Gemalto One-Time Password Service Directly on Mobile Devices
Trusted Logic, the leader in Trusted Execution Environments, announces the availability of Gemalto’s One-Time Password (OTP) service directly on the mobile phone’s main processing unit. Thanks to Trusted Logic’s Trusted Foundations[TM], the OTP service runs securely on the device’s main processor. OTP allows the implementation of a two-factor authentication method, which is now required in many countries for home banking and e-commerce transactions.
The main advantage of this solution is that the OTP runs directly on the mobile phone, thus eliminating the need for any additional physical token. Furthermore, this complements Gemalto’s offer where the OTP is generated by an application loaded in the UICC or directly sent by SMS to the end user. Here, the OTP service is directly integrated in the Trusted Execution Environment of the mobile handset – providing service management flexibility at a reduced cost.
Trusted Logic’s Trusted Foundations provides an environment to secure sensitive applications on the handset itself. This allows Gemalto to propose an end-to-end security solution. For instance, this solution can also be used in enterprise environments where OTP is required to log-on remotely onto corporate networks.
Trusted Foundations uses the hardware security mechanisms which are now present in most advanced mobile phones, thus protecting the OTP service from attacks from the open environment of the mobile phone.
A demonstration of the solution will be presented at Cartes 2009 on Trusted Logic’s booth (hall 3, booth C23) on an Android smartphone.
“This solution demonstrates the added value of Trusted Foundations as a trusted execution environment within devices, without adding hardware costs and intensive integration work,” says Dominique Bolignano, President of Trusted Logic. “Our collaboration with Gemalto enables us to complete our portfolio of third-party security services supported by Trusted Foundations, and we’ll announce many other similar partnerships in the coming months.”
About Trusted Logic
Trusted Logic is a pioneer in security solutions for digital services – from mobile payment to e-ticketing, from identification to access control – enabling end-users to access services anywhere, anytime, securely. A leading provider of open, secure software for smart cards, terminals, and consumer devices, Trusted Logic creates the foundations for converging digital services at the crossroads of telecom, banking, transport, and government. With operations in France, Ireland, and Singapore, Trusted Logic today serves customers worldwide. Its subsidiary, Trusted Labs, offers consulting and security evaluation services and helps customers design and deploy their next digital services.
If you are familiar with RSS feeds, you can also sign up for our free news feed. Our RSS feed is updated in real-time while our newsletter is updated daily.