VeriProx / VeriFlex / V-PASS / V-Smart OPERATIONS MANUAL © Copyright 2002, Bioscrypt Inc. All rights reserved.
Notices The Veri-Series line of products has been tested for compliance with all applicable international standards. The resulting approvals are listed below, and are additionally printed on the labeling located on the rear panel of the product. The power supply offered by Bioscrypt is CE and CSA approved and UL listed.
V-Prox, A, H Information for Users The V-Prox, A, H includes a HID contact-less proximity reader. This device has the following characteristics: Transmit Frequency: Excite Frequency: 125 KHz 125 KHz Disclaimer The instructions in this document have been carefully checked for accuracy and are presumed to be reliable. Bioscrypt, Inc. and its writers assume no responsibility for inaccuracies and reserve the right to modify and revise this document without notice. It is always our goal at Bioscrypt, Inc.
Trademark Disclosures Bioscrypt has made every effort to provide disclosures when using trademarks owned by other companies. Trademarked designations appear throughout this publication. The publisher states that it is using the designations only for editorial purposes, and to the benefit of the trademark owner with no intent to infringe upon that trademark.
Bioscrypt Warranty Policy Bioscrypt, Inc. warrants its products to be free from defects caused by faulty materials or poor workmanship for a period of one year from date of shipment from Bioscrypt.
status of any product returned later than 30 days after the issuance of a return authorization will be subject to review. After Bioscrypt's examination, warranty or out-ofwarranty status will be determined. If, upon Bioscrypt's examination, a warranted defect exists, the product(s) will be repaired at no charge and shipped, prepaid, back to the buyer.
Table of Contents Notices ........................................................................................................................................................ 1 FCC Information to Users............................................................................................................................1 Warning to Users.........................................................................................................................................
Download from Unit to Smart Card ............................................................................................................ 41 Upload from PC to Unit ............................................................................................................................. 42 Upload from PC to Smart Card.................................................................................................................. 43 Broadcast PC Template ..............................................
World Wide Web Site ................................................................................................................................80 Appendix A – Quality and Content ....................................................................................................81 Section A.1 - Basic Biometric Concepts ...................................................................................................81 Biometric Definitions.............................................................
Notes 9 © Copyright 2002, Bioscrypt Inc. All rights reserved.
INTRODUCTION Introduction Bioscrypt, the leader in fingerprint identification and verification systems, presents the VeriProx Fingerprint Verification System. Technology by Bioscrypt has been applied in various unique applications including Access Security, Time and Attendance, Political Polling, Computer Logon, and other applications where an individual must be clearly identified as being solely responsible for specific actions.
TERMINOLOGY Terminology This document is intended for use with Bioscrypt’s Veri-Series products. This includes the VeriProx, VeriFlex, V-PASS, and V-Smart hardware products. Although differing in exact function, these 4 products share many common aspects. When this manual refers to the ‘VeriProx’, unless specifically stated otherwise, you can assume that the entire Veri-Series is being described. This document also refers to Bioscrypt’s MV1100 and MV1200.
A B O U T V E R I- S E R I E S P R O D U C T S About Veri-Series Products About the VeriProx Bioscrypt’s VeriProx combines patented fingerprint verification technology with an industry-standard proximity card reader in a mullion-mountable case. This ensures greater security for the card issuer and the card user. Requiring that the fingerprint of the person seeking entry matches the identity of the cardholder eliminates access via lost or stolen proximity cards.
A B O U T V E R I- S E R I E S P R O D U C T S fingerprint templates are different the smaller VeriProx and VeriFlex fingerprint templates. Please see Appendix C for further details. About the V-Smart Bioscrypt’s V-Smart provides all the capability of the Veriflex and includes an internal smart card reader. Fingerprint templates are securely stored on a smart card rather than the reader and carried by the employee or user. This allows for an unlimited population of users.
A B O U T V E R I- S E R I E S P R O D U C T S Veri-Series – Physical Layout Top LED Power On Light Ridge Lock Sensor Front LED (power on) Figure 1: Top View Locking Screw Bottom Aux Port Cover (closed) Figure 2: Bottom View RJ-11 Auxiliary Port Locking Screw Figure 3: Bottom Panel – closed Figure 4: Bottom Panel – open 14 © Copyright 2002, Bioscrypt Inc. All rights reserved.
