:::: MENU ::::

Buckeye Birthday Wishes from our cousin

Natalie came home today after lunch and picked up the mail and found this in the mailbox.

Happy Birthday

 

She called me on the phone and brought Jonathan back over to the office and handed me the envelope which had a birthday card to Jonathan and me from our cousin Jim Tressel… very cool! 

Happy Birthday


ACS Tech #Impact10 Child Check-in

While at ACS Technologies Ideas to Impact Conference I have the opportunity to participate on a panel of  peers talking about Child Security.  My primary contribution in this workshop is discussing Check-In Systems; how to evaluate and deploy check-in systems as well as use of biometrics and information security.

I have blogged in the past about checkpoint so here I have compiled a few of the previous posts that might be helpful.

ACS CheckPoint – Why Biometrics? – April 2010 
ACS CheckPoint -  Why Vein Scanning? – April 2010
ACS CheckPoint -  Installing M2sys Vein Scan Server & Configuring the Database – April 2010
ACS CheckPoint – Installing M2Sys BioPlugin Vein Scanning Client – April 2010
ACS CheckPoint – Configuring the M2sys Vein Scanning Client and ACS CheckPoint – May 2010
ACS CheckPoint – ACS Convention CheckPoint 201 – May 2009


ACS CheckPoint Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

This is the final post in a 5 part series of installing M2Sys Scanning and CheckPoint.

Part 1: Why Biometric?
Part 2: Why Vein Scanning?
Part 3: Installing M2sys Vein Scan Server & Configuring the Database
Part 4: Installing M2Sys BioPlugin Vein Scanning Client
Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

 

In the previous installation steps: evaluating the type of scanning and installing the server and client were documented.  Now final step of configuring the scanning client to connect to the database and work with ACS CheckPoint remains.

After you have confirmed that the server is operating correctly and you have connected the scanner and installed the driver you are ready to configure the client.

Workstation Configuration MUST be done by a user who has local admin rights, a user with less rights can make the changes but once the settings window is closed all changes are lost.

Since these workstations are public machines it is wise to make them as hardened as possible to prevent non-designed use of the workstation.

Configuring Client and Server Communications

The first step is accessing the settings portion of the application. 
This is done by clicking on the icon that looks like a finger print in the System Tray (near the clock). 

SysTray

 

The Finger Scan application will display and you have two options: Fingerprint Admin or Settings. 
Selecting Settings allows us to configure the client.  FingerPrint Admin will be used later to capture scans.

VeinScan0018

 

Next you are prompted for the Admin Password which by default is ‘Admin’

VeinScan0019

 

If you are running the server application on a separate machine from the workstation you need to change the Server Address from localhost to the IP address or the DNS name of the server. 
Note: DO NOT use the Fully Qualified Domain name, only enter the Server Name or the application will not connect.

While entering the server name choose how many scans the software will prompt you to capture.

Capturing two scans during registration allows the user to scan a finger on either hand.
Two fingers scanned is helpful for two reasons:

  • People forget which hand they registered, by capturing both hands this isn’t an issue
  • When you capture two fingers the user can try the second finger if the scan fails to lookup the individual.

VeinScan0021

 

Next Select the Notifications Tab

Below are the Default Values

VeinScan0022

 

Changing the value for how long to display the scan notification to a lower value than 5 has helped so when a person’s finger fails to scan for various reasons the right side of the screen doesn’t fill up with failed scan alerts during the check-in process.

VeinScan0023

 

Next choose the Security Tab

VeinScan0025

 

The default is to require a password for both Settings, Exiting the application and FingerPrint Admin

We elected to turn off requiring the password for FingerPrint (Vein Scan) admin for several reasons:

  • You can only set one password, and we didn’t want to give the password to change settings to volunteers.
  • It becomes very cumbersome for the volunteers to have to enter a password for registration admin.
  • Volunteers who have access to the workstations that can capture scans don’t really need restricted from accessing the scan admin.

