Payment, Mobile, and Online Security Mashup

March 1, 2009
  • ThreatMETRIX Online Fraud Control and Chargeback Protection USA
    ThreatMETRIX monitors online profiles of users to determine the risk of a sensitive transaction. Their risk profile will work even if the users browser has disabled cookies or javascript. The service also accesses a reputation network to determine if the presented user has been flagged on any other web services, firewall logs, and honey pots. This looks very similar to some of the services offered by RSA.
  • Silver Tail Systems: Protects Websites from Logic Attacks
    “Online criminals don’t need to break into your website, VPN or secure networks to defraud you or your customers. They can use the front door – exploiting legitimate business logic or business logic flaws of the website itself”. Silver Trail has two products. The forensics product monitors you site and raises alerts when it identifies suspicious behavior (deviations from the norm). It also provides a search tool that allows administrators to investigate behavior. The rules engine provides a mechanism that allows administrators to restrict navigation flow on the site for specified users.
  • NCore Systems
    NCore Systems provides enterprise class delivery channel solutions to Banks within the ASEAN region fusing applications, innovative security and middleware technology into a single integrated platform. The company builds complete virtual financial destinations that empower Financial Institutions to ‘reach out and touch’ their customers through the innovative use of web based and mobile technology. Basically, they provide online banking and a software based mobile banking second factor authentication.
  • Aradiom: Mobile framework, Security Token
    Aradiom provides a security token application that can serve as a second factor for online sites. The Aradiom SolidPass can be used to generate a one time password, generate challenge codes, and security questions. SolidPass also supports Transaction Data Signing (TDS). This allows the user to authenticate the transaction with a challenge issued by the enterprise and a response generated by SolidPass based on the transaction details
  • Acculynk: Software Pin Capture
    Acculynk provides a solution that allows online shoppers to pay for products using a unique software pin capture solution. The solution allows you to enter your pin using a pin pad control on the screen. The order of the numbers scramble after each digit in your pin is entered. The biggest advantage is the reduction in charges to the merchant. In many cases, pin purchases cost less than credit purchases.
  • Atmel Products – Security & Smart Card ICs – Secure RFID: CryptoRF
    CryptoRF is 64 bit encryption security for RF devices. CryptoRF product labels, tags, and cards are virtually impossible to copy. Rather than using passwords that are easily captured during contactless transactions, CryptoRF devices use the authentication keys, session encryption keys and a random number to generate a unique identity, or “cryptogram”, for each transaction. The host reader and the CryptoRF device must both be able to duplicate each other’s cryptograms before any data can be accessed or written.Uniquely, CryptoRF devices allow two completely independent users, each of which has its own separate authentication key to access the same section of the memory. This feature is useful for applications such as cards used in cash-transactions.
  • TazTag mobile identity
    The TazCard is a new multi-purpose device in a slim credit card format (6 mm in thickness).  It’s like a personal safe with a large touch screen, a fingerprint sensor and various communication interfaces (NFC, USB, ZigBee) TazCard interfaces with a range of security applications such as access control, ticketing, couponing and payment. If required, a Java Software Development Kit makes possible the addition of further customized applications. I really like the finger print technology. Also, all data exchanges requires approval. So, the card will not exchange information unless the user is authenticated (with finger print) and authorizes the data exchange.  I think NFC payment adoption would accelerate dramatically if fingerprint technology was introduced in phones at the same time NFC chips were introduced.
Advertisements