Advances in Card Solutions
description
Transcript of Advances in Card Solutions
![Page 1: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/1.jpg)
Advances in Card SolutionsAdvances in Card Solutions
7th Annual CACR
April 25, 2001
7th Annual CACR
April 25, 2001
![Page 2: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/2.jpg)
Certicom OverviewCerticom Overview
Founded in 1985, 340 employees
- Offices in Toronto, San Francisco, Dulles, and London
- Listed on both Toronto Stock Exchange & the NASDAQ
Strong patent portfolio in wireless/mobile security
Sponsors cryptographic research at University of Waterloo and Stanford University
Has over 150 licensees
Founded in 1985, 340 employees
- Offices in Toronto, San Francisco, Dulles, and London
- Listed on both Toronto Stock Exchange & the NASDAQ
Strong patent portfolio in wireless/mobile security
Sponsors cryptographic research at University of Waterloo and Stanford University
Has over 150 licensees
![Page 3: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/3.jpg)
Security for the Next 20 YearsSecurity for the Next 20 Years
Encryption Underlies all Internet Security
Existing Encryption Technology is 20 Years Old
Certicom Owns the Next Generation Encryption Technology
- Elliptic Curve Cryptography (ECC)
Designed for Mobile, Wireless Smart Card Environments
Security for the Next 20 Years
Encryption Underlies all Internet Security
Existing Encryption Technology is 20 Years Old
Certicom Owns the Next Generation Encryption Technology
- Elliptic Curve Cryptography (ECC)
Designed for Mobile, Wireless Smart Card Environments
Security for the Next 20 Years
![Page 4: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/4.jpg)
Industry Leading Customers
![Page 5: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/5.jpg)
Industry Leading Customers
![Page 6: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/6.jpg)
AgendaAgenda
PKI, Cards, Wireless – Where are we? Common challenges Security Solutions – how can Crypto help? Success stories to watch… Concluding Remarks
PKI, Cards, Wireless – Where are we? Common challenges Security Solutions – how can Crypto help? Success stories to watch… Concluding Remarks
![Page 7: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/7.jpg)
Classic Hype CycleClassic Hype CycleVisibility
TechnologyTrigger
Peak of InflatedExpectations
Trough ofDisillusionment
Slope ofEnlightenment
Plateau ofProductivity
Time
![Page 8: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/8.jpg)
PKI Hype CyclePKI Hype Cycle
Source: Gartner Group
Visibility
TechnologyTrigger
Peak of InflatedExpectations
Trough ofDisillusionment
Slope ofEnlightenment
Plateau ofProductivity
Time
Public Key Encryption Developed
PGP Introduced
1994 RSA Conference
Verisign formed
Verisign IPO
EntrustIPO
1999 RSAConference
Scotia Bank Deploys B2C PKI
American Express Releases Blue
Identrus Formed
Verisign Acquires NSI
Entrust Merges with EnCommerce
Visa Announces3-D SSL
E-Sign Laws Signed
PKI DisappearsInto Application
PC Makers add SmartCard Readers
Industry Policy Authorities Form
We are here
![Page 9: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/9.jpg)
Smart Card Hype CycleSmart Card Hype Cycle
1996 Olympics(Visa Cash)
1995 MondexSwindon, England
EMV
New YorkJoint Trials
American ExpressLaunches Blue
Visa LauncheseVisa
Are we here?
Smart Card Disappears into card, device, etc
PC Makers add SmartCard Readers
Industry Policy Authorities Form
Visibility
TechnologyTrigger
Peak of InflatedExpectations
Trough ofDisillusionment
Slope ofEnlightenment
Plateau ofProductivity
Time
![Page 10: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/10.jpg)
Wireless Hype CycleWireless Hype CycleAre we here?
WAP
SMS
WTLS
Location-basedServices
Visibility
TechnologyTrigger
Peak of InflatedExpectations
Trough ofDisillusionment
Slope ofEnlightenment
Plateau ofProductivity
Time
![Page 11: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/11.jpg)
Coming TogetherComing TogetherVisibility
Time
PKI Cycle
Smart Card Wireless eCommerce
We must be hereMy “Optimist’s” view!
![Page 12: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/12.jpg)
Information Security ThreatsInformation Security Threats
Fraud
Problem
- Impersonation or identity theft
- Credit card fraud Impact
- Massive financial loss
- Merchants absorb most of the losses
- Slows adoption of e-Commerce
Problem
- Impersonation or identity theft
- Credit card fraud Impact
- Massive financial loss
- Merchants absorb most of the losses
- Slows adoption of e-Commerce
![Page 13: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/13.jpg)
Credit Card Fraud Credit Card Fraud
Meridien Research predicts that by 2001, online credit card fraud could cost merchants $9 billion a year, and that by 2003 the cost could reach $15 billion
Meridien Research predicts that by 2001, online credit card fraud could cost merchants $9 billion a year, and that by 2003 the cost could reach $15 billion
![Page 14: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/14.jpg)
ChallengesChallenges
Wireless is bandwidth constrained
- Pay per byte transmitted over networks
- Latency of messaging
- Proximity card performance Battery life Resource limitations
- Smart card processors fit within 25 sq mm
- PDA, pager, cell handsets
Devices may look different, but It’s the same problem
Wireless is bandwidth constrained
- Pay per byte transmitted over networks
- Latency of messaging
- Proximity card performance Battery life Resource limitations
- Smart card processors fit within 25 sq mm
- PDA, pager, cell handsets
Devices may look different, but It’s the same problem
![Page 15: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/15.jpg)
ECC – A Part of any SolutionECC – A Part of any SolutionECC Key
Size(Bits)
ECC Key Size(Bits)
RSA Key Size(Bits)
RSA Key Size(Bits)
Key Size Ratio
Key Size Ratio
163 1,024 1 : 6
283 3,072 1 : 11
409 7,680 1 : 19
571 15,360 1 : 27
163 1,024 1 : 6
283 3,072 1 : 11
409 7,680 1 : 19
571 15,360 1 : 27
![Page 16: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/16.jpg)
Traditional TechnologyTraditional Technology
Digitally Signed Transaction on a Palm VII Using Traditional Encryption Technology
Digitally Signed Transaction on a Palm VII Using Traditional Encryption Technology
Not Viable!Not Viable!
