Fingerprint identification for extra network protection
By Katie Kuehner-Hebert
Sterling State Bank in Rochester, Minn., doesn’t normally rush to adopt every newfangled technology that pops up. But when it comes to ensuring the security of the bank’s computer systems, the $297 million-asset community bank decided to take no chances.
In 2004, Sterling State Bank was one of the first community banks in the country to adopt a biometric fingerprint technology security system to safeguard its computer systems. Employees have a dual authentication process to access the bank’s computer systems, explains Tom Winkels, the bank’s president and chief operating officer.
“We used to use just passwords, but I didn’t sleep well at night—we needed an additional layer of security for our system,” he says. “I like the fact that the second authentication had to be a fingerprint—a biometric key is additional security that is much more difficult to defeat.”
Scott Flom, Sterling State Bank’s network administrator, says the bank’s managers originally thought of using tokens as a second authentication measure for its computer system. Then they worried how employees might misplace the tokens at home or elsewhere, creating another possible security problem. The possibility of employees fumbling around to access the bank’s computer systems didn’t seem efficient either.
“But they always have their fingers within them,” Flom points out.
Sterling State Bank has been using the biometric fingerprint security system offered by DigitalPersona Inc. in Redwood City, Calif. Originally, the bank used separate fingerprint readers that were connected to employees’ keyboards via USB cables. Later it installed keyboards supplied by the vendor that had the fingerprint readers built into them.
The integration of the software and hardware and the implementation of subsequent upgrades have been “pretty seamless,” Flom says.
Now when Sterling State Bank’s employees turn on their computers and simultaneously hit “Control, Alt, Delete,” a command pops up for a fingerprint scan and a password. Additional authentication measures are used for certain employees to access either the bank’s network site or its core banking system, such as branch staff opening checking accounts for new customers.
To access the core system, employees enter yet another password. That second password is dictated by the bank’s core banking vendor, but Flom would someday like for such vendors to adopt biometric fingerprint security capability for their systems, too. “The main thing we’re doing is using biometrics to keep people off the network who don’t belong—it’s like we’re locking the front doors, but if someone needs to get into the safe, then they have another password,” he says.
“There’s always room for improvement with security, but it’s really not our choice about just having a single authentication to get into the core system—that was decided by our vendor.” Sterling State Bank’s managers are now considering purchasing the latest iPhones with biometric fingerprint authentication built into them. All of the bank’s executives—including its loan officers in the field—would be given the smartphones to replace their current cell phones to ensure the security of any data within those devices.
Sterling State Bank typically hasn’t adopted new technologies as soon as they become available. For example, the bank doesn’t yet have remote deposit capture via mobile banking. That’s because its managers want to see how other banks first deal with any initial bugs and security concerns, Winkels says.
But adding new security systems is an exception to the bank’s cautious approach to adopting new technology, because, as Winkels puts it, “we certainly want to err on having the best security we possibly can.”
“The last thing I want people to ask me is whether our system is secure enough,” he says.
Katie Kuehner-Hebert is a financial writer in Running Springs, Calif.