Mounting Plate Part and Serial Number Tag Pigtail Connector Figure 5: Veri-Series Unit and Mounting Plate For additional information on installing and connecting your Veri-Series unit, please refer to the VeriProx Installation Manual. 15 © Copyright 2002, Bioscrypt Inc. All rights reserved.
CONCEPTS OF OPERATIONS Concepts of Operations The VeriProx The VeriProx integrates an industry-standard proximity card reader with Bioscrypt’s MV1100 fingerprint verification technology. A typical operation is described below. • A user waves the proximity card near the front of the VeriProx. • The ID number is read from the internal proximity card reader. • The ID is transferred to the MV1100. o If the ID is invalid, the LED on the top of the VeriProx will glow red.
CONCEPTS OF OPERATIONS The VeriProx can be used as a stand-alone reader or multiple units can be configured on an RS-485 network. The manner in which you choose to install the VeriProx will determine which communications settings are most convenient for your configuration. Certain administrative functions are common to any installation. You must have a way to “enroll” users into the system, that is, you must be able to associate their fingerprint data with a specific proximity card ID number.
CONCEPTS OF OPERATIONS The VeriFlex The VeriFlex is similar to the VeriProx except that an external Wiegand device is used. A typical operation is described below. • A user initiates the action with the external Wiegand device. • The ID number is read from the external reader. • The ID is transferred to the MV1100 inside the VeriFlex. o If the ID is invalid, the LED on the top of the VeriFlex will glow red.
CONCEPTS OF OPERATIONS The VeriFlex can be used as a stand-alone reader (with external Wiegand reader) or multiple units can be configured on an RS-485 network. The manner in which you choose to install the VeriFlex will determine which communications settings are most convenient for your configuration. Certain administrative functions are common to any installation.
CONCEPTS OF OPERATIONS The V-PASS The V-PASS is similar to the VeriProx and VeriFlex, but no Wiegand input device is required. The V-PASS will automatically detect when a finger is placed on the sensor, compare that fingerprint with all currently enrolled fingerprint templates and determine if there is a match. A typical operation is described below. • The V-PASS top LED is yellow to indicate it is ready for a finger. • A user initiates the action by placing their finger on the fingerprint sensor.
CONCEPTS OF OPERATIONS The Proximity Card n-01234 Site Number Designator Card Number Prox Card Figure 6: Veri-Series Card There are three types of proximity cards split into two basic categories: • User Cards • Enroll Command Cards • Delete Command Cards User Cards The VeriProx / VeriFlex can be programmed to use a given card ID number as a standard “user card”. The majority of your cards will be of this type.
CONCEPTS OF OPERATIONS Basic System Administration Enrollment New users are entered into the system through the process of “enrollment”. This procedure scans the users fingerprint and produces a fingerprint template, a collection of data that is stored in memory on the Veri-Series product.
CONCEPTS OF OPERATIONS Multiple Readers If your installation includes multiple Veri-Series readers that are used by a common population of users, you will need to distribute the fingerprint template of each user to all the readers. Note: It is recommended that you designate one Bioscrypt Unit as the “administration reader” and enroll all new users on this unit. After a new user is enrolled on the administration unit, the template can be copied to the other readers.
CONCEPTS OF OPERATIONS Template ID and index will remain the same. Please use the VeriAdmin Management Software to modify Template ID numbers. Lights The LED on top of the unit can illuminate in different colors and patterns. Figure 9: Top LED Steady Amber the unit is requesting that a finger be placed on the sensor. This may be for verification or for enrollment. The user may remove the finger when the light goes out.
V E R IADMIN M ANAGEMENT S O F T W A R E VeriAdmin Management Software The VeriAdmin Management Software is designed to run on Windows-based PC platforms and communicate with Bioscrypt’s MV1100 and MV1200 based fingerprint recognition devices. Although oriented more towards the Veri-Series products, the application works well with any MV1100/MV1200-based device. In this documentation, the terms “unit” and “reader” are used as a generic term to refer to any MV1100/MV1200-based device.