VeinScan0026

 

Testing Client and Server Communications

At this time the client application has been configured and can be tested to confirm the client and server are communicating.

Open the BioPlugin application from the SysTray

SysTray

 

Select FingerPrint Administration

FingerPrintAdmin

 

Enter the Member ID for a test. 
Later once CheckPoint is configured the Member ID is the individual barcode assigned to each person in the database.

LaunchFPA

 

Enter the Value of the Member ID.
EnterID

 

Select the finger that you are scanning (the index fingers will be captured in the example below)
After selecting the finger “Click Here to Capture Finger Vein” and the application will go into capture mode.

Register

 

Once the scanner is in Capture mode, the following screen will display until the scanner has captured a vein scan.  The individual being scanned should lay the finger completely across the scanner and rest the finger on both the front and back ‘finger rests’ in the scanner.  After the scan is captured you will be returned to the previous window.

Capture

 

After the scan has been captured close the FingerPrint Administration window.
Launch Notepad and scan one of the fingers captured for the test.  If the system is working correctly notepad should display the value you used when register the test user on the first line and the cursor will move to the next line in the document.

Result

 

Configure BioPlugin and CheckPoint

After completing the test scan, re-launch the settings window and select Destination Window Tab.

VeinScan0027

 

Right Click on “My Test Keystroke Destination” and choose Rename.

VeinScan0028

 

Enter Destination Name ‘CheckPoint”
This is not telling BioPlugin where to send the scan, simply naming the destination you are going to define.

VeinScan0029

 

Next Change the Window Title from ‘Notepad’ to ‘Checkpoint’
Note: Window Title value is case sensitive

VeinScan0030

 

Next choose the Startup Tab

VeinScan0024

 

It is helpful to the end user if you define select several settings on this tab:

  • Load BioPlugin Snap-On when windows starts (for all users)
  • On Kiosks (self-service) choose Start Minimized
  • On Assisted Check-in/out locations it might be a helpful choice to not start minimized since these locations will be used to capture scans and it is helpful to have the application maximized for ease of use.
  • Select Launch another application after BioPlugin Loads and enter “c:winacsawcpkio.exe’

VeinScan0031

 

The BioPlugin client is now configured to work with Checkpoint. 

The final step to configure Check-in via vein scanning you must enable the setting ‘By scanning barcode’
Setup 

After the settings are complete restart the kiosk. After the reboot, you will be prompted to activate the software license.  You will need to login to the workstation as an Administrator to activate the software license.

  • If you purchased the licensing from ACS directly, contact support and provide support the Installation ID and they will activate the install and provide you with the Activation ID.  Enter this value and reboot the kiosk.

Once the client machine is configured, Launch CheckPoint Express Check-In start a session.  Users can now scan their finger and  CheckPoint will return the individual/families record for Check-in.

Register CheckPoint users to Check-in With Biometrics

When registering users, Open both ACS Desktop (CheckPoint Tab>Check IN/Out) and BioPlugin FingerPrint Administration.

Lookup the individual that you are registering.
Right click on the name of the person in the Individual List and select Copy BarCode

BarCode

 

Go to FingerPrint Admin and Paste the barcode into the BioPlugin Screen and proceed with the registration process that was used in the testing scenario above.  Once the individual is registered they can immediately visit any other kiosk running Express Check-in and scan their finger and Check-in.

enterbarcode

 

Optional Settings
If you would like for the Registration Admin to default to a finger other than the middle finger you can edit the client.ini file.  Since our first roll out of vein scanning was with Jr. High ministry we elected to change the default finger to the index finger.

