Gemalto supplies Russian banks with OTP tech
Gemalto supplies VTB24 with its Ezio Mobile Protector smartphone-based secure software app solution, which provides One Time Passwords (OTPs) for validation of remote banking transactions via a application running on the customers’ mobile device.
VTB24 is a company in the Russian banking services market and this implementation was made in cooperation with Russian IT integrator CompuTel. Gemalto’s Ezio Mobile Protector offers an authentication solution for online banking which makes those services convenient to customers, and provides extended access to these services. VTB24, which operates more than 1,000 branches across 72 regions in Russia, began rollout of the new service this March under the Token VTB24-Online brand. The new service is available for individuals through the VTB24-Online system, and soon it will be available for legal bodies and individual entrepreneurs through the “Bank-client online” system.
VTB24 customers only have to install an app on their existing Android, iOS, Windows Phone smartphone or tablet and register it through VTB24-Online banking system for instant generation of OTPs, eliminating the need to carry any additional devices. For VTB24, the adoption of Ezio Mobile Protector removes costs associated with SMS and push messages and allows VTB24 to increase the limits of transactions performed via online or mobile banking for its customers. The solution also works in offline mode and does not require cellular coverage or Internet connection, so that authentication service is still available even when a customer is for example traveling overseas.
Infineon releases FIDO-certified BLE design
Infineon Technologies a FIDO-certified Bluetooth low energy (BLE) reference design for wireless authentication tokens. By using such a token in addition to their password, consumers can authenticate their online activities on mobile devices.
“Sixty-three percent of all successful online breaches can be tracked back to inadequate passwords,” said Joerg Borchert, vice president of the Chip Card & Security Division at Infineon Technologies Americas Corp and Board Representative in the FIDO Alliance.
Bluetooth low energy is a communication protocol for connecting an authentication token to mobile and wireless applications and devices that do not have a USB port. At the core of the FIDO BLE reference design is an Infineon Secure Element, which performs the operation and securely stores the code. Being certified and FIDO-ready, the reference design allows manufacturers of connected security devices to easily integrate the FIDO Universal U2F standard with the BLE transceiver of their choice.
The FIDO Alliance’s U2F standard uses public key cryptography to add second factor authentication to online login services.
Versasec, Yubico partner
Versasec has partnered with Yubico. The two companies will work together and Versasec will support its Yubico’s YubiKey in its next card management system release.
The YubiKey is a USB hardware device that supports multiple authentication and encryption protocols, including smart card, OTP and FIDO Universal 2nd Factor (U2F). With this new integration, Versasec vSEC:CMS users can authenticate themselves with a simple touch when the YubiKey is acting as a smart card in Personal Identity Verification (PIV) mode.
YubiKeys work on Microsoft Windows, Mac OS X, Linux operating systems, and major browsers with no driver or client software needed
Versasec and Yubico will host a webinar on July 13, 2016, 10:00 a.m. PT to discuss their joint solution.
AdvanIDe launches certified MIFARE inlays
AdvanIDe announced the launch of its certified, contactless inlay offering that supports NXP Semiconductor’s MIFARE DESFire EV2 chip family. The certification verifies that the performance of the inlays meet the requirements of the MIFARE standard. Smart card manufacturers can use AdvanIDe’s inlays to manufacture finished cards. AdvanIDe is the first inlay supplier to pass the certification test conducted by the independent certification institute for contactless MIFARE-based systems: ArsenalTesthouse.
The NXP chip family for which the AdvanIDe inlays are used enables selectable cryptographic methods, including 3DES and AES128 and offering 2 kB, 4kB and 8kB EEPROM size and full MIFARE DESFire EV1 backward compatibility. As a solution meeting EAL 5+ security requirements for both hardware and software, MIFARE DESFire EV2 is a choice for customers seeking to migrate from other MIFARE or compatible products to the highest security level at reasonable cost. MIFARE products comply with the international standard ISO/IEC 14443 and are used for a wide variety of applications around the world.