CONCEPTS OF OPERATION Concepts of Operation Transmit ID On the tool bar of the Administration Software, there is a drop-down list titled Transmit ID (see Figure 10 below). The ID number that appears in the field is the reader with which the software currently is communicating. For this reason, each reader must be assigned a Network ID, even if your installation consists of a single unit (the default setting is 0).
CONCEPTS OF OPERATION As usual, the serial ports on the host PC are designated as COM1, COM2, etc. You may connect up to 31 Veri-Series readers to each COM line (using RS-485). You must provide the Administration Software with the information as to which Network ID has been assigned to which COM line. This information is stored in an initialization file that is read by the software on application startup. The file is labeled “UNITIDS.DAT” and is located at the following path: \UNITIDS.
CONCEPTS OF OPERATION Installing the Software To install the software, run the setup.exe file on the VeriAdmin Management CD. You may accept the default path or choose an alternate directory in which to install the software. The default path is: C:\Program Files\BioID\VeriAdmin Like most Windows based installations, you will step through a number of windows (approximately 5) that will request basic installation information, such as, file name and directory location.
CONCEPTS OF OPERATION Setting up the ID File Once you have installed the software on your PC, you will need to set up a communications port ID file. The software will use the information in this file to communicate with the VeriSeries reader(s) connected to the Host Port. You can create and edit the file using the any standard Text Editor program provided with Microsoft Windows. Access the file, UNITIDS.DAT located in the Install Directory. The default path is: C:\Program Files\BioID\VeriProx\UNITIDS.
CONCEPTS OF OPERATION The default UNITIDS.DAT file looks like this: COM#: 1 UNITIDS: 0 1 2 3 4 5 6 7 8 9 % Thus the software will initialize expecting to find 10 readers on the host port with assigned ID numbers of “0” through “9”. There should be no communication problems if there are other readers on the network as long as each reader is configured correctly and with a unique ID number. Communication Settings file There is a second initialization file that is used by the Administrative Software.
CONCEPTS OF OPERATION Setting up a Network As described above, when setting up a network you will need to assign unique ID numbers to each Veri-Series reader and confirm the communication settings. The easiest way to do this is to cycle through each reader, setting the parameters by plugging into the Aux port. When using the Aux port you can set the transmit ID to –1 (broadcast). Since you are plugged into only one reader, you are assured that no other Veri-Series units will be responding to your commands.
CONCEPTS OF OPERATION 12 Select the appropriate baud rate from the Host Port Baud Rate drop down list (9600 is recommended). Keep in mind that you are currently talking over the AUX port, but you are changing the Host Port settings that will be used when you connect to the unit through the Host Port wires on the back of the unit. 13 Set the Host Port Protocol to RS-485 if you will be using a networked environment. Alternatively you may choose RS-232 if you will not be networking the VeriProx.
CONCEPTS OF OPERATION Icons, Commands and Drop Downs Figure 122: VeriAdmin Toolbar Once you have the software installed and running, you will be able to access the features mentioned above either through the icons on the toolbar or through the command menus.
CONCEPTS OF OPERATION Unit Parameters (page 51) Icon Command Path Configure > Unit Parameters Broadcast Parameters (page 61) Icon Command Path Configure > Broadcast Parameters Network Status (page 62) Icon Command Path File > Network Status Advanced Enrollment (page 64) Icon Command Path Configure > Advanced Enrollment Quick Enrollment (page 38) Icon Command Path Configure > Quick Enrollment Transmit ID Drop Down The Transmit ID number refers to the IDs given to individual Veri-Series units.
CONCEPTS OF OPERATION Current Communication Settings The current Network ID and COMM Port are displayed here. These values will update as different communication and different settings are used throughout the VeriAdmin Management Software. 35 © Copyright 2002, Bioscrypt Inc. All rights reserved.
