EFY Times  
Friday, August 28, 2015

 
GO
 
 
Tokenless Two-Factor Authentication Defies “Heartbleed”
 
Home >> Infotech >> Technology                                                                                PRESS RELEASE
 
Tokenless Two-Factor Authentication Defies “Heartbleed”  
 
   
Rate this news:  (0 Votes)
Thursday, April 17, 2014 The existence of Heartbleed, a vulnerability in the OpenSSL open source software, was recently announced. The OpenSSL encryption tool is used worldwide on countless websites, which means the loophole can be used by hackers to access data stored on computers, such as passwords, certificates, etc., even if the websites utilise encryption with the https protocol. But unauthorised access via stolen user identities is prevented by the tokenless two-factor authentication procedure from the developer SecurEnvoy. None of the solutions from this manufacturer have such security vulnerabilities, as they do not make use of OpenSSL.






In other words, users of the tokenless two-factor authentication method are not compromised. Quite the contrary in fact - "the SecurEnvoy solutions can also provide protection when used together with products from other manufacturers that are affected by Heartbleed," comments Andy Kemshall, Technical Director at SecurEnvoy. "This is because, at best, cyber criminals would only be able to capture single use passcodes from computer memories. But these are valid only once and would have already expired, i.e. ceased to be functional."

Using SecurEnvoy solutions, users can unambiguously identify themselves without the need for additional, dedicated tokens; this is because mobile devices such as smartphones and tablets are used as authentication tools. The passcodes required for authentication purposes are sent via SMS, e-mail, landline call, QR code scanning or a soft token app. Because of this tokenless approach, the solutions can be installed very quickly.

Two-level seed records maximize security

SecurEnvoy ensures this high level of security by dividing the seed record, which is a special algorithm used to create the one-time passcode. The user needs such a numerical code in order to login using tokenless two-factor authentication – the passcode is combined with personal login details in order to grant access, with only the correct combination allowing the login to succeed. At no time is SecurEnvoy itself in possession of information about the seed records and passcodes that are generated. Instead, part of the record is generated locally on the client's server, while the second part is defined using characteristic properties of the mobile appliance used. This effectively forms a "fingerprint" consisting of information about the SIM card, the CPU or equivalent. Each time the user requests a passcode, the user’s appliance decrypts the first part of the seed record and defines the second part.



Print Email Post Comment 
(Total Views: 437)
 
Share

 
 
Infotech News
   
BICSI India Announces 2015 Annual Technology Conference
Openbravo Partners With Happiest Minds Technologies To Provide Cutting Edge OmniChannel Solutions To Retailers Worldwide
Vocalcom Focuses On Latest Cloud Contact Center Software Trends At GITEX
Vocalcom Wins 2015 CUSTOMER Contact Center Software Award
ADTRAN Advances Cloud Access Networks
 
 
 
     
     
     
     
     
     
Most popular
 

Daily

Weekly

Overall

Features
Now Water Your Lawn Using Raspberry Pi
An open source enthusiast, Robert Booth has developed a prototype of lawn watering system....
Download Mozilla's Open Source Furniture To Furnish Your Office At Low Cost
Mozilla and Nosigner are enabling inexpensive office furniture with open source schematic....
Top 5 Free Ebooks, Movies And Audio Books For Your iPad And Kindle!
Here is a list of best free books, movies and audio books from OpenCulture!...
Chinese Hackers To Attack India
A sophisticated cyber espionage group from China is working day and night to steal sensitive diplomatic information....
Speech System Used By Stephen Hawking Is Now Open To All
Intel has released the open source code of the speech system it developed for Stephen Hawking....
Top 4 Command Line Based Email Clients
Once you master one of these clients, you may not want to go back to GUI based clients....
Five Big Data Projects To Watch Out For!
Here are five important Open Source Big Data projects that you may not know about....
Top Five Community Tools
Top-notch tools can help in growth and maintenance of communities that make real difference....
Top Five Open Source E-Commerce Platforms
Establishing online presence of your business is very simple with these platforms....
Five Things You Need To Know About BLE
Bluetooth Low Energy (BLE) Technology is set to improve the lifestyle of consumers....
LibreOffice 5.0 Brings Major Performance Changes
LibreOffice 5.0 proves to be the best free alternative to Microsoft Office. ...
Five Must-Have Apps For Chromebook
You can also install and use these apps on Chrome browser on any OS....
Top Five Linux Based Mobile Operating Systems
Open source operating systems are ruling the computing world. ...
When Will Adobe End Flash?
Adobe has lost trust factor from Flash user's mind!...
Is Windows 10 Inspired By Linux?
While Microsoft prohibits people from getting involved with its core, the Free Software Foundation criticises the tech firm for their "draconian laws"...
 
