Imagine a whole new type of password based on face recognition - a password that dispenses with numbers, letters and symbols while keeping attackers out.
The hotel room keycard may become as obsolete as the brass room key it replaced. Door lock vendors have developed the technology to let smartphones function as keys, and the hotel industry is beginning to try it out.
Biometrics look like the future of authentication for payments, according to payment experts at the Biometrics Institute Asia Pacific Conference in Sydney.
NFC technology can be used for gaining access to your company’s networks and data. This can be done in two ways. One way is to use your NFC device as a reader when logging in remotely. After entering your log in information, you hold your contactless ID badge up to your phone, which acts as a reader and authenticates you as the valid employee. A second method is to have your employee identity credentials directly on your mobile device inside of the secure element. It works in a similar fashion for authentication, except you no longer need a separate ID badge.
An advanced Facebook security option, “login approvals,” uses one-time password (OTP) codes to verifying your identity when logging in to your account. If you turn this feature on in your Security Settings page (> Account Settings > Security), you'll be asked to enter a special OTP login code each time you try to access your Facebook account from a new computer or mobile phone. This can help prevent a hacker from hijacking your account.
Facebook is a good example of how to use mobile devices to enhance online security. If you have associated your mobile phone with your account, you can text 32665 with the message “otp” and Facebook will text back a one-time special code you can use to login to your account. You can also use the Facebook mobile app “Code Generator” to create OTP codes.
Biometrics consists of using a part of you—a fingerprint, handprint, iris scan, voiceprint, even your DNA—to prove your identity. A fingerprint biometric can be used in two-factor authentication to identify you instead of, say, a PIN code. Or it can be required in addition to a PIN code, something known as multi-factor authentication. Security experts agree that having additional "factors" to prove someone's identity increases security.
Many security-conscious banks and e-commerce providers offer clients the option to use two-factor authentication, which combines something you have, some sort of personal digital security device, with something you know, your password, every time you login. This is the safest way to bank online, because even if someone can steal your username and password, say by phishing or a keyboard logger spyware program, they cannot access your online accounts without the security device.
A certificate is a secure digital document that a website, organization or individual provides to confirm their online identity and to enable a secure connection. Certificates can also be used to digitally sign transactions or documents, and to encrypt confidential information exchanged over the Internet.
A Certificate Authority (CA) is a trusted organization that issues certificates for use by other parties. Certificates are cryptographic digital security documents used to confirm the online identities of Internet service providers (ISPs), email providers, businesses, government agencies, websites and individuals. Examples of popular CAs include VeriSign, Thawte and Geotrust (all owned by Symantec), Entrust, Comodo and GoDaddy. When an organization obtains a digital certificate, the CA confirms the identity of the organization or person receiving it.