FIDO is Match-on-device where the biometric template never leaves the device.
IWS is Match-in-cloud where the biometric template resides in the cloud.
At the present time I don't believe FIDO would certify IWS or any match-in-cloud architecture, and I suspect that is why they are not a member, although some match-in-cloud vendors may be.
There is room for both approaches, (and I suspect someday we will see hybrids) as all Use Cases are not the same. Several large companies such as Lockheed Martin and Fujitsu have focused their own go-to-market strategies in the cloud based on the IWS Biometric Engine and GoCloudID. These companies have deep experience with biometrics and they are not members of FIDO. There are distinct advantages to cloud based biometrics-as-a-service including convenience, cost, the time required to stand up an enterprise account, and (they will argue) enhanced security through IWS proprietary anonymous matching. The recent Android hack highlights this.
Agree, the frictionless part is really key as consumer type subscribers won't use it if it is a pain. We probably won't know how frictionless GVID really is until it gets out into the wild and we get some real user experience. Then those guys at FireEye will try and hack it and we will see how it holds up. I think IWS has done a lot of testing using the Fujitsu cloud but the real world often turns up anomalies. TBD.
Agree on the matching speed. GVID needs to be as frictionless as possible to the subscriber; so it needs to be fast and it needs to have a low False Reject Rate (those are bad) without being so detuned it creates significant False Accept Rates (those are worse).
If the matcher database and Biometric Engine are in the cloud then the storage should be theoretically unlimited. The BE is proprietary IWS, I don't know what database it uses.
Interesting comment from Paul Burmester CEO of ValidSoft RE IWS from the ETAK CC last week-
Paul, do you have other opportunity with regards to voice biometrics side in the commercial or otherwise that you guys are working on."
"Paul Burmester - CEO of ValidSoft
"A very much so yes. So as I mentioned with ImageWare, actually if you look at ImageWare Systems, they had their earnings call yesterday and during that they gave a fair amount of information as to their existing clients and their pipeline and we are working with them as they deploy with the existing contracts and we are actually working with them on some new opportunities as well. That pipeline we believe is really going to start deliver as the year goes on."
* "The platforms database is capable of cloud-based matching of more than 200 million identity credentials in real time."
* ImageWare believes cloud-based storage of a biometric feature is more secure than storing biometric data on a mobile device, which can be lost, stolen, or hacked. On-device storage also requires registration of biometric features for every phone, tablet, etc. Cloud-based storage requires only a single registration.
Report is short, but worth a read for those who want to know something about what they have invested in.
It comes down to subscribers-
ImageWare Systems, Inc. is featured in the August 2015, Issue 1069 of The Nilson Report. Showcasing our GoVerifyID, biometric mobile app, the Nilson Report has this to say:
“U.S. banks are testing ImageWare’s technology for in-band and out-of-band biometric authentication, including payment card transactions. GoVerifyID can be deployed anywhere in the world. Fujitsu has integrated GoVerifyID into its point-of-sale terminals and is offering it to customers in Asia.”
The report is listed on the IWS site.
Android devices equipped with a fingerprint sensor are vulnerable to hacker attacks. They can not only bypass the biometric authentication, but even steal the fingerprint data itself, security researchers told a hacker conference.
Tao Wei and Yulong Zhong from the cybersecurity firm FireEye Inc. reported their findings on Wednesday to the Black Hat conference in Las Vegas.
The researcher devised four vectors that hackers could use to target fingerprint sensors. One of them allows for "remotely harvest fingerprints on a large scale," without the user ever noticing it. Considering that unlike passwords fingerprints can’t be easily altered and are used for identification in many venues, a compromised phone may leave its user with a lifetime of their data being misused.
The speakers said the HTC One Max and Samsung Galaxy S5 were confirmed to be vulnerable to such attacks. Hey added that affected vendors were alerted and have since provided patches.
Zhong noted that Apple devices used different methods for storing fingerprint data and were quite secure against theft attempts.
Flaws in Android devices are frequently exposed. Just last week, Zimperium uncovered one that allows devices to be hacked by simply texting them. The victims don’t even need to be tricked into downloading or opening a bad file – attackers only need to send them a text message for the malware to take hold.
Android is by far the most dominant smartphone operating system in the world, with about 80 percent of smartphones worldwide running it.
