The only SAPThe only SAP®®-certified fingerprint authentication, -certified fingerprint authentication,

identity and risk management for SAPidentity and risk management for SAP®® systems systems

Bulletproof SAP® security at your fingertips!

Executive Overview

© 2011 realtime North America Inc., Tampa, FL. All Rights Reserved.

Founded in 1986 by former SAP® managers

Certified software, services & special expertise partner

Specializing in governance, risk and compliance (GRC)

Serving many industry sectors including food,

pharmaceutical, chemical, automotive, aerospace,

defense, engineering, government and more

Flagship software product, certified by SAP® since 2002

is

Bulletproof SAP® security at your fingertips!

Who is realtime?

Selected realtime clients

3M, AIRBUS, Alcan, BASF IT Services B.V., Bayer,

Bayer CropScience, Brevard County Government,

California State University, Campbell's,

GlaxoSmithKline, Harman Kardon Music Group,

Krupp Bilstein, Linde, Loewe Opta, Marathon Oil, Océ

Document Technologies, Polk County School District,

Purdue Pharma, Siemens, ThyssenKrupp Michigan,

Toyota, United States Army…

Over 200 global clients served!

What were these users looking for?

was developed to provide these

benefits demanded by users:

Dramatically increase SAP® security capabilities

Manage user identities via indisputable biometrics

Control access to functions down to the field level

Enforce true Segregation of Duties (SoD)

Ensure meaningful compliance with:

Sarbanes-Oxley, HIPAA, ITAR and more

Is your system bulletproof?

Standard Version

+

Bulletproof Version Bulletproof Protection

Standard Protection

According to the ACFE’s 2010 Report to the Nations on

Occupational Fraud and Abuse , based on global data, organizations lose about 5% of annual revenue to fraud. Insider schemes can go undetected for years, frequently involve first-time offenders.

Ref: Association of Certified Fraud Examiners www.acfe.com

#1 Risk: Fraud is a growth industry

Risk of Financial Fraud?

HIPAA Compliance?

Sarbanes-Oxley (Section 404)?

ITAR?

Industrial Espionage?

Other regulations?

Are you concerned about…

Decline in stock price?

How would an incident affect you?

Financial loss?

Negative publicity?

Lawsuits?

Loss of intellectual property?

“What you have”,e.g. CAC card, smart card:

3 types of security protection

“Who you are”,

e.g. fingerprint scan:

“What you know”,

i.e. password or PIN:

Biometric technology offers the highest

security

Fingerprint Scan = Maximum Security

Are you still relying on this?Are you still relying on this?

User password SAP® Software

Passwords are often written down, borrowed or stolen.

Provide “perimeter” security but no additional layers!

Traditional SAP® log-on process uses passwords

How to Bulletproof your system:How to Bulletproof your system:

Upgrade SAP® user profiles with fingerprint scans

Users are prompted as shown when performing critical functions

Fingerprint scans prove conclusively who users are - while protecting their privacy!

SAP® SoftwareEncrypted scanUser’s fingerprint

X

What devices can verify user identity?What devices can verify user identity?

Plus one of these… (optional)

+

Potential Future Development

bioLock is compatible with over 80 laptops (with built-in fingerprint sensor) and over 50 independent devices like mice, keyboards, or PCMCIA Cards.

is hardware independentis hardware independent

Cherry ID Mouse

Convenient Touch Sensor

bioLock ID Mouse

Powered by Secugen

Leading Laptops

23% have Swipe Sensors

Secugen Hamster

FIPS 201 Compliant

UPEK Eikon

Low-cost Device Cherry Keyboard

Smart Card Option

Zvetco P5000

High End Device

SAP® log-on & system access withlog-on & system access with

Logon authorized

Logon blocked

Logon bioLock checks authentication rules

bioLockuser/

function

bioLock prompts you for fingerprint

Fingerprint comparison with table

bioLocktemplates

bioLock identifies unique points (minutiae) within a fingerprint and creates an encrypted, digital template

– no images of fingerprints are ever stored!

Note:

Perimeter Security - Level I

Transactions – Level II

Fields - Level III

bioLock can control all 5 Levels

using fingerprint scans!

Bulletproof security requires 5 LevelsBulletproof security requires 5 Levels

Financial Limits – Level IV

Dual Approval – Level V

Log-on to a Profile (e.g. Admin)

Transactions (e.g. HR / PO / Finance)

Infotypes (e.g. 008/167 etc.)

Buttons (e.g. Print / Export / Execute)

Display (e.g. Balance Sheet)

Execute (e.g. prevent execution of anything…)

Tables within SE16/SE16NPrograms within SE38Values (e.g. wire transfer over a certain amount)

Screens (e.g. export control / ITAR )

Dual AuthenticationMask Fields (e.g. make data invisible)

Example – Masking Field Data:

Multiple Control Points per UserMultiple Control Points per User

Unaffected by SAP® versions or upgrades

Existing SAP® passwords and authorizations are unchanged

Compatible with all SAP® versions from 4.x onward

Profiles are 100% customizable on a user-by-user basis

Roll-out timetable is entirely controlled by you.

You decide what aspect of your system needs to be protected and how stringently!

- Seamless Integration

Bulletproof bioLock Security

User selects the transaction “ME21N” to create a purchase order

NOTE: This could be virtually any R/3 transaction such as SE16 or SE38

User is prompted for a fingerprint scan to

complete the activity (Security Level II)

Example – what a user sees…

Log FileEnhanced activity logging

Sorted by error / threat category

Audit trail is greatly enhanced Example: Unauthorized attempt to log on with another user’s Password

SAP USER profile…

…and the REAL USER as identified by fingerprint

Sample Success Stories - Sample Success Stories - Achieve compliance with HIPAA by protecting private employee / HR information

Ensure proper approvals for purchasing by automating workflow with external browser access for senior executives

International bank prevents fraud with dual authentication and strong financial controls, masking data from unauthorized viewing

School Board prevents payroll and personal expense fraud which went undetected for years

European power plant protects all purchase orders and workflow for several thousand users

Benefits of Benefits of Installation and configuration of bioLock is very rapid.

Training requirements are minimal.

Impact on users and IT support staff is low, both during installation and in use. Only “power users” are involved.

Ongoing compatibility with different SAP® versions is assured.

In a very short time, you can start enjoying benefits such as:1. Dramatically increased SAP® security capabilities2. Manage users’ identities via indisputable biometrics3. Control access to functions down to the field level4. Enforce true Segregation of Duties (SoD)5. Attain meaningful compliance with SOX, HIPAA & ITAR

A starter package could cost less than a single fraud incident.

realtime North America, Inc.WORLD TRADE CENTER

1101 Channelside Drive, Tampa, FL 33602T: 813-283-0070 F: 813-283-0071 Email: info@biolock.us

Web: www.bioLock.us

Martin LumDirector of Business Development, Northeast

813-310-7007

Please contact us for a demonstration Please contact us for a demonstration or pilot installation:or pilot installation:

1-877-bioLock info@biolock.us