Infosecurity, the trade fair for information security, runs at Earls Court in London from April 29 to May 1. An exhibitor SecurEnvoy will turn its stand H10 at the event into a pub and provide information about its tokenless two-factor authentication method. The company will be presenting their new One Swipe technology live. This approach according to the firm does not require mobile phone reception or an internet connection, as the user scans a one-time QR code using a webcam in order to prove his or her identity.
Users can unambiguously identify themselves without the need for a dedicated token, using a combination of personal login details and a passcode. They can receive the code by text message, e-mail, voice call or soft token app. A new addition to this range of transmission channels is the One Swipe method, which also works completely offline and significantly accelerates authentication. In the soft token app for smartphones, the user generates a QR code, which he or she then scans using a webcam attached to the mobile device, eg. a laptop, after entering his or her personal login details. This takes just seconds and confirms the user’s identity.
Seed records
In addition to the live demonstrations at the exhibition stand, the firm will also provide information about the potential dangers associated with two-factor authentication. Some manufacturers, for example, store copies of the seed records used for authentication on their servers. This increases the risk that hackers can steal sensitive data en masse once they access those servers. Government agencies in some countries could, depending on local laws, request access to the seed record copies and thereby secretly spy on businesses. SecurEnvoy says that it circumvents these risks by ensuring that seed records are always separated into two parts.
The market for two-factor authentication
The details of the method used by the firm to protect seed records and the potential dangers that can arise from back doors will be discussed by Andrew Kemshall, co-founder of SecurEnvoy, and Phil Underwood, Global Head of Pre and Post Sales, in their “Revolutionising 2FA to enhance the user experience” presentation. The presentation will be held on all three days of the trade fair, from 11.20 to 11.45 am, in the SecurEnvoy-sponsored technical theatre.
All the product firm’s solutions are based on tokenless two-factor authentication. SecurAccess ensures secure remote access eg. to corporate networks, SecurPassword allows the resetting of passwords and SecurMail enables the encryption of digital messages. Further information about the various tokenless authentication options is available at https://www.securenvoy.com/two-factor-authentication/token-types.shtm