Thought Leadership

Web Cryptography Next Steps

The Web Crypto v.Next Workshop focused on improving secure authentication in the Open Web Platform. We reviewed the possible integration of hardware tokens as well as other forms of authentication, with the aim of being able to replace the password with more phishing-resistant cryptographic credentials. The workshop attracted more than 70 participants, including representatives from major browser vendors, hardware token vendors, mobile phone operators, payment technologists, government eID experts, and other bodies such as GlobalPlatform, SmartCard Alliance, FIDO Alliance, and SIM Alliance.

W3C Interview: Capital One and Tyfone on Tokenization for Web Payments

W3C’s Web Payments Interest Group is gaining momentum in its pursuit of the integration of payments into the Open Web Platform. As part of building understanding security, and the role of the Web, I am organizing a series of interviews on Web payments. In this first interview with Tom Poole and Drew Jacobs of Capital One, and Siva Narendra of Tyfone, we open with the broad question of what the Web needs to facilitate eCommerce.

Mobile Payments: Why The Cloud Life is More Insecure

Consumers use payment cards with merchants in the real world and in the virtual world. The real world, of course, existed before payment cards were invented, and so had to fit within the expectation of merchants transacting based on physical proof of the consumer’s money, be it paper or plastic. These ‘what you have’ factors of authentication are carried by the consumer in his or her physical wallet.

Meeting FFIEC Meeting Regulations for Online and Mobile Banking

[vc_row][vc_column width="1/1"][vc_column_text]The benefits of a smart card based authentication that utilizes Public Key Infrastructure and additional mechanisms for authentication and verifying higher risk transactions has been outlined in the 2005 Guidance by the FFIEC.[/vc_column_text][/vc_column][/vc_row]

HCE Minus SE Equals Host Card Emulation

Mobile commerce converges eCommerce with the more traditional and dominant physical world of commerce. This converged world of mobile seems to have a popular “new kid in town”, called Host Card Emulation (HCE). HCE is being promoted for software-based security applications, which continues to proliferate the basic problem of storing sensitive credentials in the Cloud that has been proven time and time again as inadequate.

Tyfone Chip Offers Mobile-Pay Step for Banks and Consumers

The mobile banking technology vendor Tyfone Inc. has come up with a way for consumers to install payments capabilities in their phones.
Banks are eager to turn mobile phones into payments devices using near-field communication chips that can make a handset function like a contactless payment card, but only a handful of phones have the technology today.

Why a Bank-Centric Mobile Strategy’s best

The mobile channel presents a great opportunity for banks to differentiate themselves, create a market niche, and build a brand.
This may seem too grandiose a strategy to consider, especially for community or midsize banks. But any bank can reap benefits as an early mover into the mobile channel.

Go to Top