SlideShare a Scribd company logo

Internet transaction and communication security

Download as PPTX, PDF
D
Dianoesis

The internet - and your company - needs a new architecture for future internet transaction and communication security. And Guardog will prevent impersonation - the biggest weak point of all existing security schemes.

Technology
1 of 38
Introduces
Internet security today:
Cybersecurity today.  Trojan horses  Keylogging  Phishing  Impersonation  Malware  Bots  Worms  Viruses  Rootkits  Spyware
Recent breaches. • Target– 70,000,000 • Facebook – 6,000,000 • Evernote – 50,000,000 • Adobe – 38,000,000. • RSA – 660,000 to 1,000,000 • Zappos – 24,000,000 Today, this observation is all too true: “A false sense of security is the only kind there is.” -- Michael Meade
Costs of cybercrime. Cost of cybercrime surges to $113 billion. Costs have climbed by an average of 78%. Time required to recover from a breach has increased 130%. In the United States alone, the annual cybercrime cost seen by the 60 businesses studied ranged from $1.3 million to more than $58 million and averaged $11.6 million per company – an increase of $2.6 million from 2012. The average cost of cleaning up after a single successful attack was $1 million. But the costs of correcting data breaches are no longer the only cause for concern. The legal consequences, such as class-action lawsuits on behalf of third parties affected by such cyber attacks, are a growing worry of business owners.
Cybersecurity today. Today’s authentication scheme is 40 years old. It identifies its users from one or a combination of the following elements: 1. Something the user has: computer, mobile phone or RSA key 2. Something the user knows: password, username, identification (PIN) number etc.
Static authentication. All authentication protocols currently in use have one common weakness: They are static. Static credentials are prone to manipulation and theft. After several years of helping organizations investigate hundred of security breaches around the world, Mandiant has found a constant: 100% of breaches involved stolen credentials. And the average time until a breach is detected is 462 days.
Industry response.  Strong password  Two-factor authentication  Out-of-band verification. i.e. email, SMS, phone call follow-up (very inconvenient and still only verifies initial login and doesn’t stop Man-In-the-Middle intrusions)  Secure tunneling (SSL), disk or transparent encryption (AES)
Industry response is insufficient. Reports of successful attacks on smartcard-based technology illustrate that "true two-factor authentication is not possible without a physical component that is not accessible digitally.” -- Jaime Blasco, Director, AlienVault Labs To overcome the limitation of static authentication – the weakness in digital identity security – a new physical component is required.
But now there’s Guardog has four elements that no other system has (think of them as Guardog’s four muscular legs).
1 Guardog gives a user a physical element: a Guardog key which the user inserts into his/her computer. This non-digital element, integral to a user’s session with the service provider, is beyond the reach of any intruder. The Guardog key is also available as a Smartphone app.
2 When a user logs in to the service provider, to authenticate who he/she is, Guardog has the service provider authenticate itself back to the user. Since this is the reverse of LOGIN, we call it NIGOL. Login/Nigol starts a mutual authentication that we call . . .
The patented Guardog invention:
3 Cothentication™ does not stop at login. Instead, it continues throughout every session. Each time a user makes a request of the service provider – any monetary transaction or any transmission of information – Guardog institutes another Cothentication. Guardog repeatedly verifies the user’s and service provider’s identity.
4 Guardog’s Cothentication is dynamic, and based on 128 bit encryption through randomly generated codes. Thus every exchange is different from every previous exchange. This unpredictable characteristic defeats any and every attempted intrusion.
1. The Guardog Key. Guardog uses a unique and radically different approach to deliver the only absolute solution for Internet transaction and communication security. Guardog gives the user a physical element: the Guardog key, either as a USB key or as a Smartphone app which works in conjunction with the browser. By employing either of these physical elements, integral to a user’s session with the service provider, Guardog puts the session beyond the reach of any intruder.
1. The Guardog Key. Simply put, the Guardog Key is a next-generation hardware security device. It is designed to help all users achieve a higher level of digital security simply and easily. The Guardog Key helps protect digital identity, communications and transactions. It is a critical component in a state-of- the-art closed loop security solution that leaves a would-be "Man In The Browser" (MIB) and “Man-In-the-Middle” (MITM)...a "Man Out In The Cold!" (MOITC).
