IBM
scientists have developed a new mobile authentication security
technology based on the radio standard known as near-field communication
(NFC). The technology provides an extra layer of security when using an
NFC-enabled device and a contact-less smart card to conduct mobile
transactions.
A recent report by ABI Research predicts the number of NFC devices
in use will exceed 500 million in 2014. In addition, it is expected that
1 billion mobile phone users will use their devices for banking purposes by 2017 making them tantalizing targets for hackers.
IBM scientists in Zurich, also known for inventing an operating
system used to power and secure hundreds of millions of smartccards,
have developed an additional layer, a so-called two-factor
authentication, for securing mobile transactions (see video below).
A typical consumer may use a two-factor authentication on a
computer when they are asked for both a password and a verification code
sent by SMS. IBM scientists are applying the same concept using a PIN
and a contact-less smart card. The card could be an ATM card or an
corporate ID badge.
"Our two-factor authentication technology based on the Advanced
Encryption Standard provides a robust security solution with no learning
curve," said Diego Ortiz-Yepes, a mobile security scientist at IBM Research.
The technology works by allowing a user to simply hold his, or her, card near the NFC reader of the mobile device and after keying in a PIN, a one-time code would be generated by the card and sent to the server by the mobile device.
The
technology is based on end-to-end encryption sing the National
Institute of Standards & Technology (NIST) AES (Advanced Encryption
Standard) scheme. Current technologies on the market require users to
carry an additional device, such as a random password generator, which
is less convenient and in some instances less secure.
The technology, which is available today for any NFC-enabled Android
4.0 device, is based on IBM Worklight, a mobile application platform
that is part of the IBM MobileFirst portfolio. Future updates will
include additional NFC-enabled devices based on market trends.
By : Emory Kale
Link : http://www.tgdaily.com/security-brief/80958-using-nfc-as-a-secure-smart-card-reader
Aucun commentaire:
Enregistrer un commentaire