The new Idemia CBM E4 Fingerprint module now available

Jul 2, 2025

Eyenetwatch.com is pleased to announce the launch of the new Idemia CBM E4 fingerprint module. Following the global success of the CBM series the latest version, the CBM E4, is now available.

To We have provided a simple guide to the differences between the CBM E3 and the CBM E4.

Please feel free to take a look and if you need any further advice or information please email us at: sales@eyenetwatch.com or visit the CBM E4 product page

CBM-E4 is a new generation CBM

• Camera and Processor components of the CBM-E3 are near EOL
• Hardware refresh was necessary to maintain our production capacity
• Security maintenance updates requires the switch to a new processor

There are differences with the previous CBM

• Security features
• Simplified product catalog
• Licenses
• Functionalities
• Legacy compliancy

Documentation

• Full documentation is available on the Idemia Biometric Devices Portal including :
→ CBM-E4 Module Integration Guide (2024_2000080117 V01.02)
→ MSO 1300 Series - Installation Guide (2018_2000039830 V3.01)
→ CBM_MSO1300 Security Configuration document (2024_2000083497)
→ CBM E4 and MSO 1300 Series – Firmware references manual (v5) (.chm)


CBM-E4 : WHAT WILL NOT CHANGE

• Same Form factor and Hardware interfaces
  - No change to the optical and mechanical parts
• Same APIs
• Same Fake Finger detection (inc. host FFD)
• Algorithms
  - Same algorithms used by the CBM-E3
  - Backward compatible templates
• MSO SDK supports all devices
  - CBM-E2/V2
  - CBM-E3/V3
  - CBM-E4


CBM-E4 : WHAT WILL CHANGE

Only E4 products
  - There is no successor to CBM-V3 (i.e. no CBM-V4)

Small differences on timing and power consumption
  - See MSO 1300 Series - Installation Guide

Visual aspect changed : No more diffuser on E4


• We use different LEDs. And the light diffuser is no longer required
    → Improvement for dry fingers,
    → For latent detection,
    → For power consumption

CBM-E4
• New PID (PN for CBM-E4 with E3 PID compatibility exists)
• New Name
• New Part Numbers (different PNs depending on license configuration)

MSO SDK
• CBME4 is supported by MSO SDK v 6.49.1 and above
• Previous MSO SDK versions support
→ CBME4 with “USB Legacy ID” product variant (E3 compatibility only, no more compatibility with E2 PID)
→ MSO1300 E4 with “USB Legacy ID” product variant (E3 compatibility only, no more compatibility with E2 PID)
→ MSO SDK anterior to 6.49.1 will not support the tunneling of MSO1300 E4

MKMS
• MKMS is Deprecated.
• Clients will need to adapt their software using ALV commands if they were using MKMS before.


LICENSES CHART


LICENSES

Notes :
• 10K users extension is no longer available on E3/E4 series as there is no
successor to CBM-V3.
Memory size doesn’t allow using 10K users on CBM-E4.
• PID legacy is possible via special CBM-E4 reference but no longer as a
licence. Please check the product catalog that is on « The Line »
• Force Encryption license is no more relevant thanks to the security
features available on the E4 by default (check the « security features »
slide)
• CBM-E4 can still be used as a license container storing MSODongle
licenses

PID & SDK CHART

SECURITY

All CBM-E4 references are secured by default and offer on-demand security features
• By default, FW signature and integrity are verified at each boot, but no encryption of
communications is running.
→ it is the role of the integrator to define the level of security for CBM-E4
• Two features available : details are available in CBM_MSO1300 Security Configuration
document
→ Secure Tunnelling
Full USB communication Data encryption
CBM-E4 will use updated algorithms
• AES 256 for Tunnelling instead of 3DES, SHA256 instead of SHA1
• AES 256 instead of AES 128 for privacy – (for database encryption)
• It will be possible to enable Secure tunnelling on site with SDK. Configuration is no longer
needed to be done in factory.
• No need to use MKMS (MKMS is deprecated)
• Database will be encrypted as default, it is transparent for the integrator
• In case of MSO1300 E4 with database enabled, secure tunnelling is mandatory (and has to
be enabled before creating the database)

Previous Next