2. The Guardog Server. Mutual. The Guardog server “faces” both ways – toward the service provider and toward the user. Guardog is a mutually trusted party. It creates and validates randomized, “destination-aware” secure communications and transactions. Zero knowledge. Just as a dog guarding a valuable installation has no knowledge of what’s inside, Guardog has zero knowledge of the Internet transactions and communications whose security it protects.
3. The service provider (The Bank). A service provider uses designated authentication servers to perform special functions such as authenticating itself to the user and confirming the user’s authentication back to the service provider.
16-step Cothentication process. To begin a session with a service provider who has installed the Guardog system, a user inserts his/her Guardog key in a USB port or activates the Guardog Smartphone app in conjunction with his/her computer browser. This sets in motion a 16-step Cothentication process: the user authenticates himself/herself to the service provider and the service provider authenticates itself to the user...all within milliseconds. On step 14, Guardog "opens a gate" between the user and the service provider. The gate stays open through step 15, then closes on step 16...no time for a would-be intruder to get in.
16-step Cothentication process.
Once Guardog Cothentication is complete... Only when these 16 authentication steps are complete does Guardog “open a gate” or “open a window” between the user and the service provider, for the communication or transaction itself. Within a session, whenever the user makes a new request, these steps are repeated. Once they are completed, Guardog opens another gate or window, for this new communication or transaction.
Guardog visualized. Imagine you are standing in front of a huge blank wall. All of a sudden a window opens somewhere in the wall and an anonymous message passes through in a split second. Then the window disappears. Then another window opens up in a totally different spot - and disappears. It is never clear if and where another window will open. That’s how Guardog works. The message transfer cannot be spoofed, predicted or duplicated because it is random, encrypted and dynamic. This is Nuclear Launch Code Security.
AAF1267KL998MM6543)2
GHJ773121212KKJDCE34
AAF1267KL998MM6543)2
Competitive Analysis. 1. YubiKey 2. Safelock 3. Ironkey 4. iCloud Keychain 5. Smartcards 6. Public key/private key
Comparison. Competitors Guardog Strong password  Non-transferable Dynamic Credential 2 Factor Authentication (RSA)  Continuous Mutual Authentication Out of Band Verification (email, SMS)  Destination-aware Secure Messaging SSL and transparent encryption (AES)  Authenticated Encryption/Decryption Encryption Key protected by password  Encryption key protected by server and client side keys END RESULTS Identity fraud reduction  Prevents identity fraud Increased barrier of attacks  Eliminates an entire category of threats  Mitigates the risk of impersonations  Provides physical control over digital xxxassets  Protects 100% of user accounts
Guardog API supports: Operating System: Windows Server 2008, 2008 R2, 2013, Linux Web Servers: Apache, IIS etc. Database MySQL, MSSQL etc. Network Protocols: TCP, HTTP, HTTPS Development Languages: PHP, Asp.net, C/C++, Java
In summary: The old authentication versus the new authentication :
The existing Cybersecurity model: She sat down at her computer and inserted her username and password into her browser. Authenticated. She instructed her bank to move $150.00 from her checking to her savings account. She also sent a wire transfer to her sister in California. She paid the bill for her American Express card and instructed the bank to notify her of any payments over $200 as an additional security measure.
Guardog’s Cybersecurity model: She sat down at her computer and inserted Guardog’s patented Guardog thumbdrive. She opened the browser for her bank Cothenticated and Cothenticated instructed her bank to move $150.00 from her checking Cothenticated to her savings account. Cothenticated She also sent a wire transfer Cothenticated to her sister in California. Cothenticated She paid the bill for her American Express card Cothenticated and instructed the bank to notify her Cothenticated of any payments over $200 as an additional security measure. Cothenticated
Protection of Intellectual Property. Guardog technology is patented in the USA, Canada, China, Japan, Australia and New Zealand.
In conclusion. Cybersecurity has been solved. The perpetual motion machine and cold fusion are next on our list. Thank you.
Internet transaction and communication security

