As a leading provider of biometric access management solutions for the enterprise, BioConnect was quick to recognize the role it could play in helping organizations to adapt to the COVID-19 pandemic.
In a new interview with FindBiometrics Director of Digital Content Susan Stover, BioConnect Chairman and CEO Rob Douglas details those efforts, and offers some broader perspective on the security landscape of the coronavirus era. Starting with some thoughts on how the latter has changed over the past few months, Douglas proceeds to a description of BioConnect Cares, an initiative launched in April that would see his firm offering its contactless biometric security products for free or at steep discounts to help organizations cope with COVID-19.
Douglas also reveals the name of BioConnect’s recently announced “wellness declaration” feature for its BioConnect Link platform. It has been dubbed “Wellness Authentication”, and could further help companies to mitigate the spread of the virus as many businesses begin to reopen.
From there, Douglas offers some insights into the shift to contactless biometrics, the most vulnerable sectors to fraud, and the need for a new “threat model” approach to enterprise security that relies on dynamic and adaptable security frameworks.
Read the full interview with Rob Douglas, Chairman and CEO, BioConnect:
Susan Stover, Director of Digital Content, FindBiometrics: We’re now many months into the COVID-19 pandemic, which has catalyzed the number of digital trends we’ve been tracking for many years – mobile finance, remote work, etc. I’m interested in your expert perspective: how has the security industry changed since lockdown began in March?
Rob Douglas, Chairman & CEO, BioConnect: I think we’ve noticed a couple of things that really have stuck out for BioConnect. One is around safety. We all talk about security and safety, and I think the COVID environment has actually elevated the need to bring safety as part of the decision of security. That’s specifically to the return of employees back to their offices and how to prevent against the second wave or spread of COVID. The general health of each person, as they’re returning back into the office on a daily basis, is now a critical part of the security decision about whether I’m going to grant you access. That would be one.
The second one is, how does a security operation center run their physical facilities that are virtually lights-out remote? Security operation centers are all in control centers, they are high security areas, there are lots of flat screens. Now you’ve got a world where some or many of those people managing the security facilities are actually doing it from their homes and the technology solutions have to adjust to be able to deal with the remote management of security. Even simple things like, “Okay, if a new person wants to get to the office or be granted access to the office, how do you do that, when you’re working from your home?” Just little simple things like enrolling new employees, or enrolling visitors, or making changes to an employee status of access, now being done from the comfort of the security operator center’s home – this is a new thing in terms of how to manage security.
Susan Stover: Soon after the pandemic hit, BioConnect launched the BioConnect Cares Initiative, encouraging the use of contactless access control. What are the details of BioConnect Cares, and how do you hope it will make a difference?
Rob Douglas: The genesis of BioConnect Cares goes back to the beginning of April when we looked and said, “What is it about what we do that we can give back to our customers and future customers, that can leverage what we do, and give it to them at no cost?” It was all in the spirit of, “How can we help the world deal with this pandemic?”, that gave life to this idea of BioConnect Cares. BioConnect Cares fundamentally means we can give to others to help them through this COVID journey that we’re all having to navigate through.
BioConnect Cares, from a digital perspective, has been the most successful thing we’ve ever done. Everything else we’ve ever done pales in comparison to the engagement that we’re getting around this particular area. We do things like the B-Link service that we provide in the market; we’ve given it away to people to use for 90 days, whether they want to consume it as a way to help bring health authentication or for deciding whether or not to let somebody into an office. We significantly reduced the cost of our face recognition systems to be able to make it easier for people – if they want to get to a touchless solution, they can go ahead and do that.
We’re giving away our mobile face recognition system for physical access for a period of months, for people to be able to help onboard people back into their office. And then we’ve been running an educational webinar series strictly around education to help people onboard employees back into their offices and reduce the risk of the second wave of the spread of COVID.
It’s a combination of giving technology away, reduction in prices of technology that people may be interested in, and a high focus on education. Just a few weeks ago we ran probably our most successful webinar in the history of the company, all focused on government officials and industry talking about how to successfully and safely onboard employees back into their work environments.
It was probably the most successful thing we’ve done all designed to provide ideas and content to help people with the transition back to work.
One more, actually, is: this week we released something we didn’t even imagine three months ago and it’s called The Wellness Authentication. It goes into our first customer deployments next week, and we’re giving it away. There is actually no cost to it. Anyone who’s using our B-Link solution will be given this Wellness Authentication and they can just use it.
Its sole purpose is for when employees either at their home in the morning or when they’re approaching and want to get access to a facility, they’re receiving a push notification to their mobile device, to answer a four-part survey or declaration of their health as of that moment in time, and the answers to those four questions determine whether in fact that door will unlock.
So, it’s very actionable security; it’s also very private. But we’re also just giving it away. It’s something, obviously we didn’t realize we would be developing three months ago, but the engineering team has been at it now for almost two months and we’ll be releasing it this week as a no cost way to help people with doing health checks of individuals as they want to get access to the facility.
