometrics

In the old times, when speaking of security, equipment and software were installed on-premises therefore perceived as very secure due to a physical guard presence within the office space and a locked IT room.

Times have changed and the Covid 19 forced new ways of working remotely as a forced but beneficial initiative. This is the Cloud!
The Cloud industry is proving today that a serious provider can ensure a level of security that is by far superior to a data center installed on premises.

Banking Manufacturing, and Professional Services are the three major vertical spendings which focus their activities using the public Cloud.

Cloud Market Trends

Gartner analysts are reporting a total 330 BUS$ globally for the public Cloud (2021). This represents a 23 % growth from previous year. More and more organizations and governments have adopted SaaS applications and even more with the “work from home model” due to the Covid 19 infection. SaaS is all the services and software that are run by users on-line. SaaS market share is of 123 BUS$ in revenue for 2021 and expected to be of 145 BUS$ in 2022. Cloud management and security services spending are around 5% for 2021 of the total revenue (growing trend for 2022).

Security then becomes obviously a very high priority.

Cloud Platforms

Today, most companies and governments agree on the importance of a Cloud economy and industry ecosystem. Cloud platforms are a key component of business activities, healthcare and government/people interactions. It is indeed a trusted exchange vehicle between suppliers, consumers, enterprises and public services. The Cloud may be Private, Public or Hybrid but always with different risks associated.

Cloud security means securing access, securing applications and consumers transactions, securing digital infrastructures. The big difference between Cloud applications and on-premises applications from a security standpoint is that the Cloud is a pure connected ecosystem and needs to be highly secured. For on-premises applications there is a physical security perimeter with a physical validation of the person which reduces the risks.

Reconceiving Authentication

For hackers and cyber-criminals, it is easy to access Cloud applications if the authentication user level is based on passwords. Replaying passwords is the main method used by hackers to penetrate Cloud servers. Mission and business critical applications are primarily targeted to stop a service, to steal sensitive data or even to stop an industry nationwide.
Hackers have developed sophisticated and strong tools to try and replay few hundred millions of passwords per second from dictionaries, using more and more powerful chipsets available from the market.

To avoid a non-authorized access, it is recommended to implement a strong multi-factor authentication (MFA) combining different factors, for instance behavioral or physical biometrical enrolment for the person.

Ergonomics of the user’s journey is a priority and verifying a user’s identity with an ID card, a Passport or a Health card with a live facial recognition during the enrolment phase, takes just a few seconds and is by far more intuitive.

Facial Recognition is One of the Solutions of Choice to Secure Cloud Applications

Facial recognition is an advanced technology capable to identify or authenticate a person by comparing a fresh person’s face just captured live with the very same face stored on a mobile application, or on a server. It is basically a mathematic algorithm method supported by Artificial Intelligence, that analyses templates resulting from a person’s unique facial shapes, eyes, noses, lips, geometrical structure. Logical steps for facial recognition are face detection, face capture and face match.

Jean-Noël Georges, Cybersecurity Expert Lead, said during a presentation he delivered during Trustech Paris in 2021 that “Biometrics are ready for massive roll-out”. He also added that “57% of employees would definitively prefer an authentication without password and 32% of consumers believe biometrics are the most secure way to log into their online accounts, apps and devices (compared to passwords, 19%)”.

Data privacy is the main concern when storing biometric data in the Cloud
For sure, biometric data stored such as face templates are at risk and may be consulted by third parties or hacked, if not properly protected.

The largest concern with facial recognition has then to do with privacy and mass surveillance. The danger is that face recognition can be used for bad purposes of recreating a person’s identity and pay or play on social and healthcare portals, on internet, on travel sites and others.

From a society standpoint, we do not want to expose deeply private details stored in servers for tracking and monitoring persons, further taking the risk of a hacker intrusion on the database steeling real faces for criminal purposes, and therefore resulting in an ID theft.

There are advanced solutions to authenticate a person completely anonymously though protecting personal details and privacy. Such solutions are using sophisticated hash techniques to immediately transform live biometrics into non-readable and non-hackable data storage format. It must be noticed that some solutions offer revocable biometrics as a superior answer to database hacking, as a way to re-enroll people providing new data for a face, for example.

Therefore it sustains compliance with European Directive GDPR (General Data Protection Regulation) by providing an anonymized database with no customer details data recorded and stored.

The Cyber Startup Observatory spoke to Christopher Richard and Yves Chemla from United Biometrics who both said: “A key advantage of our solutions is the anonymous and desensitized transformed biometric data.

With this process, if hackers enter the system, they will not be able to match the stolen biometric information with individuals, which is a strong wall to protect privacy and persons. Furthermore, all our biometrics data can be revocable, this method being the ultimate way to protect personal data.”

Christopher RICHARD and Yves CHEMLA are Co-Founders of UNITED BIOMETRICS. United Biometrics is an ATOS, AIRBUS, IBM and ILEX Partner architecting and developing a strong multi-factor authentication and ID verification platform solution for Banks, Healthcare, Governments & Defense, Enterprises losing money or service capacity caused by large cyber-attacks and intrusions. The platform can hold millions of users and support massive traffic in real-time.

Follow Us