Recommended

Keyloggers A Malicious Attack
Keyloggers A Malicious AttackKeyloggers A Malicious Attack
Keyloggers A Malicious Attackijtsrd
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment Victor Oluwajuwon Badejo
 
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...CODE BLUE
 
Two factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideTwo factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideNick Owen
 
Digital signature 3
Digital signature 3Digital signature 3
Digital signature 3Ankita Dave
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacNCCOMMS
 

Recommended

Keyloggers A Malicious Attack
Keyloggers A Malicious AttackKeyloggers A Malicious Attack
Keyloggers A Malicious Attackijtsrd
 
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...
[CB20] Operation Chimera - APT Operation Targets Semiconductor Vendors by CK ...CODE BLUE
 
Insecure magazine - 52
Insecure magazine - 52Insecure magazine - 52
Insecure magazine - 52Felipe Prado
 
A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment A Case study scenario on collaborative Portal Risk Assessment
A Case study scenario on collaborative Portal Risk Assessment Victor Oluwajuwon Badejo
 
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...
[CB20] It is a World Wide Web, but All Politics is Local: Planning to Survive...CODE BLUE
 
Two factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideTwo factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideNick Owen
 
Digital signature 3
Digital signature 3Digital signature 3
Digital signature 3Ankita Dave
 
CSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacCSF18 - The Digital Threat of the Decade (Century) - Sasha Kranjac
CSF18 - The Digital Threat of the Decade (Century) - Sasha KranjacNCCOMMS
 
CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziNCCOMMS
 
Case study on JP Morgan Chase & Co
Case study on JP Morgan Chase & CoCase study on JP Morgan Chase & Co
Case study on JP Morgan Chase & CoVictor Oluwajuwon Badejo
 
Web security 2012
Web security 2012Web security 2012
Web security 2012Mohamed Elabnody
 
Banking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisBanking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisCSCJournals
 
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key SecurityIRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key SecurityIRJET Journal
 
iKeyPass...Unbreakable Password Security
iKeyPass...Unbreakable Password SecurityiKeyPass...Unbreakable Password Security
iKeyPass...Unbreakable Password Securityrambmohan
 
iot hacking, smartlockpick
iot hacking, smartlockpick iot hacking, smartlockpick
iot hacking, smartlockpickidsecconf
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
"Inter- application vulnerabilities. hunting for bugs in secure applications"...
"Inter- application vulnerabilities. hunting for bugs in secure applications"..."Inter- application vulnerabilities. hunting for bugs in secure applications"...
"Inter- application vulnerabilities. hunting for bugs in secure applications"...PROIDEA
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesDuo Security
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]Hai Nguyen
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password RequirementsJim Fenton
 
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...CODE BLUE
 
What is Network Security and Why is it Needed?
What is Network Security and Why is it Needed?What is Network Security and Why is it Needed?
What is Network Security and Why is it Needed?lorzinian
 
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident ResponseCrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident ResponseBrendon Macaraeg
 
The Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comThe Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comKayra Obrain
 
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-PaymentsSurvey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-PaymentsIRJET Journal
 
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ..."Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...PROIDEA
 
Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization amiable_indian
 
Data security in data communication
Data security in data communicationData security in data communication
Data security in data communicationMohd Arif
 

More Related Content

What's hot

CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziNCCOMMS
 
Banking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisBanking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisCSCJournals
 
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key SecurityIRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key SecurityIRJET Journal
 
iKeyPass...Unbreakable Password Security
iKeyPass...Unbreakable Password SecurityiKeyPass...Unbreakable Password Security
iKeyPass...Unbreakable Password Securityrambmohan
 
iot hacking, smartlockpick
iot hacking, smartlockpick iot hacking, smartlockpick
iot hacking, smartlockpickidsecconf
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesNCCOMMS
 
"Inter- application vulnerabilities. hunting for bugs in secure applications"...
"Inter- application vulnerabilities. hunting for bugs in secure applications"..."Inter- application vulnerabilities. hunting for bugs in secure applications"...
"Inter- application vulnerabilities. hunting for bugs in secure applications"...PROIDEA
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesDuo Security
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron ShrabergCODE BLUE
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]Hai Nguyen
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password RequirementsJim Fenton
 
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...CODE BLUE
 
What is Network Security and Why is it Needed?
What is Network Security and Why is it Needed?What is Network Security and Why is it Needed?
What is Network Security and Why is it Needed?lorzinian
 
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident ResponseCrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident ResponseBrendon Macaraeg
 
The Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comThe Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comKayra Obrain
 
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-PaymentsSurvey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-PaymentsIRJET Journal
 
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ..."Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...PROIDEA
 

What's hot (20)

CSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael NarezziCSF18 - Guarding Against the Unknown - Rafael Narezzi
CSF18 - Guarding Against the Unknown - Rafael Narezzi
 