Note: GoVerifyID runs Face and Voice recognition with Anonymous Match-In-Cloud. If you are running GVID on those Android devices you were not exploited. Black eye for match-on-device.
CS UpstreamGuessers maintains IWSY as Speculative Hold in a private report issued to no one on Friday.
My headline is more credible, as I at least know what business IWS is in, and the Zacks bot does not.
It shouldn't be lost on anyone that the 2016 estimates have gravitated to almost exactly the breakeven case Miller mentioned in the call on Monday. I'm fine with it. These is no current basis to model meaningful estimates for IWS, so breakeven is a good set-point, and better than wild high guesses they can't live up to.
I believe there is a lot of investment interest in consumer to enterprise level applications of biometrics and not many viable public investment names. Investors are cautious because of IWS' history and the perception that past will inevitably be prologue. That leaves most investors on the sidelines unwilling to get upstream of "prove it". I DO want to be upstream of "prove it" because when IWS starts to enroll subscribers at 85% gross margins through these big names-- watch what happens.
Paul Burmester - CEO of ValidSoft
"On our last call, we announced that ImageWare Systems have selected ValidSoft as their preferred supplier of voice biometrics. And I am now pleased to announce that we have completed our integration with ImageWare Systems and already beginning the enrollment of some of ImageWare's existing clients while also working together on some exciting new opportunities. And I look forward to sharing further details on this successful partnership in the near future. "
ImageWare's CTO David Harding Webcast on Fusing Voice with Multiple Biometrics
Dan Miller, Opus Research; Shawn Edmunds, ValidSoft; David Harding, ImageWare Systems
No longer are voice biometrics tentatively tested in single channels and measured against purely theoretical equal error rates. In reality, businesses are implementing high performance solutions that easily scale, yet deliver a consistently low friction user experience and strong security across a business.
In this webinar, Dan Miller, lead analyst and founder of Opus Research, joins ValidSoft’s VP for North America, Shawn Edmunds, and Image Ware System’s CTO and VP David Harding to discuss how successful integration of highly optimized voice biometrics has never been easier or more cost effective for your business."
September 3, 2015
Stock- I don't think the CC will change anyone's mind, expectations are low because of the numbers, and the conventional wisdom re IWS is past shall be prologue. If IWS breaks out, it will be a big upside surprise in the market.
Retail job- In my experience with big companies, committees are where ideas go to die. If Fujitsu and IWS haven't been able to overcome the perception that storing biometrics in the cloud is not secure in a year of trying, then it's time to move on, and it sounds as if hey are.
I believe the winds are shifting on this perception as Lockheed Martin has now adopted almost exactly the same cloud based biometrics as a service model as Fujitsu. Both Fujitsu (BaaS) and LMT (IDasS) are built on the IWS biometric Engine. Both of these companies have a long experience in biometrics and when it came to developing their own products they picked IWS. If an enterprise comes to either Fujitsu or LMT for cloud based biometrics they are going to run on IWS. We have also seen reports that the home-made Wells Fargo app will run on their server not match-on-device. Industry analysts like Acuity and Goode are supporting the logic of match-in-cloud. IWS CTO Dave Harding was on a recent panel with a bunch of FIDO guys arguing that not all use cases are equivalent, and that there is a place for match-in-cloud. I believe we will see this happen, and quite possibly even hybrid models, due to convenience, cost, and security. Take a look at the latest news from FireEye researchers that found a big hole in Android FP sensors (match-on-device) that can literally expose the users fingerprint image. IWS anonymous matching makes this a 5.3 sextillion puzzle to match up the pieces. I think IWS has something to sell, and are getting closer, but the exact timing still remains elusive.
"Don't we need a marketing and sales guy to accomplish all of this?"
Believe this issue may have been resolved with the appointment of a new VP Sales and Business Development. Stay tuned, we may hear something on this situation come Monday.
I suspect that the LMT biometrics team has a pretty good idea of where they want to take their IDHaystack product, but I have no idea on timing. Federal, state and local, as well as global are all possibilities. The John Mears presentation (h/t LT) from March this year shows the IWS Biometric Engine and GoCloudID built into their model, so they have been working on this for a while.
GoVerifyID supports both Android and iOS.
