Our Technology Catalog – CPK, PKI, 2FA, PC/SC
Public Key Infrastructure (PKI)
The Public Key Infrastructure is a broadly used security system that employs a public key to digitally sign and/or encrypt data when performing a secure transaction. PKI solutions require a Certificate Authority (CA) to issue such Public Keys and be liable when linking keys to individuals. PKI deployments involve a Key Management System (KMS) to enroll users, issue certificates and store keys.
Read More about Longmai’s expertize in this domain
Combined Public Key (CPK)
Combined Public Key (CPK) Cryptosystem is an Identity Based Encryption (IBE) scheme, which is a public-key cryptosystem where any string is a valid public key, such as email address email@example.com
Users who share a public parameter (called public key matrix) can encrypt a message or verify a signature by other’s identity (such as email address) without his X.509 certificate. CPK is based on Elliptic Curve Cryptography (ECC).
Personal computer/Smart Card (PC/SC)
PC/SC, Personal computer/Smart Card is a standard framework for Smart Card access on Windows Platforms (included in Windows 2000).
What is the PC/SC Technology ?
The interoperability specification for ICCs and Personal Computer Systems (PC/SC) has been developed to ease the introduction of smart cards into the world of PCs. The advantage of PC/SC is that applications do not have to acknowledge the details corresponding to the smart card reader when communicating with the smart card. This application can function with any reader that complies with the PC/SC standard.
One-Time Password (OTP)
One-Time-Password (OTP) is a two factor authentication technique widely used for online banking and enterprise logical access. Security-wise, one factor authentication such as Username/Password is subject to phishing attacks. To strengthen security it is recommended to use 2 factors: “What I know” + “What I have” to eliminate fraudsters from phishing passwords. An OTP device will generate a one-time password to be entered for a given transaction that is mandatory to granting access or validating the transaction. Such OTP devices can be standalone (Timebase or sequential list of one time passwords) or connected via the internet to a back-office server that calculates the One-Time-Password. Read ABout One time password system to prevent using stolen or copied passwords.
Two Factor Authentication (2FA)
Two Factor Authentication (2FA) is a security technique aimed at strengthening 1FA techniques (typically Username/Password). This system requires a second factor that is mandatory to access or validate a transaction. The first factor is usually “Something I know” and the second factor can be “something I have,” “Where I am” (geo-localization) or “What I am” (Biometrics). 2FA creates many new initiatives for a seamless second factor system. Today, the second FA is often an OTP (One-Time-Password) calculated by itself or via a connection to a server, and delivered to a device the user has with him/her. Gemalto Ezio Suite offers a comprehensive portfolio of such solutions, including the use of a payment card which generates OTPs.
JavaCard is an implementation of Java adapted for a Smart Cards microprocessor system. It optimizes performance with a highly compressed amount of code. UICC SIM cards support Java applets and developers can access a very rich SDK to develop their applications. To date, Java Card and the STK (SIM Tool Kit) are the most efficient methods of deploying applications to more than 4 billion handsets using 2G, 3G and 4G networks worldwide.
Read More about Java Card technology
Biometrics is a human identity attribute that is unique to each individual and non-modifiable over time. This identifying human trait can be a fingerprint, an iris image or a DNA sample. Biometric data procurement consists of measuring an identity attribute and comparing it with previously collected records. This step can be done in one of two ways. One method is submitting the comparative analysis to a central online database that stores biometric data collected from enrolled users. The second way is perform a “match-on-card,” an offline verification of the stored biometric data found inside the microprocessor chip of the smart card. The second technique, “match-on-card”, is an extremely secure method and allows for no central database to obtain remote access.
Navigate to our Product Release Page