Express Computer
Home  »  Interviews  »  The traditional way of authentication is changing

The traditional way of authentication is changing

0 39

Dan Dica, Regional Director, Pacific, India and Japan, Vasco, shares his thoughts with Jasmine Desai on security risks, rising cyber frauds and malicious activities in Indian market and explains the company’s technologies in the security space. Excerpts…

Do you think 2FA is dead?

Authentication is a growing market. User name and password are dead. They should be banned either by regulators or by common sense. You cannot put your credentials of credit cards or other personal information just by user name and password. The traditional way of authentication is changing but user authentication is definitely not dead. The more we go online and more there are online transactions, user authentication is going to become stronger.

What are your thoughts on authentication based security product market in India and how is Vasco placing itself among other security vendors?

Vasco started business in Europe, some 20 years ago mainly focusing on banking transactions security. The market in India is no different from global market in our perspective. Like global markets, the number and size of financial transaction are growing enormous but there are no RBI (Reserve Bank of India) regulations or mandates asking banks to have strong authentication based security. As a result, most banks here deploy a very basic authentication based security mechanism. Given this situation 2FA (two-factor authentication) today has been misinterpreted by many banks as 2FA is something you have and something you know. But banks sometimes ask for two passwords.

From regulation point of view, there are very advanced markets like European markets wherein the third level of authentication is making inroads, while in some other markets it’s in the second stage. In India, they adopt very basic authentication, which doesn’t solve the problems. With this pace, India can face very aggressive cyber attacks. By 2016, all customers according to me should have some form of tokens like Digipass for login purpose.

Given India’s demography being very diverse, the advantage would be that we not only bring experience from various markets like Europe or America but also from Bhutan, Sri Lanka, Qatar, and Brazil. With all these experience, we bring expertise and security solutions to India that can be mixed and matched to cater to different demographics. We have built and created over 60 different Digipasses, because every market is different with different set of regulations.

What are your views on enterprises accepting BYOD and any suggestions you would like to share?

We have partnered with Intel, wherein Digipass technology has been embedded in the Intel chipset. Every laptop with an Intel chipset becomes a token. Instead of carrying a token, a laptop has become token in itself. With the latest Intel chipset via Digipass platform you can bind your device with Intel and do your authentication via Digipass in the cloud. MyDigipass validates credentials and do authentication in the cloud. There are various solutions here like Digipass for Windows for web browser security and others.
India is moving toward cloud based application adoption and one has to ensure that only the right intended user gets the access as its very important factor from application security standpoint. And this makes organizations look forward to two factor authentication even more. Every consumer and customer using internet should have a digipass token. When I say a digipass, it can come in many forms like 2FA or even 3FA RBI has mandated EMV (Europay, Mastercard & Visa) solutions and thus, most credit card will have a chip inside and we will be having our technology there.

Can analytics be used for risk management?

As an offering we have two back-end systems. One is authentication server and other is authentication engine. All our authentication comes with back-end report. The back-end server is capable of providing analytics on who logged in when, on what device, what type of Digipass they have, what time they logged in etc. Though we are not into fraud detection, we are the ones who safeguard the gates. So we have the knowledge of who came in and what was the device, how did they came in. So if ever there is a breach our information can be referred to as a starting point. We do consult organizations in terms of 2FA.

[email protected]

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image