Finger Print Scanning returnes the best results when the middle finger is the print registered, and M2sys has indicated that remains the same for vein scanning

Access the Client.ini file by browsing to c:program filesBioPlugin

VeinScan0032

Right Click on client.ini and choose Open.
Edit the line Default_LeftFinger=3 and change it to Default_LeftFinger=2
Edit the line Default_RightFinger=3 and change it to Default_RightFinger=2
Note: Thumb is = 1 and pinky is =  5

VeinScan0035

 

Previous Part 4: Installing M2Sys BioPlugin Vein Scanning Client


ACS CheckPoint Part 4 Installing M2sys BioPlugin Vein Scan Client

This post is post 4 in a series of 5 posts on ACS CheckPoint and M2Sys Biometric Scanning.

Part 1: Why Biometric?
Part 2: Why Vein Scanning?
Part 3: Installing M2sys Vein Scan Server & Configuring the Database
Part 4: Installing M2Sys BioPlugin Vein Scanning Client
Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

Previously I documented our process of selecting hardware and software as well as installing the server, now I will document Installing & Configuring M2Sys Vein Scanning Client.

This part of the installation is to install the application that allows the scanner to work and talk to the database to recall a record and identify a person to the application (in our case CheckPoint).

As previously mentioned, the M2sys Vein Scanning and Fingerprint Scanning applications are two separate applications for the related technology. At the time of writing this documentation it is not possible to use a vein and finger print scanners on the same computer concurrently.  Although I have been told by M2sys that a combined solution is in development to allow both scanners to be connected to the same workstation concurrently.

Note: Most steps are identical for Fingerprint Scanning Server and DB but Vein Scanning install requires a different installer than the BioPlugin for Finger Print Scanning.
Your mileage may very depending upon your environment, do due diligence before following these procedures.

Installing M2Sys BioPlugin Client
After downloading the installer running it on a XP, Vista, or Windows 7 workstation is fairly standard.  This installer does not install the server application and the software will not work without the proper install of the server application.

Do not connect the Scanner to the computer before starting the client install process.  Connecting the hardware prior to the client install can make the device driver install significantly more difficult.

Start the installer:

VeinScan0001

 

Agree to the Licensing Agreement

VeinScan0003

 

Enter your User and Organization Names

VeinScan0004

 

Choose your Installation Location
The Default is C:Program FilesBioPlugin

VeinScan0005

 

Choose Install to confirm the installation configuration

VeinScan0006

 

Installation Continues without any additional user interaction

VeinScan0007

 

Click Finished when the Install is done.

VeinScan0010

 

After the installer finishes you are prompted to install the scanner

VeinScan0012

 

After you connect the scanner you may be prompted to locate the driver.

VeinScan0013

 

Hit Browse and navigate to C:Program FilesBioPluginDrivers and locate the file HjmCap.sys
The file will be located in the Installation Destination that you choose earlier in the install process.

VeinScan0014

 

VeinScan0015

 

VeinScan0016

 

After you have located the driver the installation process is complete.

The next step is to configure the M2sys Vein Scanning Client and ACS CheckPoint.

Previous Part 3: Installing M2sys Vein Scan Server & Configuring the Database

Next Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint


ACS Livestor and RDS 2008R2

Livestor is a backup product offered by ACS Technologies.  We use this product to backup our ChMS Data to get the data off site.  The off site primary storage is in the ACS Datacenter in Florence and replicated to their DR Datacenter in Charlotte.

While the pricing model doesn’t scale well for large amounts of data backup, it has proven cost effective for our ACS Database backup to be stored in the Florence datacenter.  We have from time to time given ACS authorization to access the backup and test an upgrade specifically on our data. Additionally it has saved time when ACS needs our dataset to troubleshoot an issue and the backup is already local to their support group.

So in the continued process of migrating our ACS server to 2008 R2 there are a couple items to note when installing Livestor on a 2008 R2 server. 

Getting on my soap box for a few seconds, if the Livestor application would run as a service, these notes would be completely a NON-ISSUECome on ACS MAKE LIVESTOR A SERVICE!!!!  Having a server stay logged in for your backup application is CRAZY!  Even ACS Desktop Backup runs as a service!

