Outline:

  • Introduction: 2016 massive data breaches
  • Threats to credentials
 - Brute force
 - Credentials dumping (pwdump, Mimikatz)
 - Input capture (keylogging)
 - Authentication interception
  • What are the alternatives to passwords
  • Communication channel segregation reduces the risk of business transaction meta-data collection and potential misuse
  • Solution: Cryptographic protocol construction based on two separate sub-systems enables externalization of user’s identity from business transaction

Presentation slides: Improving corporate identification and authentication controls by using 2-factor mobile authentication