FUTURE TECHNOLOGY
Institute of Standards and Technology log-in on average 23 times a day, leading to password fatigue.
Plus, users now expect instant access to corporate data and services from anywhere at any time from their mobile device. This means that employees using traditional but weak username and password-based authentication are inadvertently opening up their organisation to a number of sophisticated cyber threats.
Tap authentication enables authentication to multiple apps and services on multiple endpoint devices without having to recall and re-type additional codes and passwords. The process requires only three simple steps. First, users open a browser on their NFC-enabled device and then type the application URL they wish to access. Next, they enter their corporate username and password. Finally, they tap their access control card to the back of their NFC-enabled mobile device or tablet to provide the second authentication factor. The card can be read without needing to be physically inserted into a reader device.
Besides improving convenience, the tap authentication model takes advantage of the existing access control system to ensure a seamless user experience that can extend throughout the physical and IT access control infrastructure. The result is a single, more efficient and economical identity and access management system. By centralising identity and access management in this way, organisations can consolidate tasks and reduce ongoing operational costs, and also have the ability to flexibly scale and adapt capabilities while realising growing value for the organisation.
Adding tap authentication, like any other new access control capability, is difficult with a legacy physical access control system based on static, hard-toupgrade technologies. This is why so many organisations are moving to new physical access control systems that are based on dynamic technologies, and therefore
Tim Phipps is Vice President Product Marketing and Identity Assurance with HID Global
adaptable to changing needs and best practices as security threats evolve.
Today’ s physical access control systems offer improved security of contactless high frequency or microprocessor-based smart card technology. The most effective of these smart card technologies uses mutual authentication and cryptographic protection mechanisms with secret keys, and a secure messaging protocol that is delivered on a trust-based communication platform within a secure ecosystem of interoperable products.
With a physical access control systems foundation, organisations can also support different applications on the same smart card- from access control for the parking lot, main door, individual offices, to the new capability of tapping in and out of computer applications.
Today’ s tap authentication solutions are cloud-based and do not require any on-premises hardware to install or service contracts to maintain. IT deployment is a simple process of installing authentication system software and device apps, synchronising users with the authentication cloud service, and notifying them when they can begin using the system. Organisations also have the option of deploying conventional card readers in areas where endpoints do not have built-in NFC readers.
There are other considerations for an effective deployment. User authentication is one of five security layers that every organisation should consider. The other layers include authenticating the device, protecting the browser, protecting the application, and finally authenticating the transaction with pattern-based intelligence for sensitive transactions.
Implementing these layers requires an integrated, versatile authentication platform with real-time threat detection capabilities. This platform, combined with an anti-virus solution, provides the highest possible security against today’ s threats.
Organisations can also consider storing biometrics on the smart card. With biometrics, users can reliably authenticate themselves with the simple touch of a finger, enabling them to log into multiple applications while providing an irrefutable audit trail.
Organisations are moving toward converged solutions that can be used to secure access to everything from doors to computers, data, applications, and cloud-based services. Tap authentication provides a key ingredient for achieving this objective, while at the same time delivering the convenience and simplicity of the tap experience. Users have already traded in mechanical keys for smart cards that open doors and gates.
Now, this same card can also replace dedicated one-time password solutions, within an access control system ecosystem that will continue to flexibly scale and adapt while delivering value to the organisation. The system investments that are made today can be preserved over time as organisations grow, evolve, and continually improve their security capabilities to combat changing threats to facilities, information security, and information privacy.
30 Issue 03 INTELLIGENT TECH CHANNELS