Smart Cards & Devices Forum 2013 - Mobile financial servicesOKsystem
This document discusses mobile financial services and payments. It begins by outlining different types of mobile payments like in-shop, online, P2P, loyalty programs, and ticketing. It then discusses three emerging models for point of sale mobile payments: in the device, in the cloud, and hybrid approaches. Several companies adopting each model are described like PayPal, Google Wallet, and Square. The document also discusses new related services like offers, discounts, and social aspects. Finally, it provides an overview of Bitcoin, how the blockchain works, mining incentives, and challenges.
Smart Cards & Devices Forum 2013 - Cards going mobileOKsystem
Mobile payments are evolving in three key ways: 1) the role of mobile is expanding as phones and devices replace plastic cards; 2) implementation requires educating cardholders and merchants on new contactless and digital payment options; 3) convergence is occurring as payments integrate with other services in virtual wallets across devices. MasterCard is leading this change by enabling mobile wallets and partnerships to increase adoption through convenience and choice for consumers.
This document introduces Gemalto and their solution called Armored Office. It discusses how static passwords are no longer enough for security and compliance with regulations. Armored Office provides a solution for strong authentication and encryption to securely access networks and data from any device. It offers a single credential to log in to endpoints, access networks remotely, and encrypt files/emails. The target market is security-sensitive organizations for executives and users with access to sensitive information. It aims to protect data and enable secure access from any device while meeting compliance requirements.
Smart Cards & Devices Forum 2013 - Security on mobileOKsystem
The document discusses how mobile devices can be leveraged for strong identity authentication in a more convenient, secure, and cost-effective way than traditional authentication methods. It analyzes traditional authenticators like passwords, hardware and paper tokens, biometrics, smart cards, and PKI certificates. It then outlines how mobile devices, which are always with users and connected, can be provisioned with additional authenticators and used for multi-factor authentication for a variety of identity use cases including physical and logical access, VPN access, and cloud applications. The conclusion is that mobile represents the next generation of identity and authentication should leverage its capabilities.
Smart Cards & Devices Forum 2013 - Wi-fi protected setupOKsystem
The document summarizes Wi-Fi Protected Setup (WPS) and discusses vulnerabilities in its use of a static PIN for device authentication. It describes how WPS and similar Bluetooth protocols use bit commitment and splitting the PIN to enable mutual authentication, but how this opens them to online and offline brute force attacks. It then proposes a "Swamp Walk" approach for the access point to transition to after initial connection attempts to restore security by reintroducing exponential complexity to the PIN cracking problem.
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesOKsystem
Telefónica Czech Republic has been a leader in NFC adoption, being the first to launch NFC-enabled transport payments in 2009 and merchant payments in 2013. They see the NFC SIM card as uniquely positioned to serve as a "one card to rule them all" for various use cases like payments, transportation, loyalty programs, IDs and access control due to its online and multi-application capabilities. Telefónica is developing a "SIM.me" identity service that stores personal information and credentials on the SIM, enabling it to securely authenticate users for remote services and authorize transactions like document signing through a mobile device.
Smart Card and Strong Cryptography for instant securityOKsystem
- OKsystem is a Prague-based software company with over 200 employees that provides cryptography and smart card solutions.
- They offer products like BABEL for encrypted messaging, OKsmart for smart card usage, and OKbase for key management, certificate management, and card management.
- Their solutions provide strong encryption using proven algorithms like AES and Diffie-Hellman to securely transmit and store encrypted messages and keys.
Smart Cards & Devices Forum 2013 - Mobile financial servicesOKsystem
This document discusses mobile financial services and payments. It begins by outlining different types of mobile payments like in-shop, online, P2P, loyalty programs, and ticketing. It then discusses three emerging models for point of sale mobile payments: in the device, in the cloud, and hybrid approaches. Several companies adopting each model are described like PayPal, Google Wallet, and Square. The document also discusses new related services like offers, discounts, and social aspects. Finally, it provides an overview of Bitcoin, how the blockchain works, mining incentives, and challenges.
