Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities

Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities

Tyfone, a mobile financial and security pioneer with more than 80 granted and pending patents, today unveiled its Connected Smart Card (CSC) solution – a combination of hardware products, software solutions and hosted services – that enables financial, government, healthcare and other enterprises to augment passwords and other user ID information used to access sensitive information. Tyfone’s CSC solution uniquely combines centralized data with local, device validation to strengthen and simplify the centralized storing of passwords, credit card numbers and other digital ID credentials, optimally ensuring security to keep passwords, payment and biometric ID information out of the hands of cybercriminals.

Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities

“Criminals have always robbed banks because ‘that’s where the money is,’ but today’s cybercriminals prefer the centralized databases that store individuals’ passwords because with passwords they can loot literally millions of bank accounts and credit card numbers, steal sensitive government and corporate data, and hack critical infrastructure such as power grids,” said Dr. Siva Narendra, CEO of Tyfone.  “Recognizing this threat, Tyfone worked closely with our financial and government customers to implement our CSC technology, a next-generation cyber security solution that enables the locally-secured, hardware-enabled storage of passwords, card preset payment information, biometrics and other ID credentials to keep criminals and hackers at bay.”

Tyfone’s CSC solution operates much like the traditional plastic smart card systems already in widespread use, but has a much smaller physical footprint and uniquely has the ability to connect to any mobile device, tablet or PC. Tyfone’s CSC hardware works with all existing software, smart card applets, password schemes and digital certificates, making it the first truly interoperable solution that secures the device, the identity and the transaction, controlling access to ID information in a unique combination of distributed and local (on device) layers.  This unprecedented approach allows for seamless integration with organizations’ existing smart card-driven security solutions, maximizing investments in security infrastructure.  The end result is that Tyfone’s CSC solution ensures that employees, consumers and other end-users can securely access their bank accounts or email, pay online as a card preset transaction or enter a building without the vulnerability that comes with today’s centralized storing of passwords or biometric IDs. 

New Data Security Approach Necessary for Increasing Cyber Attacks

Cyber security is a critical and growing concern for governments and financial institutions as access to sensitive information and financial transactions are increasingly done via mobile devices and websites, which utilize password protection.  Of particular concern is the security of these passwords, which are stored centrally – and increasingly in the cloud – making these databases vulnerable and tempting targets for hackers.  According to Deloitte, one of the top auditing and consulting firms worldwide, 90 percent of centrally-stored passwords are currently vulnerable.  Additionally, according to Wired Magazine, more than 280 million stored passwords have been compromised over the past 18 months.

Though further bolstering authentication through the use of thumbprints and other biometric IDs has been touted as a solution, the reality is that biometric credentials are unique, sensitive, personal information and therefore actually more vulnerable than passwords, if centrally stored in the cloud.  This greater vulnerability is because a person’s thumbprints and other biometric data cannot be changed if stolen, whereas passwords can be changed after a breach has occurred.

“While cloud services increase productivity by allowing for ubiquitous, anywhere access, centralized data create centralized points of failure,” said Dr. Steve Crocker, Tyfone advisory board member and an Internet Hall of Fame inductee for his work that lead to the development of ARPANET, a precursor to the Internet.

“There are two solutions to this centralization problem. One option, as more services move to the centralized cloud servers is to migrate identity storage to be client centric. This client-centric approach helps prevent a single hack from compromising millions of identities, like recent hacks of Zappos.com or LinkedIn," added Crocker. "The other alternative is to have a completely distributed storage that syncs up between various authenticated clients without any centralized storage. This distributed approach also prevents massive loss of data from a single hacking event. In either case, information and/or control of access to information is distributed, making the authentication solution more robust.”

CSC Availability and Incorporation into Existing Systems

Tyfone’s CSC solution is currently in pilot deployments for strategic customers with general availability planned for the fourth quarter this year. Organizations interested in joining the pilot or integrating Tyfone’s CSC solution with their own security products can contact Tyfone at csc@tyfone.com.

Featured

  • Gaining a Competitive Edge

    Ask most companies about their future technology plans and the answers will most likely include AI. Then ask how they plan to deploy it, and that is where the responses may start to vary. Every company has unique surveillance requirements that are based on market focus, scale, scope, risk tolerance, geographic area and, of course, budget. Those factors all play a role in deciding how to configure a surveillance system, and how to effectively implement technologies like AI. Read Now

  • 6 Ways Security Awareness Training Empowers Human Risk Management

    Organizations are realizing that their greatest vulnerability often comes from within – their own people. Human error remains a significant factor in cybersecurity breaches, making it imperative for organizations to address human risk effectively. As a result, security awareness training (SAT) has emerged as a cornerstone in this endeavor because it offers a multifaceted approach to managing human risk. Read Now

  • The Stage is Set

    The security industry spans the entire globe, with manufacturers, developers and suppliers on every continent (well, almost—sorry, Antarctica). That means when regulations pop up in one area, they often have a ripple effect that impacts the entire supply chain. Recent data privacy regulations like GDPR in Europe and CPRA in California made waves when they first went into effect, forcing businesses to change the way they approach data collection and storage to continue operating in those markets. Even highly specific regulations like the U.S.’s National Defense Authorization Act (NDAA) can have international reverberations – and this growing volume of legislation has continued to affect global supply chains in a variety of different ways. Read Now

  • Access Control Technology

    As we move swiftly toward the end of 2024, the security industry is looking at the trends in play, what might be on the horizon, and how they will impact business opportunities and projections. Read Now

Featured Cybersecurity

Webinars

New Products

  • Automatic Systems V07

    Automatic Systems V07

    Automatic Systems, an industry-leading manufacturer of pedestrian and vehicle secure entrance control access systems, is pleased to announce the release of its groundbreaking V07 software. The V07 software update is designed specifically to address cybersecurity concerns and will ensure the integrity and confidentiality of Automatic Systems applications. With the new V07 software, updates will be delivered by means of an encrypted file. 3

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols. 3

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3