Published on March 5, 2014
Internet security today:
Cybersecurity today. Trojan horses Keylogging Phishing Impersonation Malware Bots Worms Viruses Rootkits Spyware
Recent breaches. • Target– 70,000,000 • Facebook – 6,000,000 • Evernote – 50,000,000 • Adobe – 38,000,000. • RSA – 660,000 to 1,000,000 • Zappos – 24,000,000 Today, this observation is all too true: “A false sense of security is the only kind there is.” -- Michael Meade
Costs of cybercrime. Cost of cybercrime surges to $113 billion. Costs have climbed by an average of 78%. Time required to recover from a breach has increased 130%. In the United States alone, the annual cybercrime cost seen by the 60 businesses studied ranged from $1.3 million to more than $58 million and averaged $11.6 million per company – an increase of $2.6 million from 2012. The average cost of cleaning up after a single successful attack was $1 million. But the costs of correcting data breaches are no longer the only cause for concern. The legal consequences, such as class-action lawsuits on behalf of third parties affected by such cyber attacks, are a growing worry of business owners.
Cybersecurity today. Today’s authentication scheme is 40 years old. It identifies its users from one or a combination of the following elements: 1. Something the user has: computer, mobile phone or RSA key 2. Something the user knows: password, username, identification (PIN) number etc.
Static authentication. All authentication protocols currently in use have one common weakness: They are static. Static credentials are prone to manipulation and theft. After several years of helping organizations investigate hundred of security breaches around the world, Mandiant has found a constant: 100% of breaches involved stolen credentials. And the average time until a breach is detected is 462 days.
Industry response. Strong password Two-factor authentication Out-of-band verification. i.e. email, SMS, phone call follow-up (very inconvenient and still only verifies initial login and doesn’t stop Man-In-the-Middle intrusions) Secure tunneling (SSL), disk or transparent encryption (AES)
Industry response is insufficient. Reports of successful attacks on smartcard-based technology illustrate that "true two-factor authentication is not possible without a physical component that is not accessible digitally.” To overcome the limitation of static authentication – the weakness in digital identity security – a new physical component is required.
But now there’s Guardog has four elements that no other system has (think of them as Guardog’s four muscular legs).
1 Guardog gives a user a physical element: a Guardog key which the user inserts into his/her computer. This non-digital element, integral to a user’s session with the service provider, is beyond the reach of any intruder. The Guardog key is also available as a Smartphone app.
2 When a user logs in to the service provider, to authenticate who he/she is, Guardog has the service provider authenticate itself back to the user. Since this is the reverse of LOGIN, we call it NIGOL. Login/Nigol starts a mutual authentication that we call . . .
The patented Guardog invention:
3 Cothentication™ does not stop at login. Instead, it continues throughout every session. Each time a user makes a request of the service provider – any monetary transaction or any transmission of information – Guardog institutes another Cothentication. Guardog repeatedly verifies the user’s and service provider’s identity.
4 Guardog’s Cothentication is dynamic, and based on encryption through randomly generated codes. Thus every exchange is different from every previous exchange. This unpredictable characteristic defeats any and every attempted intrusion.
1. The Guardog Key. Guardog uses a unique and radically different approach to deliver the only absolute solution for Internet transaction and communication security. Guardog gives the user a physical element: the Guardog key, either as a USB key or as a Smartphone app which works in conjunction with the browser. By employing either of these physical elements, integral to a user’s session with the service provider, Guardog puts the session beyond the reach of any intruder.
1. The Guardog Key. Simply put, the Guardog Key is a next-generation hardware security device. It is designed to help all users achieve a higher level of digital security simply and easily. The Guardog Key helps protect digital identity, communications and transactions. It is a critical component in a state-ofthe-art closed loop security solution that leaves a would-be "Man In The Browser" (MIB) and “Man-In-the-Middle” (MITM)...a "Man Out In The Cold!" (MOITC).
2. The Guardog Server. Mutual. The Guardog server “faces” both ways – toward the service provider and toward the user. Guardog is a mutually trusted party. It creates and validates randomized, “destination-aware” secure communications and transactions. Zero knowledge. Just as a dog guarding a valuable installation has no knowledge of what’s inside, Guardog has zero knowledge of the Internet transactions and communications whose security it protects.
3. The service provider (The Bank). A service provider uses designated authentication servers to perform special functions such as authenticating itself to the user and confirming the user’s authentication back to the service provider.
