Showing results for: identity

John Fontana

Welcome to the Future, It’s about to Get Really Interesting…

This week ushered in my start with Yubico and I couldn’t be happier to be a part of what is going on here. The challenge in any new job is that while your colleagues are at a full-on run, you’re still learning how to walk. But after five days, I do know I better catch up to them soon because the advancements and opportunities related to authentication technology are poised to come forward fast and furious.

Apple’s iPhone event next week is a hint at security and usability improvements that will spread across the industry. While Apple is initially focused on electronic payment transactions, you could easily swap in the word “authentication” for “payment” and get a picture of where things are going.

The new iPhone 6 by all accounts will show up with NFC support, which is sweet music to the electronic payment system folks. Why, because they can insert new levels of security and fraud protection leveraging the chip technology infrastructure without upsetting the familiar end-user experience of using the card. And they can do it without passing through software susceptible to malware.

They can provision shared secrets, thus protecting real credit card numbers throughout the transaction process and thwarting hackers via a scheme known as issuer tokenization.

“Now if someone steals transaction records from Home Depot, they get one-time numbers that are useless, it totally kills all these breaches,” said Steve Sidner, an independent security and payments consultant based in Omaha, Neb.

Chip-and-pin cards, well known in Europe and coming by mandate to the U.S. next year, are proof that the system works. (The devil in the details is the cost for swapping out current technology in POS systems and issuing new cards).

But the real sweet music to security wonks; there is virtually zero convenience/security trade off, which has always been the barrier to end-user entry.

That is a win for customers and vendors.

Take that same scenario, but think about an authentication transaction rather than a financial transaction. It works in a similar way but with a different flow. Think of a simple yet elegant hardware-based way to exchange public keys and private secrets, think of no software installs, think of a contactless device that wakes up your phone and announces it is there for a private conversation around strong user authentication.

Think of that same scenario with other contactless technologies.  Think of form factors from earrings to watches to clothing.

Major companies with a significant stake in online services and applications are certainly thinking about all that.  And they are poised to roll out first phases, not next year, but by the end of this one.

The FIDO Alliance is thinking about it and how to run it over a standard set of protocols — and, of course, the Alliance contains some of the same card issuers salivating over Apple joining the NFC device party with rival Android.

And I have been thinking about all this. That is one reason I am at Yubico trying to help get the message out about the potential for a major shift and a run at finally gaining a significant share of end-user acceptance for stronger security.

I wrote about this yesterday on my blog Identity Matters that runs on the technology web site ZDNet.

Pay attention to what happens next week within Apple’s initial limited NFC scope, but keep in mind the bulk of the benefits are more wide-spread and still to come.

I think the YubiKey is poised to fuel this market with its one-touch strong authentication.

The one thing that jumped out at me is when you insert the key into a USB port it looks like an external keyboard to your computer. So in essence strong authentication is added to your computer by including just one additional key to the 78 or so that are already on a typical computer keyboard.

Strong authentication delivered with a keystroke, likely one of the oldest and most understood end-user experience in computing. As just one example, the strong authentication experience is already familiar to scores of engineering teams, who securely log-in hundreds or thousands of times a day just by touching the one extra key.

That is cool. I’m really interested to see where all this can go.

Ronnie Manning

UK Becomes the First Government to Offer Secure Online Identities Based on FIDO U2F Standards

STOCKHOLM & AMSTERDAM, March 23, 2016 – Yubico, the leading provider of simple, open and strong authentication, and Digidentity, a leading identity service provider, today announced a partnership to enable FIDO Universal 2nd Factor (U2F) authentication and YubiKeys for UK government services. The joint solution allows all UK citizens to easily and securely access GOV.UK Verify digital public services.

Compromised online identities have reached a level that has exposed the weaknesses in usernames and passwords as well as traditional software security solutions. Government services around the world have a growing demand for strong two-factor authentication, but traditional hardware technologies have been too costly and complicated to scale for most countries and internet users.

The new open authentication standard FIDO U2F changes that model. Successfully deployed and supported by leading commercial service providers, including Gmail and Dropbox, FIDO U2F is now also supported in UK government services, including for identity assurance.

GOV.UK Verify is a new simple way for UK citizens to access an increasing range of UK government services online. This is the first government service in the world to make support for simple and strong FIDO U2F authenticators. The service works using a roster of identity providers, who check and confirm a user’s identity before they can access a government service. Digidentity is one of the UK government’s certified identity service providers.

“UK citizens can easily purchase a FIDO U2F device online and register it with Digidentity,” says Marcel Wendt, Digidentity CTO and co-founder. “With a quick online process, the user’s identity is verified and tied to the U2F device, and the data is encrypted to safeguard a user’s privacy. We are pleased to partner with Yubico, a driving contributor of the FIDO U2F standard, to make this happen.”

To authenticate to GOV.UK Verify using Digidentity with FIDO U2F, the user inserts a U2F YubiKey device into their computer’s USB port, and then touches the device. There are no drivers or client software to install. Later this year, U2F authentication via Near Field Communication (NFC) and Bluetooth will be supported by Digidentity for secure login from mobile devices.

“We are impressed with the online identity services that GOV.UK and Digidentity have developed and are now offering to UK citizens,” says Stina Ehrensvard, CEO and founder, Yubico. “We share their mission of making secure online identities easy and available for everyone.”

YubiKeys with FIDO U2F support are available (starting from £13/$18) at Amazon.com or from the Yubico Store. The same U2F key that works with GOV.UK Verify and Digidentity also works for logging in to a growing number of large scale commercial services, without any personal data or encryption secrets shared between service providers.

About Yubico
Yubico sets new world standards for simple, secure login, preventing unauthorized access to computers, servers, and internet accounts.

Supporting multiple authentication and encryption protocols on all devices and platforms, YubiKeys protect access to user accounts for the world’s largest enterprises with a simple touch, and with no driver or client software needed. Yubico is a leading contributor to the FIDO Universal 2nd Factor open authentication standard, and Yubico’s technology is used, and loved, in more than 150 countries.
Founded in 2007, Yubico is privately held with offices in Sweden, US and UK. For more information, please visit www.yubico.com.

About Digidentity
Digidentity makes your online life simpler and safer by enabling secure and verified digital identities for everyone.

To do this, Digidentity developed services focused on a unique digital identity, where the user and their privacy are key. Digidentity is also a supplier of SSL certificates and qualified digital signatures. Digidentity provides national digital identity solutions to the Dutch and British governments, as well as solutions for a large variety of organizations. Providing identities to more than 12 million Europeans, Digidentity executes more than 150 million secure online transactions per year between people, organizations, and governments.

Founded in 2008, Digidentity is privately held in The Netherlands. For more information, please visit www.digidentity.com.

Media Contact
Ronnie Manning
Director, Public Relations
Yubico, Inc.
Ronnie@Yubico.com
1.619.822.2239