Blog Posts Tagged with "Smart Cards"

37d5f81e2277051bc17116221040d51c

How EMV Impacts International Travel

August 25, 2012 Added by:Robert Siciliano

If you have plans to travel internationally this summer, you may have problems using your U.S. magnetic stripe card abroad, as many other countries, particularly in Europe, have made the EMV card the new standard. The Smartcard Alliance explains...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

NIST Releases Federal ID Security Standard Draft for Comment

July 12, 2012 Added by:Headlines

The document is the next step toward updating Federal Information Processing Standard (FIPS) 201. Among its requirements are that all PIV cards contain an integrated circuit chip, a personal identification number and protected biometric data—a printed photograph and two electronically stored fingerprints...

Comments  (1)

Aecf1189abe745df32ec68f5864649a6

Does Two-Factor Authentication Need Fixing?

July 03, 2012 Added by:Nick Owen

Assuming that the anti-malware companies cannot keep malware off PCs, what can be done? Well, actually stronger authentication can be applied at certain points in the online banking process to reduce exposure. When people think of two-factor authentication, they typically mean session authentication...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Researchers Crack RSA SecurID Tokens, Extract Keys

June 25, 2012 Added by:Headlines

"[These products are] designed specifically to deal with the case where somebody gets physical access to it or takes control of a computer that has access to it... Here, if the malware is very smart, it can actually extract the keys out of the token.That's why it's dangerous"...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Military Evaluates SIPRNet Smart Card to Protect Networks

April 24, 2012 Added by:Headlines

"As we learned through the events of Wiki Leaks, we had a blind spot in protecting our classified networks... We have a national strategy and program to implement a Public Key Infrastructure hardware based authentication system on the classified network - hence the SIPRNet token..."

Comments  (2)

37d5f81e2277051bc17116221040d51c

The Benefits of Multifactor Authentication

August 02, 2011 Added by:Robert Siciliano

Specifically the FFIEC states: “Since virtually every authentication technique can be compromised, financial institutions should not rely solely on any single control for authorizing high risk transactions, but rather institute a system of layered security, as described herein...."

Comments  (0)

43559f6a0465c923b496a260211995c0

SecurID: No Need for the Seed!

May 30, 2011 Added by:Pascal Longpre

An attacker who has installed the target's VPN client and configuration patiently waits for the user to authenticate. When the user begins to enter its 6 digit SecurID password, the Trojan captures the characters entered and immediately sends them through SSL to the attacker's machine...

Comments  (1)

69dafe8b58066478aea48f3d0f384820

Improved DoD Data Security Measures Slated for 2013

March 11, 2011 Added by:Headlines

At issue is how best to control access to sensitive data in an effort to prevent further breaches while also maintaining post-9/11 efforts to increase information sharing between multiple government agencies responsible for defending the nation...

Comments  (0)

37d5f81e2277051bc17116221040d51c

Britain Scrapping National Identification Card

February 02, 2011 Added by:Robert Siciliano

In the US, the government has attempted to standardize the identification process once and for all with the REAL ID Act, which will likely be squashed under Homeland Security Secretary Janet Napolitano, who has proposed a repeal of the act...

Comments  (0)

69dafe8b58066478aea48f3d0f384820

Smart Card Authentication Cracked by Hackers

January 29, 2011 Added by:Headlines

When the smart card is inserted into a compromised PC, the hackers use the opportunity to attempt to access the server. When the system requests a digital token, the attackers redirect the request to the compromised PC, which provides the token and password stolen with the keylogger...

Comments  (0)

Fdaa09fc5ed18d3226b3a1a00f1bc48c

Securing Java Apps with Smart Cards and Single-Sign-On

December 08, 2010 Added by:Daniel Doubrovkine

The advantages of this method are clear. There aren’t any usernames or passwords exchanged and the modern versions of the security protocols are not vulnerable to brute-force or man-in-the-middle attacks. The enterprise can roll out stronger authentication without changing the applications...

Comments  (0)