MorphoWave
TM
OEM
– Installation guide
Section 4 : First boot
2015_2000009096 V4
May 2017
This document and the information therein are the property of Morpho.
They must not be copied or communicated to a third party without the prior written authorization of Morpho
61
Modes for controlling access rights
Introduction
The MorphoWave
TM
OEM terminal offers several methods for controlling access rights:
it needs to be configured in one of the following four modes:
Identification mode,
Authentication mode with user ID,
Proxy mode
Refer to MorphoWave™ OEM Series Administration Guide and the MorphoWave
addendum for more information on Access Control.
Identification mode
The Identification process of the MorphoWave
TM
OEM terminal proceeds by
comparison of the biometric data of the finger placed on the biometric sensor, with all
the biometric data stored in the database.
It means that the biometric data of the allowed users must be stored in the internal
database before they can request the access on the terminal. This biometric data is
acquired either directly on the terminal (using the embedded), or on an enrolment
system using the same type of biometric sensor.
The access control by identification process is started when a finger is detected on the
biometric sensor
When the user requests the access, his identity is unknown, and it is the terminal that
searches for his identity. The terminal grants the access if a match is found (the user is
identified); otherwise the access is denied (the user remains unknown).
Authentication (verification) mode
Unlike the "identification" mode, the user identity must be known in order to execute
the authentication process.
Indeed, authentication is an identity verification process: the user provides his identity
and the terminal checks it with the relevant process.
This mode doesn’t compare the user’s data to the data of several users: it compares
the data provided by the user with the reference data provided by the same user during
enrollment phase. The data can be on a card presented to the terminal or in a database
and ID is provided by the user.
Access is authorized if the terminal finds a correspondence.