16-step Cothentication process. To begin a session with a service provider who has installed the Guardog system, a user inserts his/her Guardog key in a USB port or activates the Guardog Smartphone app in conjunction with his/her computer browser. This sets in motion a 16-step Cothentication process: the user authenticates himself/herself to the service provider and the service provider authenticates itself to the user...all within milliseconds. On step 14, Guardog "opens a gate" between the user and the service provider. The gate stays open through step 15, then closes on step 16...no time for a would-be intruder to get in.
16-step Cothentication process.
Once Guardog Cothentication is complete... Only when these 16 authentication steps are complete does Guardog “open a gate” or “open a window” between the user and the service provider, for the communication or transaction itself. Within a session, whenever the user makes a new request, these steps are repeated. Once they are completed, Guardog opens another gate or window, for this new communication or transaction.
Guardog visualized. Imagine you are standing in front of a huge blank wall. All of a sudden a window opens somewhere in the wall and an anonymous message passes through in a split second. Then the window disappears. Then another window opens up in a totally different spot - and disappears. It is never clear if and where another window will open. That’s how Guardog works. The message transfer cannot be spoofed, predicted or duplicated because it is random, encrypted and dynamic. This is Nuclear Launch Code Security.
Competitive Analysis. 1. YubiKey 2. Safelock 3. Ironkey 4. iCloud Keychain 5. Smartcards 6. Public key/private key
Comparison. Competitors Guardog Strong password Non-transferable Dynamic Credential 2 Factor Authentication (RSA) Continuous Mutual Authentication Out of Band Verification (email, SMS) Destination-aware Secure Messaging SSL and transparent encryption (AES) Authenticated Encryption/Decryption Encryption Key protected by password Encryption key protected by server and client side keys END RESULTS Identity fraud reduction Prevents identity fraud Increased barrier of attacks Eliminates an entire category of threats Mitigates the risk of impersonations Provides physical control over digital xxxassets Protects 100% of user accounts
Guardog API supports: Operating System: Windows Server 2008, 2008 R2, 2013, Linux Web Servers: Apache, IIS etc. Database MySQL, MSSQL etc. Network Protocols: TCP, HTTP, HTTPS Development Languages: PHP, Asp.net, C/C++, Java
In summary: The old authentication versus the new authentication :
The existing Cybersecurity model: She sat down at her computer and inserted her username and password into her browser. Authenticated. She instructed her bank to move $150.00 from her checking to her savings account. She also sent a wire transfer to her sister in California. She paid the bill for her American Express card and instructed the bank to notify her of any payments over $200 as an additional security measure.
Guardog’s Cybersecurity model: She sat down at her computer and inserted Guardog’s patented Guardog thumbdrive. She opened the browser for her bank Cothenticated and Cothenticated instructed her bank to move $150.00 from her checking Cothenticated to her savings account. Cothenticated She also sent a wire transfer Cothenticated to her sister in California. Cothenticated She paid the bill for her American Express card Cothenticated and instructed the bank to notify her Cothenticated of any payments over $200 as an additional security measure. Cothenticated
Protection of Intellectual Property. Guardog technology is patented in the USA, Canada, China, Japan, Australia and New Zealand.
In conclusion. Cybersecurity has been solved. The perpetual motion machine and cold fusion are next on our list. Thank you.
Transactions on Networks and Communications is an international peer ... Social networking solutions for pervasive and mobile ... Internet of Services ...
... Internet Security certified as the best solution for online transaction protection ... Kaspersky Internet Security as a solution that provides ...
SafeNet’s Financial Data Security Solutions ... both in transport across the Internet, ... integrate application and transaction security solution. ...
and maintain security “best practices” in its ... of the transaction. This authentication solution ... Recommendations for the security of internet ...
Electronic Transaction Security. ... and transaction security solutions that allow ... Security Resources: Learn the best ways to ...
Globokas deploys NewNet’s AG1000 Secure Transaction Solution to ... best in class security with ... Transactions NewNet Communication ...
Internet Security. J.D. Meier, ... All banking transactions from the client to the database must be ... NET Remoting solutions also support network load ...
Secure Electronic Transaction ... for ensuring the security of financial transactions on the Internet. ... application security; Secure communications;
Protect patient records and enable secure communication. ... Odyssey Technologies Limited ... solutions for Internet transaction security and is ...
channel through for banking transactions. ... BEST SECURITY PRACTICES 1 Easy Solutions recommends ... is running listening to the communications ...