Con esta herramienta te facilitamos un acceso a todas las ofertas y demandas de tecnología europeas y a búsquedas de socios para participar en propuestas europeas de I+D publicadas en la red Enterprise Europe Network, pudiendo filtrar los resultados para facilitar las búsquedas más acordes con tus necesidades.

¿Quieres recibir estos listados de oportunidades de colaboración en tu correo de forma periódica y personalizada? Date de alta en nuestro Boletín

Para optimizar los resultados de la búsqueda, se recomienda utilizar términos en inglés.

Nuevo método de autenticación seguro y fácil de usar

Resumen

Tipo:
Oferta Tecnológica
Referencia:
TOUK20180607002
Publicado:
12/06/2018
Caducidad:
13/06/2019
Resumen:
Una empresa británica ha desarrollado un método de autenticación más fácil de memorizar para los usuarios a la vez que genera códigos de un solo uso y es extremadamente seguro. Este método libre de hardware se integra fácilmente por desarrolladores de soluciones de autenticación y usuarios en sectores como banca, seguros o comercio electrónico. El usuario puede utilizar un solo patrón para todos los sitios o cuentas a los que necesite acceder o bien puede elegir tener diferentes patrones. También puede combinarse con biometría. El secreto es la forma mediante la cual el patrón mental se comparte con el proveedor de servicios. El patrón se almacena en fragmentos en diferentes lugares y, por lo tanto, es más difícil de acceder que los estándares para encriptación de contraseñas y almacenamiento en sistemas, como MS Active Directory. La empresa busca compañías con el fin de establecer acuerdos de licencia.

Details

Tittle:
A new authentication method that is both more secure and more user-friendly
Summary:
A UK company has developed an authentication method that is easy for users to memorise whilst generating one-time codes and being extremely secure. It is also hardware-free and easy to roll out for authentication solutions developers and users in sectors such as banking, insurance, e-commerce. Businesses are sought for license agreements.
Description:
We all know the problems with passwords. Users dislike being forced to keep creating new ones, and unfortunately, hackers manage to get hold of passwords - which allows them to impersonate the user. The service providers sometimes get hacked.

On the other hand, biometric identification has not taken off properly due to civil liberties and reliability issues.

The key-fobs that generate one-time codes are good but they are dependent on additional pieces of hardware being carried, introducing additional cost and inconvenience. Also their "keys" have to be stored in a global database such as RSA´s that was hacked in 2011 leading US defence contractor Lockheed Martin to blame RSA for a subsequent break-in.

A young East of England company has developed an entirely hardware-less system that combines the convenience of a mentally-held secret (users´ create a pattern or shape when enrolling) with the strength of key-fobs, which are able to provide different codes every time they need to log in, be authenticated or provide their authorisation to perform an action.

The picture shows a matrix (which would be displayed on the user´s screen) filled with random numbers. Using their mental pattern, the user is able to read off a new code. The system is secure against shoulder-surfing or other threats.
The next time, the numbers in the matrix will be different, but using the same pattern, the user is able to create or extract a different code. A user may use a single pattern for all the different sites or accounts he needs to access - or he/she may choose to have different ones. The pattern and the software have the potential to replace all fixed passwords, PINs, credit/debit card PINs and other authorisation codes. It is also possible to combine it with biometrics.

The entropy offered exceeds that of key-fob tokens, making it more secure.

The "secret ingredient" is how the mental pattern that is shared with the service provider is scrambled. It is stored in fragments in different places and is therefore significantly more difficult to break into than the standards for password encryption and storage in systems like MS Active Directory.

For service providers this solution is very convenient and cost-saving as the matrix can be reproduced on any device with a display or even in hard copy.

In theory at least this solution alleviates all frequent troublesome situations where passwords and hardware are lost or stolen. All the user needs is to remember the pattern.
The UK company is seeking partners amongst a variety of businesses developing or offering secure authentication. Finance, insurance, e-commerce are a few sectors to name. The software APIs will be shared under license agreements.
Advantages and Innovations:
The innovation lies in the combination of the high security of one-time codes with a mental pattern that is easy to remember yet is very unique.
The proprietary technical advancement focuses on the secret sharing of the mental pattern in a significantly more secure way than passwords are currently held by banks and other providers.
The solution is hardware-free and is cheap and easy for service providers to roll out.
Stage of Development:
Available for demonstration
IPs:
Secret Know-how

Partner sought

Type and Role of Partner Sought:
Type of partner sought: industry
Specific area of activity: finance, insurance, e-commerce
Role of partner sought: to implement the APIs under license.

Client

Type and Size of Client:
Industry SME <= 10
Already Engaged in Trans-National Cooperation:
No
Languages Spoken:
English

Keywords

Technology Keywords:
01003009 Data Protection, Storage, Cryptography, Security
01003011 Electronic Commerce, Electronic Payment & Signature
01003019 Electronic Signature
01003023 Environmental and Biometrics Sensors, Actuators
01002013 Tarjetas inteligentes y sistemas de acceso