Digital Fingerprinting is an essential part of authentication!

The Wall Street Journal headlines last week announced the Race Is On to 'Fingerprint' Phones, PCs. Device fingerprinting is a powerful emerging tool in internet security trade, and LiveEnsure™ is leading the way with its SaaS authentication offering for web and mobile.

It might seem that one computer is pretty much like any other. Far from it: Each has a different clock setting, different fonts, different software and many other characteristics that make it unique. So it makes perfect sense to uses Digimetric™ technology to uniquely identify computers, cellphones and other devices, without building and sharing profiles of the people who use them.

I can't understand why more websites and apps are not more rapidly embracing digital device fingerprinting technology for authentication. It adds an altogether new layer of security for the user, the site and the session. The "fingerprinting" data is challenged "outside" the browser, its data is *not* shared, and the process is session/commerce context specific, i.e. purpose-built keys - the "smarter" and "safer" version of a universal fingerprint. This architecture is based on years of study - finding that trusting purely general-built keys is great for convenience but not worthy for security.

LiveEnsure™ sits in the gap - providing strong, real-time authentication, using a universally unique digital footprint of a laptop, ipad, device or smartphone. There is nothing for the user to download, install and no out of band/dongle/token to look after. The login process is seamless the clever device recognition happens without the user being aware, checking the device fingerprint in real time as part of a secure triangulation.

Low price high strength, developers can mash up today at http://www.liveensure.com/

Tis the Season of Scammers...

This December, figures from the Interactive Media in Retail Group (IMRG) forecast that UK shoppers are set to spend 16 per cent more online this year than last. Across the web security vendors, the e-crime unit and consumer associations are warning of the pre-christmas spike in e-crime.

The guardian highlighted the risks to businesses and consumers http://gu.com/p/2y257

ISACA has issued a series of tips for workers using company computers or devices for online shopping:

• Do not click on an email or web link from an unfamiliar sender or looks "too good to be true".

• Be careful with company information that can be accessed through your mobile device (it suggests using a privacy screen shield). Authenticating your staff is key to data security on devices.

• Password-protect your mobile device and its memory card.

• Make sure the security tools and processes protecting your work-supplied mobile devices are kept up to date.


In preparation for the expected increase in web activity businesses are looking to secure sites, access points and apps to protect themselves, staff and customers.

The majority of employees and consumers are still not security savvy and the e-criminals will plunder from your site or data if you don't secure your logins. It is simple to implement LiveEnsure™ so your customers can then trust your site - and all surprises will be strictly for under the tree. LiveEnsure™ . http://www.liveensure.com/

Our Customer Charter: Affordable, Accessible, Authentication for Web and Mobile.

Live Ensure™ secures your credentials and accounts protecting you online.
LiveEnsure™ the strong online authentication solution for Web and Mobile.
LiveEnsure™ deployed by your developer or agency from our portal.

Customers recognise and trust our comprehensive authentication provision, you can increase their confidence throughout the online retail journey with LiveEnsure™. Our authentication adds privacy enhancing security to your existing set up building trust and loyalty with your customers.

The LiveEnsure™ badge increases consumer confidence, the technology protects identities, information and transactions for online users.

The UK’s banking and retail industries are backing the Be Card Smart Online campaign. Their online campaign is raising awareness in consumers and educating them of the risks, they have published good advice on their site. http://www.becardsmart.org.uk/

If you are a consumer read a couple of these links it help you be safer on line, businesses mash up our freemium account to see how easy it is deploy authentication security.

‘tis the season to secure your sites’

The New Social Rules- Authentication is Essential

The New Social Rules - 24th November 2010

November has been non stop with Facebook launching a new service, offering email to its user base and opening more data about ourselves to a large organisation, what does this mean to The New Social Rules now?

