SAP checks if USER ID & Password combination is valid. No identification.

User requests Log-on, enters USER ID & Password, (not necessarily their own)!

Log-on Denied

Standard SAP® Log-on

© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.

No biometric authentication, identity management or accountability.Password Sharing not prevented, no fraud attempt alerts.

Whatever system capabilities are associated with the User ID, even SAP_ALL, are now available, even if the password was stolen.

SAP Security & Authorizations

Log-on Allowed

User requests Log-on from SSO Software

SSO prompts user for biometric scan

Access Allowed

Access Denied

Typical Biometric “Single Sign-On” Systems (SSO)

© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.

Normal Logon withSAP USER ID and Password

still possible, circumventing the

biometric SSO!

SAP USER ID and Password are retrieved by SSO, passed on to SAP.No biometric verification. No identification of user.

Fingerprint template extracted, compared with reference template in SSO

system - outside SAP

Reference templates

SAP Username

& Passwords

SSO

Password Sharing is

not prevented!

bioLock matches SAP USER ID and Password to user’s

biometric credentials

User requests SAP Log-on. User enters SAP USER ID and

Password.

bioLock prompts user for biometric scan

Biometric template extracted, encrypted,

compared with reference template in bioLock/SAP

Log-on Allowed

Log-on Denied

SAP dedicated name space: /realtime

How bioLock™ Log-on works

© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.

Reference templates

Activity logged

Email alert

Password Sharing is prevented, fraud attempts logged!

Summary

© 2013 realtime North America Inc., Tampa, FL. All Rights Reserved.

SAP and its logos are trademarks or registered trademarks of SAP AG in Germany and in other countries. All other trademarks mentioned herein

are the property of their respective owners.