Case study on JP Morgan Chase & Co
Case study on JP Morgan Chase & CoCase study on JP Morgan Chase & Co
Case study on JP Morgan Chase & Co
 
Web security 2012
Web security 2012Web security 2012
Web security 2012
 
Banking and Modern Payments System Security Analysis
Banking and Modern Payments System Security AnalysisBanking and Modern Payments System Security Analysis
Banking and Modern Payments System Security Analysis
 
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key SecurityIRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
IRJET- Authentic and Anonymous Data Sharing with Enhanced Key Security
 
iKeyPass...Unbreakable Password Security
iKeyPass...Unbreakable Password SecurityiKeyPass...Unbreakable Password Security
iKeyPass...Unbreakable Password Security
 
iot hacking, smartlockpick
iot hacking, smartlockpick iot hacking, smartlockpick
iot hacking, smartlockpick
 
CSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri DiogenesCSF18 - Incident Response in the Cloud - Yuri Diogenes
CSF18 - Incident Response in the Cloud - Yuri Diogenes
 
"Inter- application vulnerabilities. hunting for bugs in secure applications"...
"Inter- application vulnerabilities. hunting for bugs in secure applications"..."Inter- application vulnerabilities. hunting for bugs in secure applications"...
"Inter- application vulnerabilities. hunting for bugs in secure applications"...
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Security Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the HeadlinesSecurity Fact & Fiction: Three Lessons from the Headlines
Security Fact & Fiction: Three Lessons from the Headlines
 
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
[CB20] Illicit QQ Communities: What's Being Shared? by Aaron Shraberg
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]
 
Toward Better Password Requirements
Toward Better Password RequirementsToward Better Password Requirements
Toward Better Password Requirements
 
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
[CB20] LogonTracer v1.5 + Elasticsearch = Real-time AD Log Analysis System by...
 
What is Network Security and Why is it Needed?
What is Network Security and Why is it Needed?What is Network Security and Why is it Needed?
What is Network Security and Why is it Needed?
 
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident ResponseCrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
CrowdStrike Webinar: Taking Dwell-Time Out of Incident Response
 
The Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.comThe Best Practice with Code Signing Certificates - CodeSignCert.com
The Best Practice with Code Signing Certificates - CodeSignCert.com
 
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-PaymentsSurvey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
Survey Paper on Frodo: Fraud Resilient Device for Off-Line Micro-Payments
 
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ..."Is your browser secure? Breaking cryptography in PKI based systems, opening ...
"Is your browser secure? Breaking cryptography in PKI based systems, opening ...
 

Viewers also liked

Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization amiable_indian
 
Data security in data communication
Data security in data communicationData security in data communication
Data security in data communicationMohd Arif
 
Security in Near Field Communication
Security in Near Field CommunicationSecurity in Near Field Communication
Security in Near Field CommunicationVinit Varghese
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...sidhota
 
Protocols for internet of things
Protocols for internet of thingsProtocols for internet of things
Protocols for internet of thingsCharles Gibbons
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNAMatteo Masi
 
Realtime communication security - SIP, XMPP and others
Realtime communication security - SIP, XMPP and othersRealtime communication security - SIP, XMPP and others
Realtime communication security - SIP, XMPP and othersOlle E Johansson
 
Physical Layer Security in Wireless Communication Systems
Physical Layer Security in Wireless Communication SystemsPhysical Layer Security in Wireless Communication Systems
Physical Layer Security in Wireless Communication SystemsAli Rahmanpour
 
Nfc security shane_turner_spring2013
Nfc security shane_turner_spring2013Nfc security shane_turner_spring2013
Nfc security shane_turner_spring2013Shane Turner
 

Viewers also liked (10)

Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization Enhancing Computer Security via End-to-End Communication Visualization
Enhancing Computer Security via End-to-End Communication Visualization
 
Data security in data communication
Data security in data communicationData security in data communication
Data security in data communication
 
6421 b Module-09
6421 b Module-096421 b Module-09
6421 b Module-09
 
Security in Near Field Communication
Security in Near Field CommunicationSecurity in Near Field Communication
Security in Near Field Communication
 
Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...Cyber security of smart grid communication: Risk analysis and experimental te...
Cyber security of smart grid communication: Risk analysis and experimental te...
 
