IBM researchers have delivered a new security breakthrough that could enhance the company’s MobileFirst strategy.
Big Blue scientists developed the new mobile authentication security technology based on the radio standard known as near-field communication (NFC). The technology provides an extra layer of security when using an NFC-enabled device and a contactless smartcard to conduct mobile transactions, including online banking and digital signatures when accessing a corporate intranet or private cloud.
“Our two-factor authentication technology based on the Advanced Encryption Standard provides a robust security solution with no learning curve,” said Diego Ortiz-Yepes, a mobile security scientist at IBM Research, in a statement.
To address these challenges, IBM scientists in Zurich, Switzerland, also known for inventing an operating system used to power and secure hundreds of millions of smartcards, developed an additional layer – a so-called two-factor authentication – for securing mobile transactions.
Consumers are already used to using two-factor authentication from a computer, for example, when they are asked for both a password and a verification code sent by Short Message Service (SMS). IBM scientists are applying the same concept using a personal identification number (PIN) and a contactless smartcard. The contactless smartcard could be a bank-issued ATM card or an employer-issued identity badge.
To make it work, a user holds the contactless smartcard next to the NFC reader of the mobile device and after keying in his or her PIN, a one-time code will be generated by the card and sent to the server by the mobile device.
The IBM technology is based on end-to-end encryption between the smartcard and the server using the National Institute of Standards and Technology (NIST) Advanced Encryption Standard (AES) scheme. Current technologies on the market require users to carry an additional device, such as a random password generator, which is less convenient and in some instances less secure, IBM noted.
The new technology, which is available now for any NFC-enabled Android 4.0 device, is based on IBM Worklight, a mobile application platform that is part of the IBM MobileFirst portfolio. Future updates will include additional NFC-enabled devices based on market trends.
IBM officials said they believe mobile computing is the first new technology platform for business to emerge since the World Wide Web, and it represents one of the greatest opportunities for organisations to expand their business. IBM’s MobileFirst strategy is based on nearly 1,000 customer engagements, more than 10 mobile-related acquisitions in the last four years, a team of thousands of mobile experts and 270 patents in wireless innovations, the company said. It combines the key elements of an application and data platform with the management, security and analytics capabilities needed for the enterprise.
IBM acquired Worklight, which is a key element of MobileFirst, in early 2012.
What do you know about smartphones? Find out with our quiz!
Originally published on eWeek.
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…
View Comments
Excellently presented and luckily by IBM, as a major international company. I myself have presented similar scenarios many times at international standardization meetings and at conferences in order to emphasize the necessity for NFC smartphones to be compatible with ISO 14443, the standard for contactless chipcards. Michael Hegenbarth, Chairman ISO/IEC JTC1/SC17/WG8, Contactless Interface, Inventor of the combination mobile phone / contactless chipcard interface