However, I doubt it natively supports the referenced Quick Capture Platform which was developed some time ago, or the referenced Integrated Biometrics capture device (a usb plug-in) for slap and roll, or the referenced fingerprint compression algo. GVID is cloud based and Out of Band authentication.
This is an RFQ, so it will be some time before it becomes a real program, if ever.
My take on this kind of opportunity is pretty simple; if Lockheed Martin is interested and wants to bid something with GVID, then support the hell out of it-- otherwise pass. These kind of opportunities don't come around often enough, or with the size necessary, to build a growth stock story around, for an IWS acting as an independent government contractor.
It got nuked.
It was a post from Ali Meshkati on his site ZenolyticsDOTcom.
He has been in and out of IWSY and is back in. His rational includes some good comments regarding the software testing cycle that are worth a read. Probably best to just go to the site, if someone can post it please do. Thanks.
A funnier thing is, Fujitsu has a major initiative to develop and sell cloud based services; including platform, infrastructure, and software as a service, as well as Identity-as-a-service through their biometrics partner IWS, not AWRE. All AWRE can do, as a wannabe defense contractor, is chase sub-contract jobs. When AWRE is integrated on that Fujitsu Trusted Public S5 Cloud, or the LMT IDHaystack or some equivalent, come on back. What is their plan to pivot into commercial markets? What is their plan to develop government markets? When do they plan on getting around to figuring this out? The mobile world is moving pretty fast, what is the AWRE answer to GoVerifyID? or DAON's IdentityX? AWRE doesn't even appear to be in the discussion at this point.
ICYMI, Fujitsu and LMT are basically doing exactly the same thing-- using IWS as the engine to market multi-biometrics in their respective markets-- as a cloud based service-- meaning IWS has now been able to leverage their core product across both commercial and government ICT markets. IWS has developed and tested the software to make this possible. Three major ICT's have selected IWS as partner, that 's probably not a coincidence, but if you want to think it is that's OK by me.
The learning experience I reference has nothing to do with TTM revenue, it has to do with testing in the real world with real partners, and real customers which is on-going right now. Where is AWRE in any of this? The dilution is already in the price, and fully diluted shares should reflect this. If IWS needs more money (and they might) they will be able to raise it. Yes dilution sucks, but so do most mergers, see L-1 Identity Solutions if you have any questions. Good luck with your pick, I'm not interested.
sandeep- To me, AWRE is a black box inside of a riddle. They have not built a significant partner network nor have they clearly articulated an alternative go-to-market strategy, so I have no idea of what, if anything they might be up to.
How much of their revenue is 1) Commercial biometrics, and 2) how much of that is mobile?
As far as government revenue is concerned I wouldn't trade the declining AWRE government revenue base for a three year deal with Lockheed Martin if you threw in Bio-Key (lol). The LMT business Unit that does IT, Cloud and Biometrics is a $6 billion dollar business with 17,000 employees stand-alone. They are the Prime contractor for the FBI's massive billion dollar Next Generation ID program. As System Integrator, they are aware of every biometric player in the global market. They are one of the largest government IT contractors and are FED-Ramp accredited which means they are certified to sell into the government cloud marketplace. They picked IWS, not AWRE. So did Fujitsu.
Just because someone writes up a white paper and puts it on a web site doesn't mean you are really in that business. IWS has likely learned more from their real world experiences testing with T-Systems and Fujitsu, with real actual customers, for commercial applications of biometrics, than AWRE has yet to discover issues.
For all its' faults and past failures, IWS has put together a global partnership network, that no one else has, that continues to build, and that can literally generate millions of subscribers, and IWS partners have the value of the IWS patents to protect their integrated offer. Although the timing remains TBD, IWS is years ahead of AWRE in building out it's partnership network, and validating, and testing its software. No thanks on the merger, but best of luck with AWRE, and GLTA.
So here's the deal. IWS gets paid when someone enrolls and subscribes to the service. The only metric that is going to matter is the number of subscribers, times the average subscription fee, plus the growth rate of enrollment. That's it-- everything else-- revenue, cash flow, profit, is an output derived from that model. It doesn't matter where the subscribers come from, it could be an employee of a retail chain in Mexico who needs access to the building, or a port worker in Kuwait who needs to get through the gate, or a software engineer in San Jose who wants to securely access his aggregated cloud based storage, or a participant in the German Health Care trial, or a Federal employee who needs access to a naval shipyard in Virginia, or a customer of a bank that uses TU ID Manager that wants to check his credit score or make a transaction. The business model sees all of this as the same thing, and it scales vertically, horizontally, and globally.
