SafeLive Corporation

1

• SafeLive Corporation
• New Richmond, WI

2
E-Mail Systems Today

• E-mail is vital to most businesses today
• It is a convenient medium for direct
  communications with one or many people
• The lack of e-mail security makes e-mail less
  useful than it should be
• Sensitive data should NEVER be sent via plain
  e-mail
• Lack of authentication
• No way to know for sure who sent a message
  (origination information can easily be forged)
• No way to know for sure who receives a message
• Lack of confidentiality
• Messages are usually not encrypted
• User names and passwords are often sent in plain
  text
• Accounts can be hijacked
• Internal security threats are greatest threat of
  all
• Abuse of e-mail
• Viruses, spy ware, and other malware are often
  spread via e-mail, perpetrators are rarely caught
• Spam need we say more?
• Very costly for businesses

3
Secure E-Mail Definition

• Authentication
• Identity of sender authenticated (receiver knows
  for sure who sent the e-mail)
• Identities of receivers are authenticated (sender
  is assured only recipients can read the e-mail)
• Confidentiality
• Contents of e-mail are encrypted en route and can
  only be decrypted by authorized receivers

4
Requirements for Secure E-Mail

• Strong authentication (beyond passwords)
• Strong encryption
• Easy to use, non-obtrusive
• Leverage existing e-mail infrastructure
• Easy to administer
• Cost effective (hardware and software)

5
Secure E-Mail Enabled by Biometric Technology

• Marriage of existing e-mail systems with
  biometric authentication
• Maturation of fingerprint biometric algorithms
  and software technology
• Availability of low-cost hardware
• Central administration
• Ubiquity of Internet access

6
Biometrics Overview

• Factors of Authentication

Something you HAVE
Something you KNOW
Something you ARE
Natural and Easy
PIN
Drivers License
Face
Magnetic Stripe
Password
Fingerprint
Voice
Photo ID
Challenge- Response
Holograph
Encryption
Smart Card
Digital Signature
Proximity Card
Iris
Handprint
Obtrusive and Difficult
Retina
DNA
Low Security Low Accuracy
High Security High Accuracy
7
Biometrics Overview

• Measurement of Life
• Using a unique physical characteristic to
  authenticate a persons identity
• Types
• Behavioral (Signature, Voice, Keystroke analysis)
• Biological (Fingerprint, Face, Hand Geometry,
  Iris, DNA)
• Matching two samples requires complex analysis
• Computers make this analysis feasible and accurate

8
Biometrics Overview

• Verification Comparing a biometric sample with
  a known enrollment and determining if they match
  (physical access, logical access, authentication
  of identity). Often called 11 matching. For
  the good guys.
• Identification Finding one or more matches of a
  sample within a large population (law
  enforcement, voter vetting, border control).
  Often called 1n matching. For the bad guys.
  Requires large databases, powerful hardware, and
  complex algorithms.
• False match When the system matches a sample
  with an enrollment that should not have matched
  (imposter). Should be very low (one in
  millions), especially for verification-based
  systems.
• False reject When the system does not match a
  sample with an enrollment that should have
  matched. Should be reasonably low to maximize
  usability. In identification systems, should be
  very low to catch imposters.

9
Secure Messaging

• Biometric Authentication (Sender and receivers)
• Encryption/Decryption
• Cybertext f (plaintext, key)
• Plaintext f (cybertext, key)

10
SafeLive SendItSecure Architecture
11
Architecture Components

• SafeLive SendItSecure Server Manages
  organizations, users, fingerprint enrollments,
  and message encryption keys. Authenticates
  message transactions.
• SafeLive SendItSecure Client Interfaces with
  fingerprint readers, Provides editing and viewing
  screens, setup screens, etc., Integrates with MS
  Outlook, Encrypts/decrypts messages.
• E-Mail Server Relays standard e-mails.

12
SendItSecure Features

• Easy to install and use (10 minute
  install/enroll)
• Integrates with Microsoft Outlook
• Strong encryption
• Fast, highly discriminating biometric algorithm
• Reader-independent (dozens of models supported)
• Message sender controls who can read a message
• Message receivers know the identity of sender
  (non-repudiation)
• No additional infrastructure to install
• Hosted service on hardened server with failover

13
More Features

• Messages never exist in unencrypted state
  (desktop to desktop security)
• Any e-mail client will work, even web-based
• If e-mail account is compromised, secured
  messages cannot be viewed
• Central administration and reports are accessed
  through a biometrically protected web site
• Can send to anyone (even those without a
  fingerprint reader) using secure message pickup
  feature
• Support for very large attachments (gt 2 GB)
• Application integration is available to add
  secure messaging to your application
• Supports most popular fingerprint readers

14
Applications

• Transmittal of sensitive company documents and
  messages
• Employees working from remote locations
  (telecommuting, travel)
• Communications with suppliers and partners
• Improved customer service

15
Implementing SafeLive SendItSecure

• SafeLive SendItSecure Server Hosted at DCS
  Netlink data center
• Client Simple setup program reader
• Enrollment Administrator pre-enrolls users.
  Users invoke SendItSecure client to submit
  fingerprint templates along with a unique
  registration code.

16
Pricing

• Price/user dependent on organization size (44
  to 80/user/year)
• Readers 30 to 90 (one time cost)
• Integration toolkit for your applications is
  available

17
Contact Information

• Dan Sanderson
• 715-246-5808
• dsanderson_at_livingsw.com
• www.SafeLive.com

18
Demo

• Compose and send secure message
• Receive secure message
• Enrollment
• Outlook Integration

19
Compose/Send Message
20
Compose/Send Message
21
Compose/Send Message
22
Receive Message
23
Receive Message
24
Receive Message
25
Enrollment
26
Enrollment
27
Enrollment
28
Enrollment
29
Outlook Integration