Challenge

In addition to the integration of biometric sensors in ATMs or VTMs a large European bank with more than  25,000 employees spread over more than 1,000 branches planned to install a biometric login solution in all branch offices to reduce performance problems and increase security.

Just at the time when globalization was gaining momentum and numerous new applications were being installed on the bank’s servers, more and more of the bank’s employees were on the road and therefore, a secure and fast, but also location-independent log in solution was needed. Up to now, access to PCs, notebooks and servers has been realized via alternating, complicated passwords, which were neither security-related nor user-friendly to meet the increased requirements, and which also showed considerable security deficiencies for mobile use.

It was therefore necessary to create a secure, efficient, and at the same time mobile log-in solution for all employees, which would be in a reasonable cost and use ratio.

Approach

The problem started with over 1,000 different locations and did not stop there, with thousands of employees logging on to Windows and the various banking applications at approximately the same time in the morning. Performance problems were always a problem at peak log-in times.

First, we analyzed the current situation and then created a solution that met the new requirements. To achieve this, we set up different workshops together with the decision-makers from the management and IT departments, as well as our local software development partner to analyze the actual challenges and to identify further needs.

It was decided that all 25,000 stationary and mobile workstations should be equipped with a biometric palm vein sensor, and all employees should be biometrically registered. The biometric patterns of the employees were encrypted several times and thus stored highly secure once on the secure servers of the bank/bank branches, but also for mobile use on the employee notebooks.

The login was then carried out via the biometric sensor, initially on the Windows level, and via further – biometrically supported Single Sign-On steps – the respective employees can then access the banking applications approved for them. The verification of the respective biometric patterns was carried out either on the central, or on the local server, or during an external appointment directly on the notebook.

The biometric algorithm which performed up to 512 recognitions simultaneously, the highly accurate and secure biometric palm vein recognition led to the desired goal: performance, security, mobility, usability at a reasonable cost/benefit ratio.

Lessons learned

This project had a certain complexity already due to its size.  This was compounded by language barriers, cultural differences, time zone differences and of course the solution development was carried out in three different countries, which presented us with special challenges as project leader and manager. Therefore it was very important that all decision-makers were involved and agreed to the solution we proposed, at an early stage. Additional to that, our responsible consultants and project managers were always directly involved in the project.

The proof of concept then ran absolutely smoothly and the solution could be used as a productive system very quickly and to the greatest customer satisfaction.

Success model

The early involvement of all decision-makers and responsible parties on the customer and partner side and on our side played a decisive role in the success of this model.

With such a digital co-creation, the individual responsible persons must know the details in order to complete all the individual steps of the project with their respective teams on schedule and cost-efficiently to success.