I am not a security expert but I recognise that security is fundamental to the successful implementation of ICT solutions. Different security solutions are used in different environments; simple user-id and password solutions are still popular, because they are inexpensive to implement, but they are not very secure.
More secure solutions are now needed for many higher-value applications. These are normally based on two-factor security where the user has to have something and know something. We are all now familiar with the two-factor solution known as chip-and-pin. We have a card and we know the pin and this gives a high level of security.
Besides chip-and-pin being used at point-of-sale terminals it is now being used in high-value e-commerce applications. With these applications the user interface is normally via a PC, but a PIN should not be entered into a PC because PCs are not considered secure.
The solution is to have a separate card-reader and PIN input device, such as the Vasco 800. This generates a one-time password and displays it on a small screen. The password is used in the normal user-id and password combination and the complete system is built to recognise the correct one-time password.
The device works very well for most users but is obviously not accessible for people with vision-impairments or some upper-arm disabilities. To support this group of people Vasco have just announced the DP840, a reader specially designed to be accessible by people with disabilities. It provides the same security functions as the DP800 but has been physically redesigned so that it has:
- A brightly coloured and bigger case so that it can be found
- A slot shaped so that the card can be inserted easily by touch
- A bigger keypad with bigger keys and orientation marks on the ‘5' key
- A bigger LCD with clear fonts
- An internal speaker
- Headphones for privacy
- Speech based user guidance
- Speech echoing of entered data and keys
- Speech generation of one-time passwords
This combination of features enables a person with vision impairment to use the device without any external help. The bigger keys and slot design will help users with limited upper-arm mobility.
The use of chip-and-pin and one-time passwords for securing e-commerce applications is going to become increasingly common as businesses tighten up security to reduce fraud. It is essential that security is not a barrier to any user; the Vasco 840 extends accessible security to most users.
Copyright © 2007, IT-Analysis.com