sap checks if user id & password combination is valid. no identification. user requests log-on,...
TRANSCRIPT
SAP checks if USER ID & Password combination is valid. No identification.
User requests Log-on, enters USER ID & Password, (not necessarily their own)!
Log-on Denied
Standard SAP® Log-on
© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.
No biometric authentication, identity management or accountability.Password Sharing not prevented, no fraud attempt alerts.
Whatever system capabilities are associated with the User ID, even SAP_ALL, are now available, even if the password was stolen.
SAP Security & Authorizations
Log-on Allowed
User requests Log-on from SSO Software
SSO prompts user for biometric scan
Access Allowed
Access Denied
Typical Biometric “Single Sign-On” Systems (SSO)
© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.
Normal Logon withSAP USER ID and Password
still possible, circumventing the
biometric SSO!
SAP USER ID and Password are retrieved by SSO, passed on to SAP.No biometric verification. No identification of user.
Fingerprint template extracted, compared with reference template in SSO
system - outside SAP
Reference templates
SAP Username
& Passwords
SSO
Password Sharing is
not prevented!
bioLock matches SAP USER ID and Password to user’s
biometric credentials
User requests SAP Log-on. User enters SAP USER ID and
Password.
bioLock prompts user for biometric scan
Biometric template extracted, encrypted,
compared with reference template in bioLock/SAP
Log-on Allowed
Log-on Denied
SAP dedicated name space: /realtime
How bioLock™ Log-on works
© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.
Reference templates
Activity logged
Email alert
Password Sharing is prevented, fraud attempts logged!
Summary
© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.
SAP and its logos are trademarks or registered trademarks of SAP AG in Germany and in other countries. All other trademarks mentioned herein
are the property of their respective owners.