Gurpreet Manes on Internet Security
When Gurpreet Manes discusses today’s pandemic of security breaches, he realizes that hackers from U.S. adversaries and even domestically are already studying the newest technology to worm into our sensitive data. Thus, the CEO of SecuEra jumps to the chase: how we identify ourselves online. That is the one place, he says, where hackers can easily access our records — or find themselves up against an impenetrable wall.
“You can issue identities that are very difficult to falsify,” Manes said. “You can assure that authentication verification provides access to only the people that actually have access. Most log-ins have user-based passwords or PINs – a single layer. That is not true high-end security. When you combine that with a biometric like a smart card, voice, fingertips, DNA, or optical identity, the authenticated user only accesses data.”
SecuEra has firmly established itself as a user-centric solution provider for national IDs and passports, federal and corporate employees, and the healthcare and education industries. This also includes pension and retirement plans, Social Security, airport security, SIM cards, payments, and record and identity authentication for hospital and patient records. SecuEra is the most established U.S.-owned company for developing identity products, a service for which 80% of solutions come from overseas firms.
Biometrics is the Solution
“Combining identity and biometrics is the solution,” Manes said. “Being able to auto-detect you from your biometric profile, however it is registered, makes it convenient for the user to be ultra-secure. How is a foreign adversary going to run a live attack on biometrics when all they can get is a user password? Trying to detect a biometric identity is impossible remotely. There are too many variables.”
One of the problems with the hacking of federal and municipal networks, Manes points out, comes from the security systems that are installed. While hackers study the newest technology, the government installs systems originally released two or more years ago. For ultra-sophisticated hackers, such systems are easy mark — especially since they don’t combine user IDs and passwords with biometrics.
“There are many legacy systems in place here,” he said. “That’s why developing countries can build very secure systems right away. They’ve never done it before, so they don’t have existing systems. What we do is not to add more layers, but to integrate our solutions with legacy systems. That way, we upgrade security and efficiency at the same time.”
Battling with hackers is like playing chess on a grandmaster level: either the culprit or the security provider will keep three moves ahead. In SecuEra’s case, that means working with Public Key Infrastructure (PKI) certificates to provide biometric-based credentials.
“The cost has been what has made deployment of this very slow so far,” Manes said. “We try to avoid that. Vendors often support PKI only in the network; we support it, no matter where they or we are sitting. We work per workflow, and per user flow, using different certificate authorities. All in the same credential.”
On a consumer level, Manes and his team are also working to consolidate some of our most-used ID-based tools, such as driver’s licenses and credit cards. As he describes it, the solution is something that seems highly likely to catch on – fast.
“We’re working to combine identity and payment,” he explained. “A driver’s license can also be used as a payment product with using MasterCard, Visa and others. By combining payment processing with Identity, we have solved the problem of ID management being seen as a cost overhead.”
By providing certified payment tools with ID, users can make bank transactions with ID credentials, which saves money for banks, ensures social payments reach the designated beneficiary, and helps reduces the size of the underground economy. The ID can be via card, mobile device, biometric, or a combination of the three. For SecuEra, this is fully supported today.
“We see a day where you will be able to utilize 10, 20, or even 30 different services off one identity that is password, PIN, and biometrically verified. We believe that provides the best user security.” – Gurpreet Manes, CEO, SecuEra
By Robert Yehling