The Regin spy bug uncovered by software company Symantec was effectively the spillover of a sophisticated cyber-warfare skirmish between nation states, cyber experts agree.
Dublin: 25.11.2014 12.25AM
Daon, the Irish biometrics and authentication specialist, has been chosen to spearhead a US government-sponsored pilot project to develop secure online identities for consumers.
Five pilot projects have been granted a total of US$9m to work on various aspects of protecting digital identities. Daon has received US$1.8m and is leading a team that includes representatives from PayPal, Purdue University, AARP and the American Association of Airport Executives.
All of the initiatives fall under the Obama Administration’s ‘Identity Ecosystem’ plan, called the National Strategy for Trusted Identities in Cyberspace [NSTIC]. It’s envisaged that this will ultimately lead to a system that improves on the current situation where people typically have a variety of different passwords and account names to use various online services.
According to NSTIC, the difficulty of remembering so many different login details leads many people to reuse multiple passwords, increasing the risk of identity theft – which is especially critical where sensitive online transactions are concerned.
The project hopes not just to increase individual security and privacy but to improve the usability of these services. NSTIC’s wording specifically refers to making any such identity management systems “consumer friendly”.
Daon’s pilot projects will focus on senior citizens and all consumers, and will involve mobile devices, such as tablets and smartphones.
Central to the trials is Daon’s IdentityX mobile authentication technology, which is able to verify the owner’s identity using a range of different methods, such as proof of possession of the phone, a digital certificate, a PIN or password, geolocation, or biometrics, such as facial recognition.
In a statement, Daon said the level of security can vary depending on the risk of the transaction. A simple money transfer between bank accounts might just involve possessing the phone and then having to enter a PIN code. Where higher amounts of money are involved, the authentication could require stronger authentication, such as voice matching along with GPS, to confirm the user’s location.
While the pilot projects are taking place, Purdue University will research the privacy, security, performance, usability, accessibility and user acceptance aspects of Daon’s implementation of the system. This will also cover the use of privacy-enhancing technologies to better manage users’ disclosure of information while still providing identity assurance.
Founded in Dublin by the financier Dermot Desmond in 1999, Daon maintains major operations in Ireland although its US headquarters are in Reston, Virginia, just outside Washington, DC – an indication of the company it now keeps.
Earlier this year, Daon’s Trusted Identity Services (DTIS) arm was awarded a multi-year contract with the US Internal Revenue Service to provide fingerprinting and FBI background-checking services for close to 1m people who prepare or assist in the preparation of federal tax returns.
In June, Daon’s IdentityX was announced as the sole winner in the cyber security and authentication category for the prestigious American Technology Awards, which bestows the only “Best Of” awards that recognise all technology products and services for the IT industry. Nominations for the gongs are vetted by industry experts and technology companies and are known as the Termans, after Frederick Terman, who is widely credited as the father of Silicon Valley.
Fingerprint image via Shutterstock