I am looking forward to some interesting debate tomorrow with 100 people registered social media speakers from PayPal, ex Managing Director of MSN UK, Ketchum Pleon, Twitjobs and an angel investor the panel will be sharing their insights. The new rules of communication are constantly changing, social media impacts our outlook, the decisions we make now ,our future career, children and financial well being.

I urge you to take a few minute to crash through these slides on the new digital age, Tony Fish as ever has his finger on the pulse and is spot on:

'Reputation is all you have and your name is a good identity so don't abuse or loose either'

'Your digital footprint is worth more than your salary'

'Your password is the weakest point in your armour'

I will tomorrow be flying the flag for the need for communities, businesses and organisations to authenticate their users to protect not only the users but themselves.


'Don't sack the person who has the corporate login for your facebook fanpage, group, twitter accounts, linkedin profiles, until other people have access and admin rights- or you will be held hostage'

New rules for living in a digital age

View more presentations from Tony Fish.

Get Safe Online Week! in time for the Christmas Rush of Fraudsters

Get Safe Online is an annual event to raise awareness of internet safety issues.

A government initiative is reaching out to raise awareness of internet crime in consumers and small businesses through competitions, events and PR activity. The annual Get Safe Online Summit which has kicked off this week in central London.

Just in time for the busiest online sales season of the year, consumers need to take care they are on 'real' sites and not impart credit details to fake ones.

http://www.getsafeonline.org/

Action Fraud:launched by the National Fraud Authority (NFA), is the UK’s first national fraud reporting centre that provides a single point of contact for fraud victims where they can both report a fraud and seek guidance and advice.
Partner site: http://www.actionfraud.org.uk/

Online Christmas Shopping Tips Shoppers can make sure that gift buying online is stress-free by doing the following:

•Only deal with reputable sellers – use sites you can trust.Be particularly wary when buying from overseas. Be prepared to ask questions before buying. (Look for the LiveEnsure authenticate badge)
•Be sure you know who you are dealing with – always access the website you are planning to buy from by typing the address into your web browser. Never go to a website from a link in an unsolicited email and then enter your personal details or PIN.
•Trust your instincts – if an offer looks too good to believe then there is usually a catch. Be suspicious of prices that are too good to be true.
•Check delivery timescales and keep records – print out your order and keep copies of the retailer’s terms and conditions, returns policy, delivery conditions, postal address (not a post office box) and phone number (not a mobile number). Having this information will help if you subsequently encounter difficulties with your order.
•Section 75 protection – if you are buying something between £100 and £30,000 consider using a credit card, as you will then have extra protection through Section 75 of the Consumer Credit Act – for transactions in the UK and abroad. This states that should a problem subsequently arise, such as the company going out of business, you can claim your money back from your credit card company.
•Keep receipts and check these against your statement – if you spot a transaction you did not authorise speak to your card company immediately. If you are the innocent victim of any type of card fraud you will not suffer any financial loss.

The link above offers useful information if you are an online fraud victim this christmas.

Like Car Brakes? The Future for Security

Like car brakes? The future for security

I cannot agree more with Bruce Schneir of BT, the push for security is coming directly from consumers.Consumers assume they are secure... and now when they are not they are moving their custom.

The provider is going to be the website, application, community of whatever technology service is in operation. They will have to consider and build in the security, so seamlessly that the end user never has to think about it.This is where new technologies like LiveEnsure come into their own they are easily implemented across the consumer online experience.

I’ve talked about security being part of everything for years, I am pleased to say rising tide of user expectation is now forcing the reality. As this article from last weeks Gartner Symposium says Security will become a B2B market where security and solutions providers work together to create the magic. We are currently working with Virtual Technology Group, Global Mobile Solutions and FabriQate to make this a reality.

More and more, this makes security specifically, and IT as a whole, a utility.

Fear has been the best way to sell security.

Many vendors have tried to develop ROI models to prove value and build desire, but that’s never really worked, a great number stick with old products giving packaging and promotion regular facelifts. As the market moves to utility models like LiveEnsure, they’ll be much less need to prove the value of the “investment” as initial outlay is low.
Brands will spend the money because they have to.

