realtime North America


	Education
	- Fraud Mitigation
	- Password Fishing
	- Technology Movies
	Press
	- Press Releases
	- realtime Articles
	- Press Kits
	Events
	Jobs
	- Job Offers
	- Application Form
	Online Demo
	Contact
	aa


	Sitemap
	Copyright

bioLock Flyer (pdf)
20 Ways to get a Passwords (pdf)

Keeping Honest People Honest in the SAP System since 2001

Most fraud is committed by previously honest people that get into a desperate situation and are tempted by an "unsecured opportunity". SAP User Profiles and critical functions within the SAP System are protected by insecure passwords. It is an "open invitation" to commit Fraud! It is the responsibility of every company to keep honest people honest - especially during these difficult financial times.

bioLock offers 5 Level Security for your SAP System

bioLock can offer you multi-level protection of critical functions within SAP
independent from your SAP User Profiles and their authorization roles.
Learn, how bioLock will help to maintain the integrity of SAP Data (pdf)

Scroll down to learn more

.

The business Challenge:
Users share passwords and SAP User Profiles!
This allows unauthorized access to critical functions!

A company controls the permissions and access to different transactions and functions within SAP with the SAP User Profile.

Different permissions are assigned via business roles to individual SAP User Profiles that are issued to the actual users.

The user is now assigned a password to access his/her user profile which controls the access to individual areas and functions within SAP. Unfortunately, there is no way to ensure that only "Joe" can issue an International wire transfer because only "Joe's" SAP User ID has the roles assigned.

Anybody that can get access to "Joe's" password can access and execute actions that were only meant for "Joe". With over 20 ways to get "Joe's" password at any time it is easy for any intruder to get access to critical data and cause multi million dollar damages.

SAP User profiles
don't reveal the Identity
of the Actual User

Would your security guard STOP this guy walking through the main entrance?

Very Likely YES!

Even this guy identifies himself as “SAP 1” on his space suit...

Without using biometrics we can only identify “Space Suits” with names on them (SAP User Profile Names) walking around in the most critical part of our organization – the SAP System.

We have NO WAY of identifying who is using the suit (SAP User profile).

The bioLock Solution:

Innovative biometric technology identifies and authorizes the actual user

Our bioLock software is installed in your SAP application via transports.

The business team decides which transactions, field, buttons or values are considered critical for their company and a biometric door lock is implemented into this function.

Now, our bioLock software controls which actual user has access to specific critical functions based on their biometric credentials - this control is completely independent from the SAP User Profile.

Only invited users have access to critical functions and all others will be rejected.

As a result, you only need to protect your Power Users not all named SAP users with bioLock.

At most companies, security guards will check ID's before they let people into the building. They compare the image on the ID (biometric template) with the face of the actual user.

Only after a positive biometric verification during this "manual face recognition process" the security guard will grant access. At some companies, the process is repeated when accessing restricted areas.

The bioLock technology will allow you to check the ID of users when logging onto the SAP system and anywhere within the system.
For the first time, you have actual proof who did what and when in your SAP System or who tried to access critical data and was rejected!

bioLock checks the SAP
User ID to uniquely
identify the Actual User

5 Level Protection within the SAP application:

Level I - Logon Protection
Once the bioLock technology is installed via transports in the SAP System, the first step customers take is to protect the logon to the SAP User Profile for their critical Power Users. In addition to the logon and the password these selected Power Users have to put their finger on a biometric device to uniquely verify their identity, when logging on with their SAP User profile. For the first time, you can check their true identity and you can make sure that only "Joe" can log in with "Joe's" SAP User ID.

Level II - Transaction Protection
As a next step, you can protect any transactions on the transaction level. When a protected transaction, e.g., a purchase order transaction is executed, the user has to put their finger on the sensor again. bioLock will first check if it can identify the person. Then, it will check what SAP User Profile this person is logged in as and if the person is authorized to use this profile (for example, an administrator's or a superior's profile). Last, it will authorize or reject the request based on the biometric template.

Level III - Fields and Infotypes
bioLock allows you to protect fields or infotypes on the field level. One example, in HR hundreds of 3-digit Infotypes call an HR sub menu. Individual infotypes (for example 008 Basic Pay) can be protected individually. You can also protect buttons, for example, printing or executing a function and even checkmarks. When a check mark is checked or unchecked a biometric verification could be required.

