Authentication: new solution by Natural Security
- A prototype of strong authentication solution associating biometry and contactless technology was presented by the young Lille-based company Natural Security on November 25, 2010. This innovation enables payments as well as accesses to several kinds of, proximity or distant, services (including online banking services, password management, etc.). Simple, fast and secure, it can be used regardless of the place and amount.
- It relies on a medium (smartcard, mobile phone, etc.) designed to store the required data to authenticate cardholders. Through the adoption of contactless technologies, the purchaser does not have to take out his card any more.
- Biometric data is stored on the medium upon the cardholder's request, this information is not kept on a centralised database, in compliance with the CNIL recommendations. Transactions are validated if, when confronted with the stored data, the cardholder's information enables his identification. Natural Security now wishes to implement its technology through pilot tests.
- The notion of time saving is now of utmost importance, in this context this simple and secure solution seems relevant. In fact, however banks and merchants are conscious of these issues, time saving must not affect operations' security. Card data protection remains a central preoccupation. Natural Security limits the risk of fraud, even in case of theft, as it guarantees that no other than the cardholder can perform transactions, precisely because he cannot lose one of the two required authentication factors (his biometric information). In addition, the customer does not have to take out the medium during the transaction, which decreases the risk of loss or theft.
- The market of strong authentication solutions now bursts and several solutions are launched. Banking institutions will however have to ponder over their “intrusiveness”, as is the case with biometric solutions and contrast them with the risk level of the given secured operation. With time, strong authentication offers will most likely be rationalised and we may witness a convergence of the devises used. This last point is one of the prevailing expectations on the side of the e-merchants, who regularly mention it through the FEVAD.
- During the 2010 Salon Cartes (cards exhibition), Gemalto's eGo project (elaborated in collaboration with Atos Worldline, the INRIA, Precise Biometrics and other partners) was awarded for its innovative features in terms of IT security. In this case, the device containing the biometric data is integrated into a watch, cloth, jewellery, or any other accessory. This kind of authentication system could, for instance, enable access to micro-computers (the eGo device would then be placed in the mouse or keyboard) or ensure payment validation.