TEMPLATE M ANAGER Template Manager The Template Manager allows you to: • • • • • • • • Edit Templates Enroll Templates Delete Templates Verify Templates Transfer templates to and from a PC, from one unit to another, or to a Smart Card Edit Templates Stored on the PC Verify Templates Stored on the PC Broadcast a Template from the PC to ALL units identified in the UNITIDS.DAT file Click this button to update the window. Click this button to VERIFY a template stored on the PC.
TEMPLATE M ANAGER Edit Templates To edit a template, select the appropriate ID number(s) in the Templates window and click the Edit button. Alternatively, you make double-click on the ID number in the window and an Edit box will open. Note: While you can use the Shift and Ctrl keys to select multiple templates, realize that a separate window will open for each template you select. A window like the one below will open.
TEMPLATE M ANAGER QUICK Enrollment When you select the Quick Enroll button on the Template Manager window, the following window will appear: A visualization of the fingerprint IMAGE will appear here if the option is checked A visualization of the fingerprint TEMPLATE will appear here Info and directions will appear here Figure 13: Quick Enrollment Screen The process to enroll a new template is as follows: 1 In the Template ID Number field, type the desired ID number (for VeriProx, VeriFlex, and reader
TEMPLATE M ANAGER 2 Click the Enroll button. The light on the VeriProx will glow amber requesting the enrollee to place a finger on the sensor. Nestle the Ridgelock into the first joint line on the finger. The finger may be removed when the amber light goes out and VeriAdmin instructs you to remove the finger. 3 The light will glow green and the unit will beep once to acknowledge that the fingerprint has been captured.
TEMPLATE M ANAGER sure to confirm that you have selected the correct ones the first time. Verify Template Use this option to initiate a VERIFY function on the unit identified by the Current Unit specified by the current communication settings.
TEMPLATE M ANAGER transfer. 2 Click the From Unità PC button. 3 When the screen in Figure 16 appears, confirm the download path and directory; make any applicable changes. 4 Click the OK button. When completed the files will be loaded in the designated directory on your PC. Note: If you are in a networked environment, you only need to download from one unit since the template should be the same on all units.
TEMPLATE M ANAGER If successful, the following message will be displayed: Figure 17c: Download Template(s) to Smart Card Upload from PC to Unit You can transfer templates from your PC to any unit. When you click the From PCàUnit button, a window like the one below will open: Figure 14: Upload Template(s) to Unit 1 Click the From PCàUnit button. 2 Use the window to browse for the correct directory. 3 Select the appropriate template(s). 4 Click the Open button.
TEMPLATE M ANAGER Upload from PC to Smart Card The operation is similar to uploading from the unit and will require the current Site Key after selecting the desired template(s) from the PC. 43 © Copyright 2002, Bioscrypt Inc. All rights reserved.
TEMPLATE M ANAGER Transfer from Unit to Unit Use this option when you are in a networked environment. These are the Network IDs for the BII readers according to the UNITSIDS.DAT file. Figure 15: Transfer Templates from Unit to Unit To transfer templates between units, 1 In the Template Manager window, select the template(s) you wish to transfer. 2 Click the Unit to Unit button. 3 When the screen in Figure 15 appears, highlight the IDs of the units to which you wish to transfer the templates.
TEMPLATE M ANAGER 3. The template will be transferred using the ID of –1 on each defined Communication Port. If the VERIFY BROADCAST is selected, the VeriAdmin software will attempt to verify that steps 2 and 3 where completed successfully. After step 2, each unit will be polled to determine if each template was removed correctly. If the template was NOT removed, another DELETE attempt will be made. After step 3, each unit will be polled to confirm that the template now exists on the each unit.
TEMPLATE M ANAGER Edit PC Template To edit a PC template, click the Edit PC Template button. A standard Windows File Selection window will open to allow the user to choose the template file to edit. Use the TYPE dropdown box to select between displaying VeriProx / VeriFlex / VSmart templates (Verification Templates) and V-PASS templates (Searching Templates).
COMMAND CARD M ANAGER (V E R IPROX / V E R IFLEX) Command Card Manager (VeriProx / VeriFlex) Command Cards allow administrators to add and remove user IDs directly from the VeriProx or VeriFlex units without having to access the software. These can be useful for creating and removing temporary visitor’s badges or administering the system when your PC is down or unavailable.