Protocols for internet of things
Protocols for internet of thingsProtocols for internet of things
Protocols for internet of things
 
Cisco Security DNA
Cisco Security DNACisco Security DNA
Cisco Security DNA
 
Realtime communication security - SIP, XMPP and others
Realtime communication security - SIP, XMPP and othersRealtime communication security - SIP, XMPP and others
Realtime communication security - SIP, XMPP and others
 
Physical Layer Security in Wireless Communication Systems
Physical Layer Security in Wireless Communication SystemsPhysical Layer Security in Wireless Communication Systems
Physical Layer Security in Wireless Communication Systems
 
Nfc security shane_turner_spring2013
Nfc security shane_turner_spring2013Nfc security shane_turner_spring2013
Nfc security shane_turner_spring2013
 

Similar to Internet transaction and communication security

INSECURE Magazine - 37
INSECURE Magazine - 37INSECURE Magazine - 37
INSECURE Magazine - 37Felipe Prado
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
 
Cs credit card processor
Cs credit card processorCs credit card processor
Cs credit card processorLiora R. Herman
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35Felipe Prado
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectivePragati Rai
 
How to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsHow to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsAll Things Open
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays
 
We explain the security flaw that's freaking out the internet
We explain the security flaw that's freaking out the internetWe explain the security flaw that's freaking out the internet
We explain the security flaw that's freaking out the internetaditi agarwal
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...LabSharegroup
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...OKsystem
 
A Survey of Keylogger in Cybersecurity Education
A Survey of Keylogger in Cybersecurity EducationA Survey of Keylogger in Cybersecurity Education
A Survey of Keylogger in Cybersecurity Educationijtsrd
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security TechnologiesRuchikaSachdeva4
 
A Review Paper on Cyber-Security
A Review Paper on Cyber-SecurityA Review Paper on Cyber-Security
A Review Paper on Cyber-SecurityIRJET Journal
 
The smartdefend Story Book
The smartdefend Story BookThe smartdefend Story Book
The smartdefend Story BookSmart Defend UK
 
Viruses, Biometrics, Encryption
Viruses, Biometrics, EncryptionViruses, Biometrics, Encryption
Viruses, Biometrics, Encryptionmonroel
 
Bitdefender - Solution Paper - Active Threat Control
Bitdefender - Solution Paper - Active Threat ControlBitdefender - Solution Paper - Active Threat Control
Bitdefender - Solution Paper - Active Threat ControlJose Lopez
 
How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyVASCO Data Security
 

Similar to Internet transaction and communication security (20)

INSECURE Magazine - 37
INSECURE Magazine - 37INSECURE Magazine - 37
INSECURE Magazine - 37
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect Design
 
Cs credit card processor
Cs credit card processorCs credit card processor
Cs credit card processor
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
INSECURE Magazine - 35
INSECURE Magazine - 35INSECURE Magazine - 35
INSECURE Magazine - 35
 
Mobile Commerce: A Security Perspective
Mobile Commerce: A Security PerspectiveMobile Commerce: A Security Perspective
Mobile Commerce: A Security Perspective
 
How to 2FA-enable Open Source Applications
How to 2FA-enable Open Source ApplicationsHow to 2FA-enable Open Source Applications
How to 2FA-enable Open Source Applications
 
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
apidays LIVE Singapore 2021 - Why verifying user identity Is not enough In 20...
 
Product brochure-print-spread
Product brochure-print-spreadProduct brochure-print-spread
Product brochure-print-spread
 
We explain the security flaw that's freaking out the internet
We explain the security flaw that's freaking out the internetWe explain the security flaw that's freaking out the internet
We explain the security flaw that's freaking out the internet
 
Ppt
PptPpt
Ppt
 
Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...Software security, secure software development in the age of IoT, smart thing...
Software security, secure software development in the age of IoT, smart thing...
 
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
Smart Cards & Devices Forum 2013 - Protecting enterprise sensitive informatio...
 