When Livestor installs it defaults to add the application to the start menu start up for all users, so when you are using ACS in a Remote Desktop Server (formerly Terminal Server) environment Livestor attempts to launch when every user logs in.  In 2003 this was a quick fix to move the application to a single user’s startup but the Path for the all users Start menu has changed in 2008.

To make Livestor work on a 2008R2 RDS server and not start for ever user you will have to:

  • Copy Livestor Service Center shortcut to:
        C:Users%username%AppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
  • Delete the Livestor Service Center shortcut from:
        C:ProgramDataMicrosoftWindowsStart MenuProgramsStartup

One other 2008R2 item to be aware of, Disable UAC – Livestor has a built in updater, in order to update UAC has to be turned off for the update to process.  Once the updater is finished you can re-enable UAC and launch Livestor (or leave UAC disabled so it doesn’t fail every time Livestor updates)


Serving & Security Best Practices Web Event

Check out this web event Hosted by ACS Technologies.  Angus Davis has great insight on Volunteer and Children’s security and you should check out the web event. Register by clicking one of the options below. 

ACSWebevent

 

Note: NON-ACS Customers, when registering Enter “CITRT” as your ‘Site Number’.

register1

                                                                                OR

register2


ACS Facility Scheduler on TS User Update Crashes

As I have discussed before, Northwoods uses ACS Facility Scheduler as the primary application for all facility calendaring, global ministry calendaring and also the data source to populate our website calendar (web calendar is still in development). 

We deploy this application, as previously documented,  to our users via a terminal server.  The Terminal Server environment allows us to install the application in on place and let everyone on the network use it. Note: We are still using Server 2003 for this application so no need to comment on the use of TS in place of Remote Desktop Server Most of the time this works without much of an issue but a recent update to Facility Scheduler started causing us some problems. For future sanity I am documenting the problem as well as the solution.

ACS released Facility Scheduler 2010.1 earlier in March, for the most part the built in updater ran without an issue and all existing terminal server users were able to choose update and login without any issue. 

But after the update we started to notice users who had not ever logged into the terminal server before (new network accounts) weren’t able to launch facility scheduler.  The individuals would login to the Terminal server  launch the Facility Scheduler application and then be prompted to update to 2010.1.  The update would complete and the login would display.  After the update they would enter their login credentials for the application and the loading animated icon would appear but wouldn’t be animated. 

After 1-2 minutes of waiting the application would close. This process happened every time the user tried to launch Facility Scheduler.  Further digging revealed this only happened after a user local profile had been deleted from the Terminal Server or the user was logging into the Terminal Server for the first time.

FS

 

The Problem:
Since we installed FS on the terminal server and put the Application Data in the default user profile that application data was several revisions out of date (2008.1.9.6). Since there is no auto update feature for the “default’ user profile it was forgotten when everyone else updated.  This resulted in new user’s profile being created with the outdated version of FS and the updater couldn’t apply 2010.1, causing the login to crash.

Solution when One User Impacted:

  • Confirm the Affected user is not logged into the Terminal Server
  • Login as a user who has the latest version of Facility Scheduler installed and navigate to:
    C:Documents and Settings“Username”Local SettingsApplication Data
    (where “Username” is the network username of the user you are logged in as)
  • Copy the ACSTechnologies folder to
    C:Documents and Settings”Username”Local SettingsApplication Data
    (Where “Username” is the network username of the user who cannot launch Facility Scheduler.
  • Have user login and launch Facility Scheduler

Solution when Multiple Users Impacted

  • Confirm the Affected users are not logged into the Terminal Server
  • Login as a user who has the latest version of Facility Scheduler installed and navigate to:
    C:Documents and Settings“Username”Local SettingsApplication Data
    (where “Username” is the network username of the user you are logged in as)
  • Copy the ACSTechnologies folder to
    C:Documents and SettingsDefaultLocal SettingsApplication Data
  • Delete the User Profile(s) for the user account(s) that aren’t able to launch Facility Scheduler.
  • Have user login and launch Facility Scheduler.