Smart Cards & Devices Forum 2013 - Cards going mobileOKsystem
Mobile payments are evolving in three key ways: 1) the role of mobile is expanding as phones and devices replace plastic cards; 2) implementation requires educating cardholders and merchants on new contactless and digital payment options; 3) convergence is occurring as payments integrate with other services in virtual wallets across devices. MasterCard is leading this change by enabling mobile wallets and partnerships to increase adoption through convenience and choice for consumers.
This document introduces Gemalto and their solution called Armored Office. It discusses how static passwords are no longer enough for security and compliance with regulations. Armored Office provides a solution for strong authentication and encryption to securely access networks and data from any device. It offers a single credential to log in to endpoints, access networks remotely, and encrypt files/emails. The target market is security-sensitive organizations for executives and users with access to sensitive information. It aims to protect data and enable secure access from any device while meeting compliance requirements.
Smart Cards & Devices Forum 2013 - Security on mobileOKsystem
The document discusses how mobile devices can be leveraged for strong identity authentication in a more convenient, secure, and cost-effective way than traditional authentication methods. It analyzes traditional authenticators like passwords, hardware and paper tokens, biometrics, smart cards, and PKI certificates. It then outlines how mobile devices, which are always with users and connected, can be provisioned with additional authenticators and used for multi-factor authentication for a variety of identity use cases including physical and logical access, VPN access, and cloud applications. The conclusion is that mobile represents the next generation of identity and authentication should leverage its capabilities.
Smart Cards & Devices Forum 2013 - Wi-fi protected setupOKsystem
The document summarizes Wi-Fi Protected Setup (WPS) and discusses vulnerabilities in its use of a static PIN for device authentication. It describes how WPS and similar Bluetooth protocols use bit commitment and splitting the PIN to enable mutual authentication, but how this opens them to online and offline brute force attacks. It then proposes a "Swamp Walk" approach for the access point to transition to after initial connection attempts to restore security by reintroducing exponential complexity to the PIN cracking problem.
Smart Cards & Devices Forum 2013 - [NFC@Telefonica CZ] Near Future CasesOKsystem
Telefónica Czech Republic has been a leader in NFC adoption, being the first to launch NFC-enabled transport payments in 2009 and merchant payments in 2013. They see the NFC SIM card as uniquely positioned to serve as a "one card to rule them all" for various use cases like payments, transportation, loyalty programs, IDs and access control due to its online and multi-application capabilities. Telefónica is developing a "SIM.me" identity service that stores personal information and credentials on the SIM, enabling it to securely authenticate users for remote services and authorize transactions like document signing through a mobile device.
Smart Card and Strong Cryptography for instant securityOKsystem
- OKsystem is a Prague-based software company with over 200 employees that provides cryptography and smart card solutions.
- They offer products like BABEL for encrypted messaging, OKsmart for smart card usage, and OKbase for key management, certificate management, and card management.
- Their solutions provide strong encryption using proven algorithms like AES and Diffie-Hellman to securely transmit and store encrypted messages and keys.
2. Obsah
1. Bezkontaktní identifikace osob a
předmětů (RFID a NFC)
