Справочник Пользователя для IDEMIA Identity & Security France MPHAC001A
Section 5 : User Interface
2015_2000007248-V1 - Draft
This document and the information therein are the property of Morpho. They must not be
copied or communicated to a third party without the prior written authorization of Morpho
47
June 2015
Modes for controlling access rights
Introduction
The MorphoAccess® SIGMA Lite Series terminal offers several methods for controlling
access rights: it needs to be configured in one of the following four modes:
access rights: it needs to be configured in one of the following four modes:
Identification mode,
Authentication mode (requires a contactless smartcard reader in the terminal),
Multi-factor mode (requires a contactless smartcard reader in the terminal),
Proxy mode
Refer to MorphoAccess® SIGMA Lite Series Administration Guide for more
information on Access Control.
information on Access Control.
Identification mode
The Identification process of the MorphoAccess® SIGMA Lite Series terminal proceeds
by comparison of the biometric data of the finger placed on the biometric sensor,
with all the biometric data stored in the database.
by comparison of the biometric data of the finger placed on the biometric sensor,
with all the biometric data stored in the database.
It means that the biometric data of the allowed users must be stored in the internal
database before they can request the access on the terminal. This biometric data is
acquired either directly on the terminal (using the embedded webserver application
and the biometric sensor of the terminal), or on an enrolment system using a
biometric sensor compatible with the terminal (such as MorphoSmart™ sensors).
database before they can request the access on the terminal. This biometric data is
acquired either directly on the terminal (using the embedded webserver application
and the biometric sensor of the terminal), or on an enrolment system using a
biometric sensor compatible with the terminal (such as MorphoSmart™ sensors).
The access control by identification process is started when a finger is detected on
the biometric sensor
the biometric sensor
When the user requests the access, his identity is unknown, and it is the terminal that
searches for his identity. The terminal grants the access if a match is found (the user
is identified); otherwise the access is denied (the user remains unknown).
searches for his identity. The terminal grants the access if a match is found (the user
is identified); otherwise the access is denied (the user remains unknown).
For further information, please see the "Identification mode" section in the
MorphoAccess® SIGMA Lite Series Administration Guide.
MorphoAccess® SIGMA Lite Series Administration Guide.
Authentication (verification) mode
Unlike the "identification" mode, the user identity must be known in order to execute
the authentication process.
the authentication process.
Indeed, authentication is an identity verification process: the user provides his
identity and the terminal checks it with the relevant process.
identity and the terminal checks it with the relevant process.
This mode doesn’t compare the user’s data to the data of several users: it compares
the data provided by the user with the reference data provided by the same user
during enrollment phase. The data can be on a card presented to the terminal or in a
database and ID is provided by the user.
the data provided by the user with the reference data provided by the same user
during enrollment phase. The data can be on a card presented to the terminal or in a
database and ID is provided by the user.
Access is authorized if the terminal finds a correspondence.