ACS CHeckPoint Part 3 – Installing Vein Server

Continuation of a series of posts on ACS CheckPoint and Biometric Scanning Part 3 of 5

Part 1: Why Biometric?
Part 2: Why Vein Scanning?
Part 3: Installing M2sys Vein Scan Server & Configuring the Database

Part 4: Installing M2Sys BioPlugin Vein Scanning Client
Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

As previously mentioned Part 1 & Part 2 we have deployed M2Sys’ products before and have some familiarity with the products.  Even with this familiarity there were a few areas that we had to work thru to get everything working.  Our specific install is unique since we will be deploying both Vein Scanning and Fingerprint Scanning on the same network.  At the time of writing this documentation, the two technologies are not able to be compatible with one another and require separate installation for independent use.  Future updates are expected in the next few months that will allow for one Database install and one client install to support both types of scanning on the same workstation concurrently.  Until that is the case the Vein Scanning Database and Finger Print Scanning Databases must be accessed via two separate servers.

Installation of M2Sys BioPlugIn Vein Scanning Server and Database
Note:
Most steps are identical for Fingerprint Scanning Server and DB but Vein Scanning install requires a different installer than the BioPlugin for Finger Print Scanning.
Your mileage may very depending upon your environment, do due diligence before following these procedures.

- Install OS On a new Server – Since  almost all of our servers are virtual isolation of applications is key.

- When using 2008 or 2008R2 as your server operating system disable UAC prior to starting the install of the M2Sys software.  If UAC is not disabled before install of M2sys the service will fail.
On Server 2008R2 disable UAC by going to Control Pannel>User Accounts>Change User Account Control Settings and change the slider to “Never Notify”.

- Install M2sys BioPlugin Software
Note: Installing BioPlugin 6.6.1 on a 64bit server the service will fail because the application is making a call to the Hitachi Driver which is only 32bit at this time. Uninstalling and installing 6.6.2.2 resolved this issue.

- After installation is completed you will notice a traffic light icon in the system tray
ServiceIcon

This icon only indicates if the service is running or not.  Administration of the BioPlugin is done in the control panel, not the Sys Tray icon or start menu.

Note: If you are using server 2008 or 2008r2 you will have to change the view of the Control Panel to Large or Small icons to view the BioPlugin control. BioPlugin does not display in any of the Category Groupings.

- After accessing the BioPlugin Server Preferences you will need to apply the license key.  Do this by Navigating to the last tab “"License”.  If you purchased the scanners and software from ACS Directly you will need to send your account manager the Installation ID and they will send back a License ID.  Enter the License ID and Select Apply.

- After you have installed the software and applied the license key you can restart the server and BioPlugin should show green on the little traffic signal.  It is possible for the service to try to start and fail and the green will go back to red.  This is the first indicator that we were having an issue with 6.6.1 not working  on a 64bit server.

- Check the Service is actually running by going back into the Control Panel BioPlugin Server Preferences and click on View Core Server Log.  The Log should display “Waiting for Client Request”. If the service is failing the log file will either not display “Waiting for Client” or when you click on view Core Server log nothing will happen because the log hasn’t yet been created.

Note: It is not stated anywhere in the documentation, but Cached Size: # is the number of registered users you have currently in the BioSnapOn Server.
Core-ServerLog

- Once you know the service is working locally you have to decide to either keep the database on the server as an access database, which M2sys says is ok for up to 10,000 or point the M2sys server to another database server like MySQL, or MSSQL.  Because we already have a backup strategy in place for MSSQL databases and have a server running MSSQL 2008 it was best for our situation to use the MSSQL backend rather than the local access database. 
Note: In a testing environment the local database worked without any issue.