A Survey of Keylogger in Cybersecurity Education
A Survey of Keylogger in Cybersecurity EducationA Survey of Keylogger in Cybersecurity Education
A Survey of Keylogger in Cybersecurity Education
 
Hot Cyber Security Technologies
Hot Cyber Security TechnologiesHot Cyber Security Technologies
Hot Cyber Security Technologies
 
A Review Paper on Cyber-Security
A Review Paper on Cyber-SecurityA Review Paper on Cyber-Security
A Review Paper on Cyber-Security
 
The smartdefend Story Book
The smartdefend Story BookThe smartdefend Story Book
The smartdefend Story Book
 
Viruses, Biometrics, Encryption
Viruses, Biometrics, EncryptionViruses, Biometrics, Encryption
Viruses, Biometrics, Encryption
 
Bitdefender - Solution Paper - Active Threat Control
Bitdefender - Solution Paper - Active Threat ControlBitdefender - Solution Paper - Active Threat Control
Bitdefender - Solution Paper - Active Threat Control
 
How to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategyHow to successfully implement a secure mobile strategy
How to successfully implement a secure mobile strategy
 

Recently uploaded

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 

Recently uploaded (20)

Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 

Internet transaction and communication security

  • 3.
  • 4.
  • 5.
  • 6. Cybersecurity today.  Trojan horses  Keylogging  Phishing  Impersonation  Malware  Bots  Worms  Viruses  Rootkits  Spyware
  • 7. Recent breaches. • Target– 70,000,000 • Facebook – 6,000,000 • Evernote – 50,000,000 • Adobe – 38,000,000. • RSA – 660,000 to 1,000,000 • Zappos – 24,000,000 Today, this observation is all too true: “A false sense of security is the only kind there is.” -- Michael Meade
  • 8. Costs of cybercrime. Cost of cybercrime surges to $113 billion. Costs have climbed by an average of 78%. Time required to recover from a breach has increased 130%. In the United States alone, the annual cybercrime cost seen by the 60 businesses studied ranged from $1.3 million to more than $58 million and averaged $11.6 million per company – an increase of $2.6 million from 2012. The average cost of cleaning up after a single successful attack was $1 million. But the costs of correcting data breaches are no longer the only cause for concern. The legal consequences, such as class-action lawsuits on behalf of third parties affected by such cyber attacks, are a growing worry of business owners.
  • 9. Cybersecurity today. Today’s authentication scheme is 40 years old. It identifies its users from one or a combination of the following elements: 1. Something the user has: computer, mobile phone or RSA key 2. Something the user knows: password, username, identification (PIN) number etc.
  • 10. Static authentication. All authentication protocols currently in use have one common weakness: They are static. Static credentials are prone to manipulation and theft. After several years of helping organizations investigate hundred of security breaches around the world, Mandiant has found a constant: 100% of breaches involved stolen credentials. And the average time until a breach is detected is 462 days.
  • 11. Industry response.  Strong password  Two-factor authentication  Out-of-band verification. i.e. email, SMS, phone call follow-up (very inconvenient and still only verifies initial login and doesn’t stop Man-In-the-Middle intrusions)  Secure tunneling (SSL), disk or transparent encryption (AES)
  • 12. Industry response is insufficient. Reports of successful attacks on smartcard-based technology illustrate that "true two-factor authentication is not possible without a physical component that is not accessible digitally.” -- Jaime Blasco, Director, AlienVault Labs To overcome the limitation of static authentication – the weakness in digital identity security – a new physical component is required.
  • 13. But now there’s Guardog has four elements that no other system has (think of them as Guardog’s four muscular legs).
  • 14. 1 Guardog gives a user a physical element: a Guardog key which the user inserts into his/her computer. This non-digital element, integral to a user’s session with the service provider, is beyond the reach of any intruder. The Guardog key is also available as a Smartphone app.
  • 15. 2 When a user logs in to the service provider, to authenticate who he/she is, Guardog has the service provider authenticate itself back to the user. Since this is the reverse of LOGIN, we call it NIGOL. Login/Nigol starts a mutual authentication that we call . . .
  • 16. The patented Guardog invention:
  • 17. 3 Cothentication™ does not stop at login. Instead, it continues throughout every session. Each time a user makes a request of the service provider – any monetary transaction or any transmission of information – Guardog institutes another Cothentication. Guardog repeatedly verifies the user’s and service provider’s identity.
  • 18. 4 Guardog’s Cothentication is dynamic, and based on 128 bit encryption through randomly generated codes. Thus every exchange is different from every previous exchange. This unpredictable characteristic defeats any and every attempted intrusion.