Susan Stover: Congratulations on the success of that initiative. Will this Wellness Declaration feature for BioConnect be available for companies to integrate it into their systems?
Rob Douglas: Yes, and it’s modeled off of how you cross borders, so if you think of when people are wanting to get from one country to another country, it is very often that a citizen is being asked to declare something. They get an online form, declare you’re not carrying more than $10,000, declare that you’re not carrying vegetables, etc. It’s a declaration, which is actually part of the authentication as to whether I’m going to let you into this next country or not. We’re using that exact same idea, but doing it through a mobile device as a push notification to declare your health as of that moment in time, and then using that data to decide whether it’s safe to let you in the facility or not. That’s real time, if you fail the declaration, the door will not unlock, you’ll be denied access.
Susan Stover: We’ve been seeing a growing broad discussion within our industry on the importance of contactless security and a long-term shift away from contact-based biometrics and shared surface scenarios. Facial recognition is getting a lot of attention, but what other physical security technologies can meet today’s hygiene demands?
Rob Douglas: There’s a couple things going on. Well, for sure, face recognition interest and demand is definitely growing significantly because of the contactless requirement and what you’re also going to see us bring to market shortly is an infrared capability – an infrared that can be actually connected into the face recognition system.
That allows for just another health check of, “What’s the temperature of the person who is there seeking to get access into the facility?” I can take just a thermal camera, take a temperature check of you, and use that to decide as part of our authentication platform, whether we’re going to let you in. That’s another piece that’s coming very shortly. When I say shortly, within the next month, a month and a half.
Also, mobile-based face recognition. We’re seeing a lot of demand where people don’t even have the time or budget to be able to replace what’s already on their door systems and they’re looking for a retrofit solution, and we actually have one that allows you to keep everything that you have now, and upgrade to doing face recognition on your mobile device, as a way to bypass touching something for authentication.
Susan Stover: Over the years we’ve had many discussions with you in interviews, webinars and panels about the new fraud threats emerging as information and physical security converge. With remote work, remote education, and remote banking accelerating, what markets do you expect to be the most vulnerable to fraud and how can the identity industry address them?
Rob Douglas: Any industry that’s in critical infrastructure and regulated industries are the areas that are of greatest risk. That includes everything from healthcare, financial services, utilities, oil and gas, telecommunications, water – all of the critical infrastructure that supports our countries. These are always subject to threats, and when people are remote the need for authentication of people for digital and physical access is only accelerating. Many of these critical infrastructure industries are also highly regulated and to be able to be in compliance with the regulations, you sort of get a new level of challenge where your employee base is working from the home and not the office and you’ve got to be able to provide higher authentication tools to those who are getting access to your digital assets.
Susan Stover: Obviously 2020 is on a different course now than it was on its outset. You’ve touched on a few initiatives coming up for BioConnect, but what can we expect from you moving forward in 2020?
Rob Douglas: I think the biggest area where we are going to add value to help the marketplace is this idea of a threat model authentication platform. What this really means is that in the world of physical security, the challenge for physical security is: everybody is forced to pick an authentication method for their door, and then they install it, they wire it up and then they’re going to live with it for the next eight to ten years. Physical access moves at the speed of a building, which fundamentally means it doesn’t move at all.
Companies are forced to decide on their authentication method. Are they going to use a card? Are they going to use finger recognition? Are they going to use face recognition? Are they going to use mobile, or are they going to use a wearable? So, they’re forced to pick one and then they’re going to live with it for a long time.
BioConnect, because of our focus on the digital side or the IT side as well, has come to the realization that we’ve got to build a threat model, authentication platform that can change based on the changes of threats that we experience so that you can move from a world of very low security, where I’m going to use a card, to very high security, where I’m going to use a thermal camera or a second person authentication before I gain access. We’ve actually built this platform so that the enterprise can adjust their authentication at their door systems more freely, as opposed to being hard coded to a specific type of solution. This also connects to the unification of the enterprise, where the digital authentication and the physical authentication can in fact be the same authentication for the user.
In fact, I would like to add one more comment. This idea has been born because of COVID and because of 9/11. If you think back to 9/11, the horrific event, it gave commercial life to the biometric industry back in the early 2000’s. I remember sitting in meetings in Washington, as a biometric provider, competing for the first projects around fingerprint recognition. And what happened in that time period is, the US government created a five-step threat level assessment from green to red. The idea was then – and still is today that depending on your threat level – you’re going to use different security levels to adjust to the threats that you’re experiencing. We’ve now built that into an authentication platform and COVID is a health threat. You’ve got to have higher levels of authentication assurance, just to even deal with something called a health threat that is now confronting all of us. This will allow the enterprise to be able to adjust up and down based on the threat levels they’re experiencing and not be hard-coded to one of them.
Susan Stover: Thank you so much for your insight today, Rob.
Rob Douglas: Susan, it’s my pleasure. I appreciate the opportunity very much.