Tag Archives: authentication

SMS-based 2-factor: Good or Bad?

Wired published recently an article about how SMS-based 2-factor authentication is not good. This article is making a buzz, and an article appeared on that topic in Fortune. The basis for these articles is that SMS-based authentication is not associated to something you have (your phone), but with something you are loosely associated to (your […]

Chip to Cloud, day 2: NFC authentication in the cloud

This is a presentation from Gemalto’s Maurizio Divona, delivered by her colleague Virgine Galindo. It starts from cloud authentication, where strong authentication typically happens with tokens that need to be distributed by service providers. The idea is of course to use NFC technology to simplify this, which would allow the use of strong authentication in […]

Chip to Cloud, day 2: My personal attribute hub

This is a talk by Annette Laube, from the University of Bern. It builds on Switzerland’s eID program, extending it for new uses. The idea of national eIDs is to provide electronic signatures, and to certify personal attributes taken from official documents like a passport. The SuisseID used in Switzerland is a tradtional one, in […]

Chip to Cloud, day 1: Mobile authentication

Presentation from Vasco’s Nicolas Fort. Of course, the use case is about banking, since this Vasco’s stronghold. Banks have been used to interface with customers face to face in branches. 40 years ago, they added the phone, first with a human on the bank’s end, then without. They then added the ATM network to check […]

Cloud (mis)authentication

I just read an amazing and chilling story about cloud authentication and hacking. Some guy just lost a big chunk of his digital life, because cloud authentication is not secure, or maybe even more, because cloud authentication is not enough standardized/regulated/watched. In his case (read the story, I won’t repeat it here, and it is […]