More from the IBM Redguide,
Accurate identification is essential for user authentication under an SSO solution. In terms of
business value, providing access to an unauthorized person risks exposure of corporate and
customer information. Alternatively, failure to provide access to an authorized user results in
downtime and lost productivity.
Finger-based biometrics is generally recognized as the most cost-effective method of
accurate identification for authentication purposes. Unlike passwords and strong
authentication methods, such as smart cards, fingerprints cannot be shared or stolen. The
user that is authenticated is always the right person, assuming that the user was correctly
identified at enrollment.
Through an initial enrollment process, the employee’s finger is scanned and digitized.
Typically a primary finger is designated, and a second finger is scanned for alternate use. The
data extracted from the finger scan is converted into a mathematical model, which is used to
build a registration template that represents the features, or minutiae, of the fingerprint.
Then, when that user signs on to a system or application that is enabled by IBM Security
Access Manager for Enterprise Single Sign-On, the finger is scanned and digitized again, and
a reference template created. That template is then compared with the enrollment database to
identify a positive match for user authentication.
Finger-based biometric authentication for IBM Security Access Manager for Enterprise Single
Sign-On can be used on any private, shared, or roaming desktop. In addition to sign-on, it can
quickly lock and unlock the desktop and switch between users, which is especially important
in a shared workstation environment.
Market Data 
Markets 
AI
