New malware on a daily basis: digital threats emanating from Asia?SESadmin 14/11/2014 Archive
The Asian region, in particular, is considered to be a major generator of insidious malware. The main intention behind the new bugs, trojans and other such unwanted threats that emerge on a daily basis is to steal passwords. Asian firms, in particular, should therefore ensure they have security that goes beyond simple password protection. As the inventor of tokenless two-factor authentication, SecurEnvoy provides a method that uses passcodes generated dynamically on smartphones to provide additional security for login procedures. This flexible and cost-effective method will now be marketed by the Malaysian ICT expert Infinite Data, in its new role as a SecurEnvoy Authorized Distributor.
Asia is not only a continent of resourceful computer designers; many of the world’s most dangerous IT threats also originate from there. Most of the bugs, trojans and viruses are designed with the aim of gaining access to online banking portals or other sensitive platforms and networks. Recent headlines document the fact that the hacking of passwords is the most popular approach, as it is the easiest one. Which is surely reason enough for companies to provide protection that goes beyond conventional password protection.
Smartphones transformed into security keys
The Malaysian ICT distributor Infinite Data recommends the tokenless two-factor authentication (2FA) solution from SecurEnvoy to its customers as a security measure for login procedures. With this flexible method, employees enter not only their username and password/PIN, but also authenticate themselves with a passcode. Conventional 2FA methods generate such passcodes using dedicated physical tokens, but this is not the case with the method from SecurEnvoy, which has developed a technology that enables private smartphones to be used as tokens. The user simply requests the passcode via SMS, e-mail, voice call or a soft token app. Another option offered by SecurEnvoy is the new “One Swipe” offline function.
A QR code acts as an identity document
With this feature, proof of identity is provided by means of a PIN and a one-time QR code. Only the correct combination of both components permits a successful login. One Swipe allows users to authenticate themselves in a network even if they do not have mobile phone reception or an Internet connection. They simply enter a PIN in the SecurEnvoy soft token interface, after which the smartphone or tablet generates a one-time QR code. Users then scan this code using a webcam on a computer or on a mobile device. The information thereby transmitted provides conclusive evidence regarding the identity of the employee and completes the network login procedure.
“Users of conventional two-factor authentication will be thrilled by SecurEnvoy’s tokenless method,” comments Desmond Teo, Managing Director of Infinite Data Sdn Bhd. “Inflexible and expensive network logins using physical tokens such as smart cards are now a thing of the past. The straightforward two-factor authentication procedure using a smartphone and the additional security provided by the SecurEnvoy solutions make things easy for us as an ICT distributor.”
SecurEnvoy technology has already claimed a number of awards, such as the award in the “Best Buy” category presented by the American SC Magazine. In addition, posts by the security expert SecurEnvoy about current IT threats are regularly added to its blog.