  • 19. 1. The Guardog Key. Guardog uses a unique and radically different approach to deliver the only absolute solution for Internet transaction and communication security. Guardog gives the user a physical element: the Guardog key, either as a USB key or as a Smartphone app which works in conjunction with the browser. By employing either of these physical elements, integral to a user’s session with the service provider, Guardog puts the session beyond the reach of any intruder.
  • 20. 1. The Guardog Key. Simply put, the Guardog Key is a next-generation hardware security device. It is designed to help all users achieve a higher level of digital security simply and easily. The Guardog Key helps protect digital identity, communications and transactions. It is a critical component in a state-of- the-art closed loop security solution that leaves a would-be "Man In The Browser" (MIB) and “Man-In-the-Middle” (MITM)...a "Man Out In The Cold!" (MOITC).
  • 21. 2. The Guardog Server. Mutual. The Guardog server “faces” both ways – toward the service provider and toward the user. Guardog is a mutually trusted party. It creates and validates randomized, “destination-aware” secure communications and transactions. Zero knowledge. Just as a dog guarding a valuable installation has no knowledge of what’s inside, Guardog has zero knowledge of the Internet transactions and communications whose security it protects.
  • 22. 3. The service provider (The Bank). A service provider uses designated authentication servers to perform special functions such as authenticating itself to the user and confirming the user’s authentication back to the service provider.
  • 23. 16-step Cothentication process. To begin a session with a service provider who has installed the Guardog system, a user inserts his/her Guardog key in a USB port or activates the Guardog Smartphone app in conjunction with his/her computer browser. This sets in motion a 16-step Cothentication process: the user authenticates himself/herself to the service provider and the service provider authenticates itself to the user...all within milliseconds. On step 14, Guardog "opens a gate" between the user and the service provider. The gate stays open through step 15, then closes on step 16...no time for a would-be intruder to get in.
  • 25. Once Guardog Cothentication is complete... Only when these 16 authentication steps are complete does Guardog “open a gate” or “open a window” between the user and the service provider, for the communication or transaction itself. Within a session, whenever the user makes a new request, these steps are repeated. Once they are completed, Guardog opens another gate or window, for this new communication or transaction.
  • 26. Guardog visualized. Imagine you are standing in front of a huge blank wall. All of a sudden a window opens somewhere in the wall and an anonymous message passes through in a split second. Then the window disappears. Then another window opens up in a totally different spot - and disappears. It is never clear if and where another window will open. That’s how Guardog works. The message transfer cannot be spoofed, predicted or duplicated because it is random, encrypted and dynamic. This is Nuclear Launch Code Security.
  • 30. Competitive Analysis. 1. YubiKey 2. Safelock 3. Ironkey 4. iCloud Keychain 5. Smartcards 6. Public key/private key
  • 31. Comparison. Competitors Guardog Strong password  Non-transferable Dynamic Credential 2 Factor Authentication (RSA)  Continuous Mutual Authentication Out of Band Verification (email, SMS)  Destination-aware Secure Messaging SSL and transparent encryption (AES)  Authenticated Encryption/Decryption Encryption Key protected by password  Encryption key protected by server and client side keys END RESULTS Identity fraud reduction  Prevents identity fraud Increased barrier of attacks  Eliminates an entire category of threats  Mitigates the risk of impersonations  Provides physical control over digital xxxassets  Protects 100% of user accounts
  • 32. Guardog API supports: Operating System: Windows Server 2008, 2008 R2, 2013, Linux Web Servers: Apache, IIS etc. Database MySQL, MSSQL etc. Network Protocols: TCP, HTTP, HTTPS Development Languages: PHP, Asp.net, C/C++, Java
  • 33. In summary: The old authentication versus the new authentication :
  • 34. The existing Cybersecurity model: She sat down at her computer and inserted her username and password into her browser. Authenticated. She instructed her bank to move $150.00 from her checking to her savings account. She also sent a wire transfer to her sister in California. She paid the bill for her American Express card and instructed the bank to notify her of any payments over $200 as an additional security measure.
  • 35. Guardog’s Cybersecurity model: She sat down at her computer and inserted Guardog’s patented Guardog thumbdrive. She opened the browser for her bank Cothenticated and Cothenticated instructed her bank to move $150.00 from her checking Cothenticated to her savings account. Cothenticated She also sent a wire transfer Cothenticated to her sister in California. Cothenticated She paid the bill for her American Express card Cothenticated and instructed the bank to notify her Cothenticated of any payments over $200 as an additional security measure. Cothenticated
  • 36. Protection of Intellectual Property. Guardog technology is patented in the USA, Canada, China, Japan, Australia and New Zealand.
  • 37. In conclusion. Cybersecurity has been solved. The perpetual motion machine and cold fusion are next on our list. Thank you.