- If you are using a MSSQL database the next step is to create an empty database and user account for the BioPlugin server to use to connect to the database.  Because we already have our finger print scanning database in production we simply created a new database with the same name and added database–02 to the name.  In a dual database setup like ours it is important that the right BioPlugin server be pointing the correct database or your biometric check in with not be successful.  You define which database the BioSnapOn Server connects to in the DB string later in this process.

- After a blank database is created and the user account is set as the owner you run a script to prepare the database for use by BioPlugin.  These scripts can be found in the location on the BioPlugin server where you installed BioPlugin (Default is C:Program FilesBioPlugin).  Copy Tables-Script-SQL Server.sql for the MS SQL install locally to the SQL Server.  Select the database for the biometrics and execute the script.  Once this is done configure your backup of the database.  After the backup configuration is done the database is ready.

-Now that the database preparation is done be sure the BioSnapon service is not running (make sure the traffic light is red) next launch the BioSnapon Server Administration tool again and Select the Microsoft SQL Server radio button on the Database Tab.  This will change the connection string to a template of a SQL connection string.

- Connecting the SQL database is a little annoying if you (like me) do not frequently work with MSSQL. But in the latest release the BioPlugin server help files give sample definitions for the connection string. You will next want to review the BioSnapOn Installation Help Guide found on the install CD in the Documentation folder.  Navigate to the Help file location: Installation>Database Configuration>SQL Server. This provides settings and options for Using ODBC connection, SA and Windows Authentication.

M2sysHelp-DB-setup

- We had success with  MS SQL Server DSN-Less Connection with SQL Authentication and the following connection string. Values have been changed and display what information should be entered for each variable.
  Provider=SQLOLEDB.1;
  User ID=SQL Account Created when you created the Database;
  Password=Password for the Account Created Above;
  Persist Security Info=False;Initial Catalog=Database Name for the Database you created above;
  Data Source=Name of the SQL Server to which you are connecting

- Apply the settings and restart the server.  After the restart your BioPlugin server should have a green light and the core server log should be ‘waiting for client request’

Now you are ready to Install and configuring the BioSnapOn Client on the workstation, point it to the BioSnapOn Server and testing scans.

Previous -  Part 2: Why Vein Scanning?

Next – Part 4: Configuring M2Sys Vein Scanning Client


ACS Checkpoint Part 2 Why Vein Scanning vs. Print Scanning

Part 2 of 5

Part 1: Why Biometric?
Part 2: Why Vein Scanning?
Part 3: Installing M2sys Vein Scan Server & Configuring the Database

Part 4: Installing M2Sys BioPlugin Vein Scanning Client

Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

In the past year we have learned a lot about biometrics and our check-in system and I have had people ask me multiple times a great question, “Would you do it again?”.  They are really asking would we use finger print scanners as an key component of our check-in system, and I would reply, Yes.  The finger print scanning has been successful to accomplish the two areas we saw concern in the other flavors (bar code, key fob, number/name lookup) of check-in: Security and Speed.  The finger scanning has allowed us to have check-in remain secure, limiting the use to families who had followed the registration process and allow them to do it in a process that takes less than 15 seconds per family.  A major positive of the finger scanning over other scanning solutions, the speed isn’t dependant upon the end user remembering to bring a key tag or key fob with them to church.

Even saying Yes to that question wouldn’t mean we haven’t learned things over the past year and we haven’t modified the configuration. We have learned that finger print scanning is dependant upon indoor and outdoor temperatures, humidity, dry skin, etc.  The quality of the scan is affected by more environmental variables than we expected.  A second learning point was paying attention to the scans captured at pre-registration.  This process is much more important than we originally thought.  If attention to detail was paid at the pre-registration process then the success rate increased exponentially.  And finally, we were affirmed in our thought that there would be some people not able to use the biometric system because they just didn’t have “good” fingerprints.  So with the environmental variables and the fact that some people couldn’t use the biometrics we had to identify a workaround, which was allowing people to check-in by pager number. This is not the security number printed on the child’s tag but rather the number that is used to alert families the DLand staff need them to come get their child.  Allowing check-in via pager this did have negative impact on speed and people do forget their number.

