Introduction | Secure all the Way
Had the chief thief in the Ali Baba and the Forty Thieves from the Arabian Nights tales knew how to protect treasure in the snug hideout with a voice recognition feature. It would have been difficult for Ali baba to gain access to the hideout by saying the secrete phrase, Open Sesame.
This also reminds of the biometrics usage in the famous science fiction series Star Trek to access files, locations, or diagnose disease. These science fictions are now reality to authenticate a user.
With a spectrum of devices and online applications in use, it is even more important to have a strong authentication mechanism to safeguard the critical information. Much of an enterprise’s success is based on the ease with which the consumers can access applications that are highly secured, and how well the confidential data is safeguard against malicious attempts. A unique mechanism is required to defend the critical data, and that is where biometrics comes to our rescue. The physical characters of a person are unique, and the application industry is betting on it as it is hard to counterfeit the retinal, fingerprint, facial or voice patterns.
The FIDO® (Fast IDentity Online) Alliance was established to tackle the issues related to remembering username and passwords.** FIDO empowers secure authentication among devices and online services by using the biometric information. FIDO is based on the public key cryptography where the biometric information about the user is saved only on the device, and not on the server. As the user credentials are not traversing over the network in FIDO, it is safe. Thus, FIDO prevents the man-in-the-middle attack. The most commonly used biometric modalities include fingerprint, face, iris, and voice scan. For more information about FIDO Alliance, see the FIDO Alliance site.
Consider you are in a busy grocery store shopping with your naughty little kid who is reading out the Personal Identification Number that you provide while transacting. OMG! Your Personal Identification Number is public!! The same scenario with biometrics can make your shopping more secure by simply scanning your finger to complete a transaction. Such a relief!
What’s New | Mobile Biometric Authentication
The Biometric Authentication Integration enables integration with Samsung SDS Nexsign, which implements the FIDO standards to leverage a user’s unique identifying characters to secure applications. The integration of Samsung SDS Nexsign (FIDO Provider) with CA Mobile API Gateway (relying party), works synergistically to carry out user login at a fast pace, and securely prompts a message to confirm a crucial transaction. We are also integrating the mobile SDK of Samsung SDS Nexsign with that of CA Mobile API Gateway to help you build the applications, and access the APIs that the CA Mobile API Gateway protects.
Architecture of the integration between CA Mobile API Gateway and Samsung SDS Nexsign