QR code enables authentication: SecurEnvoy demonstrates its One Swipe method at Infosecurity EuropeSecurEnvoy 20/03/2014 Archive
Infosecurity, one of the largest European trade fairs for information security, will be taking place at Earls Court in London from 29 April to 1 May. And the exhibitor SecurEnvoy will transform its stand H10 at the event into a cosy pub and provide information about its tokenless two-factor authentication method. In this relaxed atmosphere, the company’s experts will be presenting their new One Swipe technology live. This approach does not require mobile phone reception or an internet connection, as the user simply scans a one-time QR code using a webcam in order to prove his or her identity.
With the SecurEnvoy technology, users can unambiguously identify themselves without the need for a dedicated token, using a combination of personal login details and a passcode. They can receive the code by text message, e-mail, voice call or soft token app. A new addition to this range of transmission channels is the One Swipe method, which also works completely offline and significantly accelerates authentication. In the soft token app for smartphones, the user generates a QR code, which he or she then scans using a webcam attached to the mobile device, e.g. a laptop, after entering his or her personal login details. This takes just seconds and confirms the user’s identity.
Seed records can pose a security risk
In addition to the live demonstrations at the exhibition stand, the specialists will also be on hand to provide information about the potential dangers associated with two-factor authentication. Some manufacturers, for example, store copies of the seed records used for authentication on their servers. This increases the risk that hackers can steal sensitive data en masse once they access those servers. In addition, government agencies in some countries could, depending on local laws, request access to the seed record copies and thereby secretly spy on businesses. SecurEnvoy circumvents these risks by ensuring that seed records are always separated into two parts.
The market for two-factor authentication
The details of the method used by SecurEnvoy to protect seed records and the potential dangers that can arise from back doors will be discussed by Andrew Kemshall, co-founder of SecurEnvoy, and Phil Underwood, Global Head of Pre and Post Sales, in their “Revolutionising 2FA to enhance the user experience” presentation. The presentation will be held on all three days of the trade fair, from 11.20 to 11.45 am, in the SecurEnvoy-sponsored technical theatre.
All SecurEnvoy’s solutions are based on tokenless two-factor authentication. SecurAccess ensures secure remote access e.g. to corporate networks, SecurPassword allows the resetting of passwords and SecurMail enables the encryption of digital messages.