Level IV - Field Values
It is possible to implement the biometric verification in combination with a predefined value. A good example would be a predefined amount for an outgoing wire transfer of $10,000. All users can issue wire transfers based on their SAP authorization without any biometric verification, but as soon as the entered amount exceeds $10,000 a biometric verification will be required. The system could be set up so that 10 users, based on their SAP user profile, can issue wire transfers, but only the department head can issue transfers exceeding the predefined amount - all others will be rejected based on the biometric template.

Level V - Two Signatures on a Check
With internal fraud on the rise and mandatory regulations demanding enhanced controls, it is becoming more important to have two individuals sign off on extremely critical tasks. At most companies, it has long been an established practice that two signatures are required for high value checks. bioLock brings this functionality to the SAP workflow. Any biometric door lock (all scenarios described above) can be protected either with a single biometric template or with a dual confirmation group. In this group there could be two or more templates, so two users would have to put their finger on the sensor to execute the protected task. The system could even be set up so that only one user could request the protected task and all others can only confirm the task.

Conclusion:

bioLock is the first and only certified biometric technology available for SAP. bioLock will allow a company to ensure that only the actual authorized user can use the assigned SAP User Profile. Furthermore, bioLock will protect individual functions in the system (in case the authorized user leaves without logging out of the system). Unauthorized users will always be rejected even when walking up to an open computer. Most importantly, bioLock will not only uniquely identify the actual user, but will also log in a log file, which actual user - uniquely identified via biometrics - has actually executed a task or was rejected trying to execute a task without being authorized. The log file will give the business managers and auditors the ultimate knowledge and control about what is going on in their SAP System. Please check out this document to understand this simple security concept in an easy comparison and learn, how bioLock will help maintaining the integrity of your SAP data (pdf).

Contact us to share your specific business challenges
and learn how our biolock can solve them

info@realtimenorthamerica.com

© realtime North America Inc., Tampa/Florida. All Rights Reserved.

Sapphire 2010 Orlando
May. 16-19 at Dolphin Booth # 2815 (link)

Visit us at our partner, Dolphin Corporation

Dolphin at Admin/
Infrastructure 2010
in Orlando (link)

Visit realtime's partner Dolphin at the Dolphin Swan Hotel in Orlando - Booth 610

SAP Admin 2010:
Must see Security Presentation (link)

Thomas Langner:
What is Biometric Authentication -
and How Can it Enhance your Current SAP Security Strategy?
Friday, March 26
1:45 pm - 3:00 PM
Southern Hemisphere V

Dolphin at GRC/Finance/
HR 2010 in Orlando (link)

Visit realtime's partner Dolphin at the Dolphin Swan Hotel in Orlando - Booth 545

NBC/Channel 8 News:
Crime Tracker (link)

News Anchor Krista Klaus visits realtime to discuss the danger of using passwords

Tamba Bay News:
Tampa Bay Online reports about realtime and passwods (link)

Article about realtime including an interview with Director of Security for Space Florida

Press Release:
Purdue Pharma - Zvetco - realtime (PDF)

Purdue Pharma installs bioLock to secure critical financial applications

TechEd 2009 Phoenix
Oct. 13-16 Session ID # SIM206 (link)

bioLock Presentation: Enhance SAP Security with biometric Authentication

Biometric Consortium Conference 2009 Tampa
Sep. 22-24 with Partner Zvetco Biometrics (link)

Visit us with our partner Zvetco at Booth 502 to see a bioLock demo

ASUG Houston
Aug. 20th at Houston Baptist University (link)

Presentations with partner TK Consultants

ASUG 2009 Brazil
Aug. 8, Room Ilhuca (link)

Presentations with partner Opensis

Sapphire 2009 Orlando
May. 11-14 at Dolphin Booth # 327 (link)

Visit us at our partner, Dolphin Corporation

GRC 2009 Las Vegas
Mar. 17-20 in Las Vegas Booth # 160 (link)

Visit realtime's booth for a chance to win a biometric mouse

SAP Info Article highlights bioLock!
Biometric Security for Financial Meltdown Solutions: (link)

The article highlights bioLock 10 times as a solution to secure SAP Financials