So when it was time to start planning our rollout of Jr. High and Sr. High check-in we decided to put all options back on the table.  Our team came to the conclusion that if we could make finger scanning more reliable it was still the best option.  This planning was happening concurrently to the release of a new product by M2Sys called Vein Scanning.

Vein Scanning works under the principal that your vein alignment in your fingers is as unique as your finger prints.  Allowing you to be identified in a system without the environmental and “good” print concerns noted above.  The Scanner uses infrared to ‘see’ your vein alignment in your finger and allows the software to translate that alignment into a string of numbers that can be called back to identify you after you have pre-registered.

The solution sounded good but needed to be tested.  We contacted ACS and asked if we could put the scanner thru some testing and they provided a demo for us.  Our testing showed the Vein scanners to be much higher in accuracy no matter the variables.

So why not vein scanning in the first launch a year ago?  The products weren’t available a year ago in the capacity they are now.

Will you be migrating your finger print users to vein scan users?  Not at this time, currently the two technologies are not able to be used concurrently on the same workstation and would require a mass re-registration process for over 1250 individuals.

Will you possibly migrate everyone to vein scanning?  Once the converged product allowing both types of scanning at one workstation (12 weeks) we might explore this option.

Previous Part 1: Why Biometric?
Next Part 3: Installing M2sys Vein Scan Server & Configuring the Database


ACS CheckPoint Part 1 – Why Biometric

Its been just over a year since we launched CheckPoint, an ACS Technologies product, as the software we used to do electronic check in our Discoveryland (Children’s Ministry), birth thru 5th grade.  Being a year out from that launch I am posting a series of posts evaluating the project and also documenting the launch of our second phase in our Jr Hi and Sr. High ministries.

This series of posts will not specifically look at ACS’ Checkpoint product or how to deploy checkpoint specifically, but you can review that by checking out the workshop Taught at the 2009 ACS Convention.

Part 1: Why Biometric?
Part 2: Why Vein Scanning?
Part 3: Installing M2sys Vein Scan Server & Configuring the Database
Part 4: Installing M2Sys BioPlugin Vein Scanning Client
Part 5: Configuring the M2sys Vein Scanning Client and ACS CheckPoint

The Discoverlyand launch used Finger Print Scanners and software made by M2sys.  The parent uses the biometrics to authenticate to the system and in turn sees their family record on screen.  The Choice to use finger print scanning was driven by two factors: speed of check-in and security.

CheckPoint already had the ability to use barcodes and phone number lookup but two concerns were identified with those methods used exclusively.  The first concern is you could always leave the barcode in the car or at home and you would need to then check-in at a desk (taking time away from guest services) or use another method like name or number lookup.  The concerns name and phone number lookup was it took longer for each person to check-in and we couldn’t require pre-registration before using express check-in.  Name and Number lookup might result in you finding your family, but that might be from other involvement (giving, small group, etc) in the church and those vehicles for getting in the database might not include capturing family information.  Resulting in a poor user experience where you can display your record but your children aren’t able to be checked into the system.

Discoveryland has established a process for registration that needs to be completed before you use express check-in for a classroom.  This process includes parents agreeing not to drop children off and and run to the grocery as well as other logistics of how old is your child and what grade are they in.  With this information we can, which a much higher percentage of accuracy, know that your check-in process will work more smoothly.

Once the pre-registration data is collected and entered into the database a family can be pre-register for express check-in with the finger scan.

With the finger scanning we were able to speed up the process of check-in as well as limit the usage of the system to those who have appropriately identified themselves to the Discoveryland team.

Next Part 2: Why Vein Scanning vs.Finger Print Scanning


Pages:1234567...28
UA-2932131-1