In this new world we are selling reputation and the benefit of the solution, with strength of security as an assumed feature.

Just like the brakes on your car.

Inspiration taken from Ellen Ferrara who was reporting live from the Gartner Symposium/ITxpo. http://www.blog.bt.com/gartnerITxpo-cannes-2010/?p=174


To Learn more about LiveEnsure authentication for web and mobile: http://events.linkedin.com/LiveEnsureTM-Technology-Session/pub/407646

Mash Up Security - making authentication safe for all!

On an Analyst Call yesterday our new technology, LiveEnsure™ came in the spotlight as new ways of doing things always do. We are making security available for developers to download and use without a long winded sales trail or price tag to match.

The Mash Up Question:

" I am concerned that as a mash-up - which is the combining of two different apps/services to create a new one that - this new " app" is somehow compromised because of a side door / opening created inadvertently in the process.. "

Answer:

LiveEnsure™ is a side-chain mashup, not a front-door mashup like openID, Google or Facebook login.

The communication, session and credential exchange are private to the site and LiveEnsure™, not the user. The user cannot "inadvertently" do anything outside or beside the site/app from their own volition. In addition, the ONLY the the user does is react and respond to the challenge, they are not initiators.

The process of authentication with LiveEnsure™ is a multi-factor "verification" of the primary "identification" process already resident in the existing site or app.

LiveEnsure™ does not "identify" users, which removes all possibility of false positives/negatives, or "letting someone in via side/back door".

The site identifies, we authenticate. We step outside the browser, app or session in a side chain, and merely verify the credentials of the site or app, session, device and user. The site then polls LE directly (outside of the user communication at either the site/app or Live endpoint) for authentication status. Status is not propagated or forced up the chain from LE to the site or user, thus also prevent unrequested or illegitimate status notification and possible bypass, hack, spoof or replay.

For these two fundamental reasons, LiveEnsure™ is:

a) additive security, not replacement or reduction (in the case of backdoor, "other" way in)
b) completely under the control of the site at all times, as there is no user session sharing or user initiation capabilities
c) side-chain logic, vs. front door, side door or back door "identify/detect" logic, thus immune to brute force
d) only adding security by its presence, not removing it by its absence (above what was initially there, i.e. user/pass, OpeniD, sso, etc).

LiveEnsure™ affordable, accessible authentication for web and mobile.

http://www.liveensure.com/

Cast your vote for LiveEnsure in the mashable awards... best newcomer:

IP Expo Update from Today Earls Court

Today, in Westminster, Chancellor George Osborne unveiled plans to cut public spending by £83 billion. I was among the thousands of IT professionals crowded into Earl's Court 2 to discover how IT investment can help their organisations survive the new era of fiscal austerity, and emerge financially stronger, more competitive and more profitable.

They were not disappointed.

Addressing a packed audience for the opening keynote address of IP EXPO 2010, Acadia Enterprises CEO, detailed how the new age of cloud computing is set to revolutionize IT service delivery and the business effectiveness of the organisations that adopt it.

"Cloud" said Capellas "will be mainstream within 24 months."

"This bus has already left the station. You can either be under it, or on it," he said.

The same message, with different emphasis was heard from other quarters. In the seminar theatres, VMware's Paul Strong detailed some of the technical challenges that still lay ahead.

Freeform Dynamics' Jon Collins offered timely advice on how to distinguish marketing hype deliverable reality in today's increasingly competitive IT infrastructure markets.

Meanwhile, I enjoyed talking directly to the latest compute, storage and network infrastructure product and technologies showcased by more than 230 exhibitors. LiveEnsure partnered with The Virtual Tech Group Basingstoke were busy as they talked to Cloud providers who need authentication to secure entry points of their systems.

Far sighted organisations are ready to invest in their future, and those who are will be looking closely at the security aspects of their cloud provider.