Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities

Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities

Tyfone, a mobile financial and security pioneer with more than 80 granted and pending patents, today unveiled its Connected Smart Card (CSC) solution – a combination of hardware products, software solutions and hosted services – that enables financial, government, healthcare and other enterprises to augment passwords and other user ID information used to access sensitive information. Tyfone’s CSC solution uniquely combines centralized data with local, device validation to strengthen and simplify the centralized storing of passwords, credit card numbers and other digital ID credentials, optimally ensuring security to keep passwords, payment and biometric ID information out of the hands of cybercriminals.

Tyfone Connected Smart Card Solution Fixes Cyber Security and Biometric Vulnerabilities

“Criminals have always robbed banks because ‘that’s where the money is,’ but today’s cybercriminals prefer the centralized databases that store individuals’ passwords because with passwords they can loot literally millions of bank accounts and credit card numbers, steal sensitive government and corporate data, and hack critical infrastructure such as power grids,” said Dr. Siva Narendra, CEO of Tyfone.  “Recognizing this threat, Tyfone worked closely with our financial and government customers to implement our CSC technology, a next-generation cyber security solution that enables the locally-secured, hardware-enabled storage of passwords, card preset payment information, biometrics and other ID credentials to keep criminals and hackers at bay.”

Tyfone’s CSC solution operates much like the traditional plastic smart card systems already in widespread use, but has a much smaller physical footprint and uniquely has the ability to connect to any mobile device, tablet or PC. Tyfone’s CSC hardware works with all existing software, smart card applets, password schemes and digital certificates, making it the first truly interoperable solution that secures the device, the identity and the transaction, controlling access to ID information in a unique combination of distributed and local (on device) layers.  This unprecedented approach allows for seamless integration with organizations’ existing smart card-driven security solutions, maximizing investments in security infrastructure.  The end result is that Tyfone’s CSC solution ensures that employees, consumers and other end-users can securely access their bank accounts or email, pay online as a card preset transaction or enter a building without the vulnerability that comes with today’s centralized storing of passwords or biometric IDs. 

New Data Security Approach Necessary for Increasing Cyber Attacks

Cyber security is a critical and growing concern for governments and financial institutions as access to sensitive information and financial transactions are increasingly done via mobile devices and websites, which utilize password protection.  Of particular concern is the security of these passwords, which are stored centrally – and increasingly in the cloud – making these databases vulnerable and tempting targets for hackers.  According to Deloitte, one of the top auditing and consulting firms worldwide, 90 percent of centrally-stored passwords are currently vulnerable.  Additionally, according to Wired Magazine, more than 280 million stored passwords have been compromised over the past 18 months.

Though further bolstering authentication through the use of thumbprints and other biometric IDs has been touted as a solution, the reality is that biometric credentials are unique, sensitive, personal information and therefore actually more vulnerable than passwords, if centrally stored in the cloud.  This greater vulnerability is because a person’s thumbprints and other biometric data cannot be changed if stolen, whereas passwords can be changed after a breach has occurred.

“While cloud services increase productivity by allowing for ubiquitous, anywhere access, centralized data create centralized points of failure,” said Dr. Steve Crocker, Tyfone advisory board member and an Internet Hall of Fame inductee for his work that lead to the development of ARPANET, a precursor to the Internet.

“There are two solutions to this centralization problem. One option, as more services move to the centralized cloud servers is to migrate identity storage to be client centric. This client-centric approach helps prevent a single hack from compromising millions of identities, like recent hacks of Zappos.com or LinkedIn," added Crocker. "The other alternative is to have a completely distributed storage that syncs up between various authenticated clients without any centralized storage. This distributed approach also prevents massive loss of data from a single hacking event. In either case, information and/or control of access to information is distributed, making the authentication solution more robust.”

CSC Availability and Incorporation into Existing Systems

Tyfone’s CSC solution is currently in pilot deployments for strategic customers with general availability planned for the fourth quarter this year. Organizations interested in joining the pilot or integrating Tyfone’s CSC solution with their own security products can contact Tyfone at csc@tyfone.com.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • FEP GameChanger

    FEP GameChanger

    Paige Datacom Solutions Introduces Important and Innovative Cabling Products GameChanger Cable, a proven and patented solution that significantly exceeds the reach of traditional category cable will now have a FEP/FEP construction. 3

  • HD2055 Modular Barricade

    Delta Scientific’s electric HD2055 modular shallow foundation barricade is tested to ASTM M50/P1 with negative penetration from the vehicle upon impact. With a shallow foundation of only 24 inches, the HD2055 can be installed without worrying about buried power lines and other below grade obstructions. The modular make-up of the barrier also allows you to cover wider roadways by adding additional modules to the system. The HD2055 boasts an Emergency Fast Operation of 1.5 seconds giving the guard ample time to deploy under a high threat situation. 3

  • Compact IP Video Intercom

    Viking’s X-205 Series of intercoms provide HD IP video and two-way voice communication - all wrapped up in an attractive compact chassis. 3