  View All
Dialogue
 
Meet Pranjal Saxena, India's 21 Year Old Electronics Wizard
Milan Ondhia of EFYTimes was in a forthright conversation with the 21 year old Pranjal Saxena from New Delhi; an aspirant at the WorldSkills meet, in ...
“We Offer Managed Document Solutions To CIO And IT Decision Makers”: Canon
Manufacturing within the country will surely reduce the cost of our devices, but manufacturing can begin only if there is the desired eco-system and w...
“One Day The End User Can Open Up A Used Battery, And Use What’s Inside As Barbecue Sauce”
Of course that is not something currently possible, but what B&B Batteries does have are some secret recipes for their very specialised battery design...
We Wish To Procure All The LED Components Within India: Avni Energy
G. Gururaja, director, Avni Energy Solutions Pvt Ltd, shares his views about the expanding LED industry in the Indian market and the company's plans i...
We Have Registered 50 Per Cent Growth In The Last Two Years: Arihant Lighting
Apart from LEDs, Arihant is associated with the promotion of renewable energy in India and therefore, manufactures various energy saving products....
   
  View All
Videos
 
First Look: LG Optimus G
The phone sports a high-end display and comes powered by a powerful processor. ...
Create QR-Codes For Free
TEC-IT releases the freeware QR-Code Studio to provide a quick and convenient way of QR code creation for every application scenario....
DoT Secretary Shares Plans For Growth Of Telecom Sector
M.F. Farooqui has recently taken charge as secretary, Department of Telecom....
Hands-On: Sony Xperia Z
Xperia Z is Sony's first entrant model in the big-screen smartphone category. ...
Hands On: Videocon A30 Smartphone
Videocon, the consumer electronics company which is known for its refrigerators, washing machine and air-conditioner has unveiled its Android-based sm...
   
View All
   
 
IFA 2014
 
IFA 2014: LG Launches 34-Inches Curved Monitor
The company is yet to confirm price and availability of the device....
IFA 2014: Intel Launches First Core M Range Of Processors
This range of processors is tailor-made for 2-in-1 devices which include a tablet and a laptop....
MWC 2014: Tablet Lets People Feel Textures On Its Screen
Now feel what you see on your tablet, by way of ultrasonic waves....
MWC 2014: 4K Android Tablet Games To Kill Consoles, iPad
Tablet makers like Samsung want to beat the iPad by making 4K tabs. ...
MWC 2014: This Vodafone Backpack Helps Get Network In Disaster Situations
Two engineers of Vodafone New Zealand displayed the "mini" mobile network by Vodafone substructure in a backpack. ...
MWC 2014: Wilocity Chipset To Bring 'Lightening' Speed To Mobile Phones
Wilocity has developed a WiGig chipset for mobile phones that will bring lightning-fast wireless capability ...
MWC 2014: Samsung Introduces Octacore, Hexacore Chipsets
The Korean giant, Samsung unveiled two new octacore and hexacore chipsets at MWC 2014, in Barcelona. The company previously used Exynos 5 Octa 5410 ch...
   
View All
   
 
Events
 
19th Consumer Electronic Imaging Fair To Be Held On ...

View All
   
   
 
 

home archives contact us advertise with us
           
Magazines Portals Directories Events News Verticals Educational Institute  
Electronics for You
Open Source for You
Electronics Bazaar
electronicsforu.com
efytimes.com
opensourceforu.com
electronicsb2b.com
Electronics Annual Guide
EFY EXPO INDIA
EFY EXPO WEST
ELECTRONICS ROCKS
EFY Awards
OSIDAYS Expo
Electronics
Infotech
Linux & Open Source
Consumer Electronics
Science & Technology
BPO
EFY Techcenter

Educational Kits
Kitsnspares.com  
 
 
© Copyright 2015 EFY Enterprises Pvt. Ltd.
All rights reserved. Reproduction in whole or in part in any form or medium without written permission is prohibited.
Usage of the content from the web site is subject to Terms and Conditions