2. Vize a problémy
3. Příklad užití u replikačních robotů
3. Co je NFC ?
Near Field Communication
– Bezdrátová (bezkontaktní) NEZPOPLATNĚNÁ
komunikace na krátkou vzdálenost nebo dotyk
Pro uživatele
– Interakce s bezprostředním okolím
– Analogie ukázání – uživatel ukáže na předmět
(nebo se ho dotkne) a ten „provede svou funkci“
Technicky
– Sada norem + zatím slabá implementace
4. … podrobněji
www.race-networkrfid.eu
RACE networkRFID
www.bio-health.eu
aktivní repozitář standardů pro
RFID / IDM / biometriku
http://www.nfc-forum.org
NFC forum
6. Cena infrastruktury NFC ?
NFC telefon jako
inteligentní terminál NFC telefon jako
se čtečkou inteligentní terminál
se čtečkou
gprs
gprs
NFC telefon jako
inteligentní terminál NFC telefon jako
se čtečkou náhrada id karty
gprs
8. ALUCID® Main design principles
Two main elements
• PEIG® - Personal Electronic Identity Gadget – user automatic eID carrier
• AIM – ALUCID Identity Machine – service provider eID tool
Extremely simple use by end-user and service-provider
• Fully automatic eID
• No third party
• No personification process
• Build-in security management support
Openness to future
• Extensible security framework
• Flexible security parameters, multiple security protocols and algorithms
• Openness to future innovations including new protocols and algorithms
• Possibility to change security parameters and/or switch security protocols
or algorithms in operation
9. Main design principles II
Privacy protection by design – anonymous identity
• No private data included in eID
• Only random (pseudorandom) numbers changing in time
• No sharing of identifiers and secrets
User centric behavior
• Network topology
• End-user liberty rights (form, size, number, activation technology,…)
• Open interface description
• Multilevel security support
Enhanced security
• Build-in eID access control
• End-user network security support (indirect communication)
• Management of eID security profiles by service provider
10. Výzvy - pochybnosti
Jak zacházet s identifikací živých objektů
(lidé, zvířata), míra oddělení předkladatele
od nosiče a od vlastní identity
-> Autorizace vůči identifikátoru, PET, údaje,
konflikt globální id technologie a lokálních
(národních) zájmů
-> užití RFID / NFC a biometriky
bez legislativního zakotvení
12. (Eurostars INsider)
SITE-WIDE IDENTITY TRACKING
Collects object information from OTS Stations
Receives identity information from external system
Identity tracking through multiple scenes
Examples of provided features:
– Visualizing the path one has walked through
– Where a person is or was at a certain time
– Detecting anomalies and suspicious situations
12 | 27
13. A co neživé objekty ?
Identifikace a lokalizace
Řízení identit složených objektů
Legislativa pro označování replikace
schopných věcí
… a co jejich soukromí a přenášení
citlivých údajů?
15. Masarykův onkologický ústav v Brně
RFID in izolator
personal identification-
RFID card
Identification of patient
(infusion bag)
Identification of RFID
marked vials (amount of
CD)
automatic control of
prescribed compared
to used CD
finalization of
preparation
16. Hejna věcí
Replicator „Robotic
Evolutionary Self-
Programming and Self-
Assembling Organisms“
– Efektivní identifikace a
lokalizace robotů ->
lokalizace osob a
majetku v budově
17. FP7 ICT CP Robotic Evolutionary Self-Programming
and Self-Assembling Organisms
IMA for Replicator
RF komunikace, RFID, senzor zrychlení, sběr dat
IDM
ZigBee komunikace mezi mini-roboty
od III/2008 do II/2013
ICSWIFT
Předávání informace o chvění mezi
dvěma roboty
Robot 1 Robot 2
ZBRM&ACCM
ZBRM&
......
ZBRM&
ACCM ACCM
.... ....
.... ....
.. ..
.. ..
......
shaking LED indication
ZigBee modul & senzor zrychlení
na ARM7 vývojové desce
18. Integrace ZigBee do lokalizačního
systému UbiSense
V projektu Replicator - předávání informace o pozici
robotů ve robotickém „swarmu“
TCP/IP
„Precise Real-time ZigBee Base Station UbiSense Localization Server
Location Tag“ Coordinates
Robot 1 Robot 2
pasivní visačka
informující o pozici, ZBRM& ZBRM&
ACCM ACCM
.... ....
.... ....
.. ..
zpětná info o pozici
.. ..
Departing
pomocí sítě ZigBee
UbiTag UbiTag
Approximation
LED indication LED indication
19. 1.4.2, 2.2.7
Online Coordinates Processing
Description
Localization system
Components
Ubisense: real Ubitag and real
UbiServer
IMA HW: batt powered Cortex &
ZigBee/Acc
IMA SW: ZB Appl, Cortex Appl, ZBS
Core (<-> UbiSrv), ZBS Com, ZBS
Graph
Results
- connection with UbiSrv
OK
- coordinates processing, re-sending,
visualization on BS OK
- coordinates processing on Cortex
OK
- value displaying, sound
OK