IBM has revealed a new mobile authentication solution that is based on the near field communications standard, which adds an extra layer of security to NFC-based transactions including accessing a private cloud, a corporate Intranet and online banking. The authentication technology comes from a two-factor authentication concept which requires users to enter a verification code that is sent via SMS, and a password.
IBM’s new solution uses a personal identification number with a contactless smartcard, similar to a bank-issued ATM card or an employee identity pass, which is held against an NFC-enabled mobile device. The user inserts their PIN number and a one-time only code is sent via the smartphone or tablet.
Utilising the National Institute of Standards and Technology’s advanced encryption standard, IBM’s new mobile authentication delivers end-to-end encryption. The new solution is available for use with any NFC-based device that runs Google’s Android 4.0 or higher, with updates to expand the technology to include other NFC-based devices due to be implemented at a later date. IBM are also offering their Worklight mobile application platform, part of their MobileFirst portfolio for enterprise management, analytics and security.
Diego Ortiz-Yepes, a mobile security scientist at IBM Research, said: “Our two-factor authentication technology based on the Advanced Encryption Standard provides a robust security solution with no learning curve.”
By Allie Philpin