Blog(eng)

OTAC-embedded-Smart Card will change the future

Written by SSenStone | Feb 24, 2022 5:50:16 AM

SSenStone will participate in #MWC22 Barcelona, the world's largest mobile expo starting from the 28th of February. Living in the 5G era where everything is connected, we cannot say enough how important the IoT security is. However, when using IoT, what if more security only means more friction? We began with this question, and we’re ready to show the world our answer to this question at MWC.

Our core algorithm, OTAC technology is based on a unidirectional dynamic code opposed to regular static value, hence, it cannot be duplicated nor re-used. In addition, this code can be generated even in the off-the-network environment, so you can use it in the area with unstable network connections. And this is why the Indonesian Electric Power Authority selected OTAC for their Smart Grid System.

 

Another feature that’s very important about OTAC is it’s very light in capacity. OTAC algorithm is so light that it can be embedded in a small drone or a much smaller plastic card, being an ideal technology for IoT security that requires user or device authentication. Do you remember the case of Toss Bank where you can verify large amount of remittance just by tapping a debit card on the back of your smartphone?

 

At MWC22, SSenStone will present a new era of authentication in cyber security by embedding the OTAC algorithm on a chip. We hope you find yourself how many benefits our new authentication process innovation can bring to your clients and end users.

 

Demo 1. How to add advanced authentication in cyber security on SIM cards with no performance degradation

Gartner has emphasized that security is the biggest barrier to the enterprise sector, which is the biggest driving force in the IoT market. Netscout's Threat Intelligence Report also raises the issue, saying that There are 127 new IoT devices come online every second and are typically attacked within just five minutes after it goes online.

 

Is it fair to blame only IoT devices for such frequent security threats? Symantec pays attention to the 'router', which is an important hub for IoT devices to connect to the Internet. According to Symantec, routers act as gateways to IoT attacks in 75% of IoT incidents.

 

Attention! SSenStone’s approach to IoT security starts right here. If the router is really to blame for IoT threats, then focusing on the authentication process between the router and the IoT device would be the best solution. For that, SSenStone embed OTAC technology in a format of an applet on the sim card used in the router. We have already tested with one of major mobile operators in Korea that the OTAC applet does not cause any conflict with other applets, and it works fine in the code generation and verification process, once the applet is issued and registered.

 

You can find out at MWC how IoT security can be improved with zero burden on a small Sim card used in IoT communication.

 

Demo 2. How to add advanced authentication in cyber security on IC cards for payment, access control and verification

A regular ID card we use in our daily life is combined with a credit card, debit card, or transportation card to make payments.

 

However, incidents related to card data leak continue to repeat every year. Payment card fraud costs the global economy $27.85 billion in a single year, and this number is expected to rise to $40.63 billion by 2027, according to The Nilson Report.

 

This issue has something to do with the static value exposed on the card. In other words, it is difficult to ultimately stop frauds because there are still many websites that accept payment only with these static details ​​such as cardholder’s name, card number, expiration date, and CVC information. Of course, financial service firms use additional SMS codes or demand a separate certificate to increase the security level, but those processes are not only inconvenient, but also delay the payment because they require extra process in the system.

 

Remember I said earlier that the lightweight OTAC can be embedded into a SIM card? Are you thinking what we’re thinking? Great! Yes. We can also embed it on the IC chip as an applet. Yay!

 

So, SSenStone embeds the OTAC applet on the IC card for financial transaction process that usually requires a two-factor authentication (2FA) – e.g., OTP for large remittances or stock transactions, not for payment - simply by tapping the card to the smartphone. With our OTAC technology, banks and credit card companies that do not want to use a static value can now generate a card number that changes every time. Enterprises that need to create a new card and dispose of an old card can easily create a new card number and allocate it to users, which will save money and time. I mean, you can save money!

 

We’re not done yet. An IC card equipped with an OTAC applet can be used not only for payment but also for more diverse purposes. For example, you can use your corporate credit card to enter your company building, access the company intranet such as enterprise resource planning (ERP), or use it as an OTP card for corporations. That’s why we call this a ‘swIDch All-in-One card’ as a single card can provide numerous functions including payment whilst improving user convenience and the marketability of the IC card itself.

 

Our booth number at MWC22 is 7F21, and there, you can experience how a payment card with OTAC technology can transform the future of cyber security. There is a meeting room and live studio right next to Hall 7, so it’s super easy to find us. We hope to see you at MWC22 soon.