COMMAND CARD M ANAGER (V E R IPROX / V E R IFLEX) Removing Command Cards To remove a command card, highlight the ID number in either the Enroll IDs or the Delete IDs window and click the Delete Entry button directly beneath the window. This will delete the template for all associated indices. Note: You will not receive a warning when you click the button, therefore, make sure that you have selected the correct ID.
COMMAND CARD M ANAGER (V E R IPROX / V E R IFLEX) Delete Command Card To delete a user: 1 Wave the Delete Command Card near the front of the VeriProx / VeriFlex unit. The light will glow amber directing the Administrator to place his/her finger on the unit. 2 If the Administrator is authorized to use the Command Card, the light will glow green and the unit will beep. Continue with the next step. If not, the light will glow red. Return to Step 1 or stop.
COMMUNICATION S ETTINGS Communication Settings From the Communication Settings dialog, you can modify the Transmit ID, the PC Comm Port, and the Communication Baud rate. Figure 18: Communication Port Settings Click the Modify button to change the displayed settings. Same as the Net Status button on the Toolbar Click if you’re uncertain of the baud rate Figure 19: Modify Communications Settings Note: Change only one setting at a time and be sure to test the change before clicking the Accept button.
UNIT PARAMETER S ETTINGS Unit Parameter Settings The Unit Parameter Settings window aids the Administrator in the following: • Assigning a Network Identification Number to a unit • Setting a Global Security Threshold for a unit • Enabling/Disabling Wiegand Formats, Out Failure code, and Site codes • Modify the Host and Aux Port baud rates • Change the Host Protocol • View the current statuses and settings of the various ports • Performing a Quick COMM test that will flash the top LED and beep
UNIT PARAMETER S ETTINGS Current statuses and settings Figure 20: VeriProx Parameter Settings Note: Changes made to Unit ID and Host Baud Rate will also change the Current Transmit ID and Current PC Baud rate so that communications is still possible with the unit. 52 © Copyright 2002, Bioscrypt Inc. All rights reserved.
UNIT PARAMETER S ETTINGS Network Identification Number In a networked environment, a unique number must be assigned to each unit before adding that unit to the network (The default setting from the factory is “0”). If two or more units have the same Network ID on the same COMM Port, data collisions will cause poor communication on that COMM Line (See “Concepts of Operations” section). Setting the Number 1 In the Assign Unit Network ID field, type the new Network ID number. 2 Click the Set button.
UNIT PARAMETER S ETTINGS MV1200 VeriSeries Port MODE In the MV1200 based versions of the VeriSeries products, certain combinations of ports and protocols are not allowed. To simplify this, each available mode is listed in a dropdown. This will only be enabled if the unit is a MV1200 based unit. 1 In the MV1200 VeriSeries Port MODE section, select the appropriate mode from the drop down list. 2 Click the Set button. If the display in the lower right corner does not update, close and reopen the window.
UNIT PARAMETER S ETTINGS Quick COMM Test The button will perform a quick COMM TEST with the device identified by the displayed Current COMM settings. The test will flash the LED each color then sound the buzzer. Biometric Verification This option allows the user to turn biometric verification on and off. Check or uncheck this option and press the SET button. Unchecking the box will cause the unit to bypass the core fingerprint authentication (i.e.
UNIT PARAMETER S ETTINGS The string is numeric and ranges from 0 to 255. If the box is unchecked the site code read from the proximity card will be passed through in the Wiegand out string. On Fail Send Inverse Parity When you check the On Fail Send Inverse Parity box, a failed verify will result in the Wiegand string being sent on the Wiegand out lines with inversed parity to indicate the failure.
UNIT PARAMETER S ETTINGS of a PASS-THRU format. In order to use this ability, the following information is required: • Total number of Wiegand bits in Wiegand String (maximum = 64 bits) • Start Bit of the ID FIELD (where first bit is bit 0) • Number of bits in the ID FIELD (must be contiguous bits) Using these 3 pieces of information, when a card is presented to the BII_Unit, it will attempt to decode the ID FIELD and use that information as the TEMPLATE ID number.
