Archive for the General Category

Multi-factor, not just biometrics.

Posted in Computers and Internet, General, Security with tags , , , , , , , , , , , on February 5, 2018 by Will

Picture1Biometric authentication is fairly common place today.  Just about everyone knows how to use the Fingerprint scanner on most modern smartphones.  With the newer phones, facial scanning has started to take the place of the fingerprint.  And some Mobile Apps that are trying to up their security beyond the builtin platforms have included iris scanning.  Biometrics check off the “ease of use” and “strong security” check boxes most of the time.

Where it starts to fall apart is when application owners start to implement only biometrics.   For years security experts have been telling applications that they should be implementing multi-factor authentication.  This means they should be pairing two different authentication technologies from at least two different factor groupings.  As a refresher, there are three authentication factor groups, “Something You Know”, “Something You Have” and “Something You Are”.  Taking two technologies from the same factor does not mean you have multifactor, you must have at least two technologies from different factors.  Biometrics fits into the “Something You Are” factor grouping and is a single factor technology.

Today a great write up on the attack vectors that are currently plaguing the most common biometric technologies was published on DarkReading.  The attacks have been darkreadinglogoaround for a while, but they still work.  When you read the article, it impressive as to how simplistic these attacks really.  Biometrics are an advanced technology, and yet a piece of paper, or a gummy bear is all that is needed to break them.  These attacks will be mitigated and solved and new versions of the products will be released, but then that will just invite new attacks.  Nothing is completely secure from some style attack, it just takes longer to find the appropriate attack vector.

Application owners should see these attacks and think back to attacks on static passwords, and on SMS passwords and all of the other authentication attacks.  When you take one from of an authentication factor, there are probably a few different attacks against it.  However, when you start to combine the technologies across the different factors of authentication, the attacks are much harder and even some of them are next to impossible.  The best applications implement multifactor authentication in ways that only call attention to them when it is needed (or detected), and allow a user to continue to do what they need to without being impacted all the time.

Advertisements

Developer Week 2018 opens today

Posted in Computers and Internet, Conferences, General with tags , , , , , , , , , , , , , on February 5, 2018 by Will

Monday morning in Oakland, California and Developer Week 2018 has started.  Registration is going well, and my colleague, Michael Williams, and I are all setup and ready to give our talk tomorrow.  Our talk is on Tuesday from 3:00 to 4:30PM on the home-box-dw-new18second floor in room 208, Workshop Stage 5.  We’d love to fill the room and get everyone in to hear about VASCO Data Security’s latest DIGIPASS for Apps mobile SDK’s and eSignLive SDK’s.  We will take you through how to leverage the free to trial DIGIPASS for Apps API’s to help extend the your apps features and build small security steps on your way to creating a fully trusted and secure mobile app.  We will also help you with implementing a full digital signature workflow moving your app towards a complete electronic document processing implementation.  In the end we hope to leave you with information on how to use all of our technologies to enhance and speed up your mobile app strategy by giving you a number of new tools you can use in your daily development lives.

We hope to see you there, and questions are always welcome!

 

Hackathon @DeveloperWeek 2018 eSignLive by VASCO Winners!

Posted in Computers and Internet, Entertainment, General with tags , , , , , , on February 4, 2018 by Will

Congratulations to our winners!

1st Place:IMG_20180204_155613-devweek2k18-winners

Esfer – This team decided to tackle the legality of Peer to Peer payments.  They created a beautiful prototype of a mobile application where a requester could create a legal document using the eSignLive SDK and send that to the payee where the payee would then sign the document and accept the terms and complete the transaction.

2nd Place:IMG_20180204_155217-devweek2k18-second

VMatch – This team decided to make a mobile app to connect Conference Organizers with Volunteers.  It included a video conference component to interview candidates and then used the eSignLive Android SDK to create a volunteering contract with the organizer.

Great Apps!

Hackathon Day 2 – Let’s see your projects!

Posted in Computers and Internet, Entertainment, General with tags , , , , , , , , , , on February 4, 2018 by Will

Start of the @DeveloperWeek 2018 Hackaton day 2.  We saw some amazing starts yesterday, so very innovative products and cool uses of our eSignLive SDKs.  Today, weIMG_20180204_092558-esl hope to see some of these projects get to a finished state.  You can still register your project online at the show website: http://accelerate.im/challenges/179.  We will be announcing our winners this afternoon, so make sure you get those projects completed for the judges.  If you are looking for our table, we have moved to the second floor, come up and ask us anything.

On a side note, Congratulations @TomBrady MVP, GOAT, and let’s go @Patriots!

1920x1080_pats_wallpaper

$4000 in prizes this weekend, Hackathon @DeveloperWeek in San Francisco

Posted in Computers and Internet, General with tags , , , , , , , , on February 3, 2018 by Will

hackaton-banner-badgeHere we are, hanging out with a huge group of developers in SoMa.  There is a ton of cash on the line from over 20 vendors.  We are here offering $4000 in Amazon Gift cards, $2000 for the first place winner (and you can get an extra $250 if you use the mobile SDK’s) and $1000 for the second place winner (and the same extra $250 for mobile usage, and finally 4 prizes of $250 for the best Reporting Dashboards out there.  So if you’re a developer and need some cash this weekend come down and give it a shot.

Great crowd and some awesome ideas floating around.  It is awe-inspiring to watch allIMG_20180203_121513 these developers at work on different projects at once.  I had a colleague from another vendor take a trip down memory lane and just how much the tech space has changed.  We both worked for internet startups in the early 90’s during the beginning of the Internet.  Things have come a long way.  To get this many developers in one spot all working on problems and solutions that are for all different walks of life, things have certainly advanced.

There is still plenty of time and I’m sure there are plenty of problems out there that need solutions.

E3 2010 Day 2

Posted in General on June 16, 2010 by Will

Second day and at the south hall. Booths are much bigger here. Pics are updated and linked.

E3 2010 day 1

Posted in General on June 15, 2010 by Will

Pics of the first hall and the booths outside of the halls.  I’ll figure out how to update the text on the pictures soon.

%d bloggers like this: