This document discusses identity theft, credit card fraud, and cybersecurity threats. It then introduces the ASTO smart card as a solution. The ASTO smart card stores encrypted fingerprint templates and performs fingerprint matching and cryptography on the card itself. It can be used for two-factor authentication for remote server login, mobile payments, and access control. The ecosystem around the ASTO smart card includes enrollment, personalization, and life cycle management functions.
2. Today’s security threat
ID theft
Credit card fraud
Cyber security
ASTO smart card
ASTO smart card
Card holder
Cryptography
Cold wallet for cryptocurrency
Remote sever login
Access control
Strength of ASTO smart card
ASTO smart card ecosystem
Lion Security
Lion Security
contents
3. 3
ID Theft
▪ ID theft is the starting point for fraudster
▪ 16.7 million ID thefts in 2017 and incurred damage is $16.8 Billion
▪ Most of ID thefts are led to tax or wage related fraud and credit card fraud
▪ Social security No. and credit No. are the most common damages of data
breaches
신분도용 방지를 위한
미국정부의 권고사항
US government
recommendation
Create complex passwords that
identity thieves cannot guess easily.
Change your passwords if a
company that you do business with
has a breach of its databases
4. 4
Credit Card Fraud
Card Not Present transaction
In Person transaction
EMV credit card
Migrated to Online fraud
▪ 0.07 per 100usd is fraud with in
person card transaction
▪ Data breaches are rampant. We
can even by credit card
information in the internet
▪ Tighter security of EMV card has
fraudster migrate to less secure
Card Not Present transaction
▪ No tool for merchant to verify
CNP transaction
▪ Click and Collect scheme in on
line shopping
▪ Incurred amount of CNP in 2020
could be as high as $7.2 Billion
5. 5
Cyber Security
▪ Unauthorized access by insider
Need to manage identification and
access authority by individual
▪ Network security
Need to control access authority
▪ Endpoint security
Hardware security key is the best
way to impose restriction to the
access of network and removal of
potential attack path
6. 6
Storage On Chip
• Encrypted
• Up to 5 fingerprint templates
Match On Chip
• Algorithm Certified by KISA
• FRR : 0.01%
• FAR : 0.001%
• Less than 1sec to authenticate
No battery
• Power harvesting
▪ NFC
▪ Compatible with mobile phone
▪ RFID
▪ ISO7816 & 14443
ASTO smart card
Applet
• Cryptography
• Transaction
• Development on demand
7. 7
▪ USB
▪ Fingerprint enrollment
▪ Compatible with desktop
▪ Blue Tooth
▪ Authentication in distance
Card Holder
8. 8
▪ 2nd factor login
▪ Single login with user biometric
▪ Hacking free for Service site
▪ Simple and secure login for user
User Side 서비스 사이트
Web Application
Authentication
Library
Public Key
Key Handler
Attestation Certification
Client/Browser
API
USB(HID)
NFC
API Code
BLE
Device
ASTO smart card
Cryptography on the card
Unlock Authenticator with
fingerprint
Sign back to challenges
Private Key
Public Key
USB(HID)
NFC
Transport
BLE
Cryptography
9. 9
ASTO smart card
Private key encrypted & stored on
the card
Place your finger on the card
Open your mobile wallet
Sign off transaction with your
fingerprint
▪ NFC communication with mobile phone
▪ Extract private key with your fingerprint
Cold Wallet for cryptocurrency
10. 10
console 1
console n
console 2
User pool
ID/PW
Fingerprint
ASTO smart card & Holder
Linux
Kernel 2.6
ASTO
Authentication
agent
Data Center
Management
▪ Eliminate phishing
▪ Prevent Man in the
Middle attack
Secure
▪ Free from ID/PW
Simple
▪ Use the same card for
difference services
Scalable
Remote server login
11. 11
Access control
Card terminal
Tap ASTO
card
Match on Chip
Storage on Chip
ID/PW/fingerprint
Match?Input Fingerprint
Access
Granted
Yes
No
Unlock applet
Door
Membership
Network
Banking
12. 12
Strength of ASTO smart card
Design to your
needs
Scalable
Cost
Competitive
Reliable
Develop applet to meet
your specific needs
Just one card but
various services
Compatible with
already existing
credit card infra
Integrate with your
security system
Most commonly
used biometric
User friendly
13. 13
ASTO smart card
Encoder
UV Printer
Card Terminal
Enrollment
Card Management System
Personalization
Card issuer credential, Card holder info.
Graphical Design
Unique graphical expression of the card
Interact with Card
Applicable with general card terminal
Fingerprint Enrollment
On the spot or remote enrollment
Issuance, Activation, EOL, etc.
Smart card life cycle management
ASTO smart card ecosystem
14. 14
Lion Security
PhysicalSecurity
CyberSecurityFintechSecurity
We develop technology, integrate and
create ecosystem of physical, cyber
and fintech security evolving around
ASTO smart card with fingerprint
matching algorithm on the card
ASTO smart card intro ASTO smart card demo
Video library