Digitally protecting access to rights and privileges

Crucial to accessing buildings and protecting consumer data across a smart, hyper-connected city, digital ID ensures connected systems secure access to rights and privileges. Are current methods cyber-resilient enough?


Smart cities are not just a distant vision for future-living – thanks to innovative IoT driven solutions such as public transport services and remote activated heating systems – they are fast becoming an imminent reality. As this form of technology continues to advance, the growth of smart services and products will influence all areas of urban life.

While projects to increase connected infrastructures in urban areas have risen in the past few years, fully smart cities are beginning to be built from the ground up. In 2019, Sidewalk, a division of Google, received government approval to move forward with its plan for a £1.3 billion smart city infrastructure in Toronto. Though currently on hold due to the pandemic, the scheme aims to build one of the most advanced hyperconnected cities in the world, where everything in the urban area cannot only connect, but also interact with its people. In this smart city, pavements will be heated via sensors and a network of underground tunnels will allow automated robots to deliver goods without clogging up roads. Thanks to rapid urban growth, 65 percent of the world population will be dwelling in cities by 2040, making this technology even more important to best manage the scale of our new cities.

Smart city life

One of the greatest benefits to residents of smart cities is the level of personalisation on offer, allowing users to tailor their experience of workspaces, homes or even city services. In smart workplaces for example, buildings can automatically register that you have logged in and set the facilities in your meeting room to your desired lighting style or temperature through a process called commercial building automation. Similarly, bike hire schemes can register your preferred route to work, and suggest ways to re-route and avoid the traffic if necessary. Smart workplace solutions are designed to improve productivity and make it easier for employees to work efficiently and comfortably – enabling businesses to focus on their customers. For many businesses, a smart workplace offers a number of advantages and is more than just ‘fancy gadgets’. However, to achieve this level of personalisation, connected systems need a way to identify each user and tailor everything to their preferences. With a biometric ID card, or city card with fingerprint authentication, users can authenticate themselves and connect to systems based on personal information. This means all technology in a smart city, from lighting choices to building temperatures, can be attuned to each identity allowing citizens to enjoy personalised city experiences.

Data networks

While smart cities can offer unprecedented levels of convenience to improve everyday lives, they are reliant on vast networks of data, including personal information to predict citizens’ preferences. This has led to concerns around the high levels of data used and stored by these smart systems, and the security that will be implemented to protect our data. In a smart city every interaction and every touchpoint become a potential source of data. In fact, this includes hardware, household goods, cars, cameras and smartphones. However, many devices and systems are not cyber-resilient, posing a threat to the safety and security of people’s data. Home assistants and other smart technology that have the power to monitor aspects of our everyday lives – gives huge companies access to lots of data, which is valuable even where that data is anonymized. However, they can be a serious threat to people’s privacy – consumers are handing valuable information over freely and often without realizing it.

While existing personal and unique identifiers, such as passwords and PINs are no longer secure enough to protect the systems, the security of personal data is going to be even more important in hyper-connected cities. Once a city becomes ‘smart’ the inter-connected networks widen, and the potential for cyberattacks or data breaches grows. So, as this trend continues, how can smart cities be developed that are both convenient and secure?  It is essential for providers of smart city networks to establish a chain of trust in their technology. This is a process common in cybersecurity, where each component in a network is validated by a secure root. In wide connected networks it is vital to protect sensitive data to drive user confidence in the whole system on both a personal and commercial basis. Biometric fingerprint authentication is the perfect technology to provide this level of protection, sitting right at the root of the chain of trust.

Enhanced security

As the world moves towards the city of the future following the pandemic, touch-free fingerprint authentication is being increasingly seen as a very necessary measure to protect both companies and individuals from the spread of viruses and any potential cybersecurity threats. With PINs increasingly recognized as insecure and PIN pads deemed ‘dirty’ since the spread of the pandemic, consumers are now worrying about their health as well as contactless banking fraud. To provide security while they are making a payment or using touch screen services, the answer is to make payments, access and ID touch-free as citizens move around a smart city.

Unlike PINs or passwords, fingerprint sensor technology has advanced to a point where shared databases are no longer needed. When using a fingerprint biometric smart ID card, the owner need only touch their finger to the sensor on their own card, avoiding public use access points. Importantly for security, on enrolment, the fingerprint would be immediately transformed into an abstract biometric template. The cardholder’s biometric data does not leave the card at any point. Cybersecurity protocols, such as the ‘zero trust model’, have a big role to play in securing both physical and logical premises in smart cities. Smart city leaders need to question the security of their technology, software solutions and systems. They must establish a ‘zero trust’ policy to confirm the stability and security of every identity and every device. By incorporating role-based access control via fingerprint biometric authentication, businesses can embrace the ‘zero trust model’ and ensure that sensitive information remains protected. In addition to enhanced levels of security, a smart ID or city card embedded with a fingerprint sensor will provide users with the ability to personalize systems and ensure that only the right people have access to specific information. When combined with contactless card technology, this creates a unifying device allowing users to access banking, retail and connected services all from one place.

For both businesses and consumers to benefit from smart cities, the correct balance of personalized services with a high level of touch-free authentication, security and privacy, will be essential. Only then, can the smart city of the future become a reality.

Idex Biometrics