KOBIL Systems, a provider of mobile IT security and digital identity solutions, introduced the new mIDentity App Security Toolkit, (mID AST), which protects mobile users from multiple security attacks.
Kobil’s core product is mIDentity, a smardcard-reader in the shape of a USB-stick. With mIDentity, a user simply inserts the USB-stick into the USB port of any Windows, Mac or Linux computer and the
required applications (such as an internet-browser) are pre-installed and so there is no need of further installations. Once the secure browser launches the user is given access to their online account, and
may safely execute all desired e-banking transactions – this is all done without any software, driver installation or footprint left on the machine when the USB stick is removed.
The integrated and custom-configured smartcard makes communications safe and convenient while preventing non-authorized third-party access. mIDentity is currently deployed by millions of users worldwide and many banks and corporations rely on Kobil technologies, such as Deutsche Telekom, ING Bank, Rothschild Bank, UBS, German parliament and German Federal Office for Information Security (BSI).
Kobil recently introduced the mIDentity App Security Toolkit, (mID AST), which protects mobile users from multiple security attacks. mIDAST is a software development kit which secures any online mobile application, such as mobile banking applications. Kobil offers two reference implementations of this toolkit: mIDentity Trusted Web View (mID TWV), an application for secure authenticated mobile web browsing and the mIDentity Trusted Messages Sign (mID TMS), an application designed to replace weak and costly text/short message (SMS) online services and phone callback OTP services with authenticated
transaction messages that cost less.
“We see an exponential increase in the use of enterprise apps in mobile space,” said Ismet Koyun, CEO of KOBIL Systems GmbH. “KOBIL is helping app developers and organizations who use apps as portal for secure online transactions by leveraging the company‘s military grade security technology for popular mobile platforms to protect these transactions against cybercrime and unauthorized access.”
”KOBIL’s new offerings at RSA 2012 provide highly secure and convenient solutions to protect the digital identities of mobile end users,” said Tan Sarihan, CEO of KOBIL Technologies USA, Inc., “We have demonstrated our effectiveness around the world by securing millions of online banking users. These new products extend KOBIL’s vision of enabling different technologies into convenient security solutions that solve real mobile computing problems.”
According to KOBIL, virtually all of today’s most common web browser attacks on PC platforms also exist for mobile device web browsers. Users can be tricked via phishing and pharming attacks, and mobile devices are more likely to be at risk of man-in-the-middle and man-in-the-browser attacks that can modify online transactions while accessing popular online services. The use of static passwords, text/SMS, phone callback OTP, soft One Time Passwords (OTP) or basic hard OTP tokens will not stop these attacks. KOBIL secures mobile web browsers through the mIDentity Trusted Web View (TWV) powered by mIDentity AST. The mIDentity TWV is a downloadable mobile application with all the functionality of mIDentity AST and uses mobile web browsers in a controlled way.
Mobile platforms can be used as an out-of-the-band authentication solution for PC based access to online applications. To make sure out-of-the-band authentication for both login and transaction signing is secure, mIDentity Trusted Message Sign (TMS) solution powered by mIDentity AST can be easily implemented as a reference solution. The full featured mIDentity TMS is a downloadable mobile application that offers up to 80 percent of the cost savings over traditional SMS.
The apps which are using mIDentity AST functionality can use external hardware devices such as mIDentity Air or Air+ for third factor authentication, signing and additional trust points. These devices should be used with mobile platforms for processing high risk transactions.
Source: KOBIL Systems