KIT Finance, JSC (Indeed-Id Enterprise SSO)

The IT expert of KIT Finance investment bank participated in a meeting of the St. Petersburg club of Chief information officers of SPb CIO Club in May, 2014. Alexey Ivanov, the head of department of information security and control of Cybersecurity Department KIT Finance, provided to colleagues a successful case on implementation and use of the strengthened system of identification of users of Indeed-ID ESSO on the basis of biometric technologies.

"The problem of password protection is particularly acute for most the companies – irrespective of the industry in which they work. If business develops, to it always is what to protect, however as to make it, not everyone knows. Technologies develop quickly, and swindlers try not to lag behind progress therefore it is necessary to approach the choice of a system of protection responsibly, weighing many pros and cons, – Alexey Ivanov, the head of department of information security and control of Cybersecurity Department KIT Finance explains. – Our experience of creation of the Enterprise Single Sign-On system seemed to us successful, and we decided to tell about it. We hope that information on this project will help other companies to make a right choice: it is always better to study on others experience, than make mistakes".

Alexey Ivanov at a meeting of SPb CIO Club told about how the KIT Finance Bank changed approach to the password authentication scheme, without refusing passwords. As the basic solution the Indeed-ID ESSO system with authentication on a fingerprint was selected. Within the presentation it was told both about project deliverables, and about some nuances which it was necessary to face during implementation and operation of a system.

In particular, Alexey Ivanov noted need of significant initial investments: the cost of the high-quality scanner of a fingerprint with protection against models and the low level of the errors FAR/FRR at the moment is about $100, besides on a case of a hardware failure it is necessary to have a small stock of scanners. One more complexity was the fact that about 30% of the business systems used in the company demanded adaptation to a new solution. Fortunately, similar adaptation did not require involvement of programmers and was in most cases executed by IT employees of the bank.