![Page 17: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/17.jpg)
Certicom TechnologyCerticom Technology
Digitally Signed Transaction on a Palm VII Using Certicom Technology
Digitally Signed Transaction on a Palm VII Using Certicom Technology
Instantaneous Trust!Instantaneous Trust!
![Page 18: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/18.jpg)
Solutions emergingSolutions emerging
Proximity devices Intelligent use of Public Key technology
- Not just PKI
- Combinations of PK, PKI and trust models Solutions for business needs
Proximity devices Intelligent use of Public Key technology
- Not just PKI
- Combinations of PK, PKI and trust models Solutions for business needs
![Page 19: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/19.jpg)
Incentives for end customersIncentives for end customers
Sex appeal factor Hide security from consumers Assure privacy, integrity of transactions
For Financials
- Make it smooth for the merchants
- Avoid discount rate discussions ;-)
Sex appeal factor Hide security from consumers Assure privacy, integrity of transactions
For Financials
- Make it smooth for the merchants
- Avoid discount rate discussions ;-)
![Page 20: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/20.jpg)
Example successesExample successes
Proximity in North America
- WMATA
- Mobil Speed Pass Large card rollouts
- American Express Blue
- eVisa
- MasterCard announcement with Keycorp Key differences…
- Proximity solutions seem to gain user acceptance!
Proximity in North America
- WMATA
- Mobil Speed Pass Large card rollouts
- American Express Blue
- eVisa
- MasterCard announcement with Keycorp Key differences…
- Proximity solutions seem to gain user acceptance!
![Page 21: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/21.jpg)
Proximity solutionsProximity solutions
ECC enables secure solutions
- Payment
- Terminal communications Total transaction time required
- <150ms ECDSA Sign Performance by Certicom
- < 90 ms for a signature Viable for demanding proximity protocol
solutions
ECC enables secure solutions
- Payment
- Terminal communications Total transaction time required
- <150ms ECDSA Sign Performance by Certicom
- < 90 ms for a signature Viable for demanding proximity protocol
solutions
![Page 22: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/22.jpg)
On Card Key GenerationOn Card Key Generation
Private key is “perfect secret”
- A random number Public key is computed by multiplying private key with
the “generator point”
- Same complexity as signature generation No risk of primality testing Total process typically less than 2 seconds
Enables keys as demanded by business process, user generated
- Avoids key injection requirements at mfg time
Private key is “perfect secret”
- A random number Public key is computed by multiplying private key with
the “generator point”
- Same complexity as signature generation No risk of primality testing Total process typically less than 2 seconds
Enables keys as demanded by business process, user generated
- Avoids key injection requirements at mfg time
![Page 23: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/23.jpg)
PK Solutions to MatchPK Solutions to Match
Digital Signature Authentication Solutions Just in time security
- On card key generation for business app use
- TrustPoint PKI Portal registration of keys
- MobileTrust CA services Small certificates by design
- CA supports business process
- NOT business process driven by CA
Digital Signature Authentication Solutions Just in time security
- On card key generation for business app use
- TrustPoint PKI Portal registration of keys
- MobileTrust CA services Small certificates by design
- CA supports business process
- NOT business process driven by CA
![Page 24: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/24.jpg)
System ArchitectureSystem Architecture
SecureClient
Application
SecureClient
Application
SecureServer
Application
SecureServer
Application
PKIClient
Protocols
ClientCertificate
Crypto
PKITools
ServerCertificate
Protocols
Crypto
Certificate Authority (CA)Registration Authority (RA)
Public-key InfrastructurePublic-key Infrastructure
Wireless Device
Wireless Device
Application Server
Application Server
![Page 25: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/25.jpg)
TrustPoint PKI PortalTrustPoint PKI Portal
![Page 26: Advances in Card Solutions](https://reader036.fdocuments.us/reader036/viewer/2022062422/56813e00550346895da7db4d/html5/thumbnails/26.jpg)
ConclusionsConclusions
ECC solutions provide the Right solution for todays security needs
Proximity solutions need high security – ECC meets the challenge
- On card key generation
- <150ms total transaction times Emerging business applications need Public
Key Technology
ECC solutions provide the Right solution for todays security needs
Proximity solutions need high security – ECC meets the challenge
- On card key generation
- <150ms total transaction times Emerging business applications need Public
Key Technology