I am unaware of any biometric company that has put together a distributive partnership network that is both global in scope, and completely agnostic in device or algorithm selection-- which is a big plus for system integrators and enterprises as it avoids vendor lock-in and switching costs. The software is easy to integrate, scales to millions of transactions, and has been validated by legacy customers and now by multiple partners. Two of these partners are not like the others; Fujitsu and Lockheed Martin have deep knowledge of biometrics and they have selected IWS for their own programs. Lockheed didn't select the Daon Engine for their IDHaystack, or the M2SYS engine, or something from MorphoTrack, or 3MCogent, they picked IWS. No disrespect implied or intended for any other company here, but so far this is the case. These partnerships are the sales force, they take time to develop, but they are the force-multiplier that will either make or break this model. We just need enrollment to startup.
On SecuritySolutionsWatch In the Boardroom series. Worth a read:
SSW: "Please give us an overview of Extenua’s CLOUD2DRIVE and SILVERSHIELD solutions."
Steve Visconti: Extenua Inc., a pioneering developer of enterprise security software that simplifies the use and access of ubiquitous cloud storage. Extenua customers include IBM, Fujitsu, Boeing, Nokia, Sony, Toyota, Kaiser Permanente, US Bank and Motorola as well as government institutions, security agencies, other Fortune-500 companies, and thousands of small and medium businesses.
SSW: " Please tell us more about this partnership…what’s the history? Any particular achievements in working with Imageware thus far that you would like to talk about?
Steve Visconti: Applying superior encryption techniques along with multi-modal biometric identity management features provides the most secure, unified enterprise platform without precedent. No matter the cloud service provider and scheme deployed—public, private, and hybrid—the security, flexibility and cost savings of cloud storage more fully leverage enterprise data assets. Partnering with ImageWare allows Extenua to make advanced biometric authentication for cloud storage a reality. Combined, Cloud2Drive with ImageWare GoVerifyID™ revolutionizes secure cloud storage providing unmatched enhanced levels of security the enterprise is looking for. We can now deliver a robust and secure product incorporating ImageWare GoVerifyID™’s out-of-band biometric authentication with advanced fraud-prevention capabilities to organizations. In this current world of security breaches and significantly elevated hacker threats, this platform is purpose built to provide the much needed enterprise-grade security layers required for responsible and proactive governance and data protection. "
Can be constructive.
In the case of the projects in Germany, understand that the German national government is the end customer in both cases as the German government owns 100% of the stock of the Deutsche Bahn. That is why the new version can be released to both projects (The German Health Care Pilot, and the DB) at the same time. The NSA spying scandal reached the very top of the German government and paranoia runs deep throughout Europe that the big US software vendors may be a backdoor to NSA. The move by IWS to develop a Linux version cost them six months, but the end result may ironically be beneficial, at least in Europe, as I am unaware of anyone having a cloud based, multi-modal, vendor agnostic, biometric system running Linux. I hope they introduce this a new product version soon.
The DB project was further delayed because the customer, apparently concerned about spoofing, changed the requirements to include liveness detection, requiring IWS to replace the algorithm vendors and retest. On what planet is this the CEO's fault?
IWS is a (re) Startup, and startups run into these kind of issues all the time, how you handle them is how you define what you really are.
Then add the latest IWS technique which, in effect, programmatically adapts the modality to the situation :
CONDITIONAL AND SITUATIONAL BIOMETRIC AUTHENTICATION AND ENROLLMENT
Application number: 20140313007
Abstract: The present invention provides a system for conditionally selecting biometric modalities for biometric authentication at authentication run time. The inventive concept uses programmatic logic to identify which biometric modalities to use for authenticating a user. The software module for selecting biometric modalities includes, a plurality of rules or conditional logic for selecting one or more biometric modalities required to authenticate a user requesting a secure action.
Filed: April 16, 2014
Issued: October 23, 2014
Assignee: IMAGEWARE SYSTEMS, INC.
Inventor: David Harding