Each employee password reset costs an average of $70. How many times have you reset your password this year? The number of passwords we're managing continues to grow as our digital identities become more complex, so how do we keep our credentials secure?

This podcast are talking about the pathway to the future - Passwordless Authentication.

Sam Tang, EY's Cyber Chief Identity Architect, Rob Foster, EY Cybersecurity Senior Manager and George Muldoon, HYPR Global Alliance Leader and subject matter resource in passwordless authentication in their discussion on common obstacles and cutting-edge solutions when using passwords.

Listen to the podcast on the following link: Podcast Passwordless Authentication

Ciptor & IT-SAFE Expands to Canada, PEng, PMP Mukul Hossain named CEO.

Ciptor & IT-SAFE a True Passwordless Authentication Company announced it is expanding to Canada. We are joining the ranks of countless major tech companies that are expanding its footprint into Canada. The company named Mukul Hossain, an executive with experience in both traditional Authentication as well as Passwordless Authentication, as CEO. 

Team Canada consist of Mukul Hossain, Mike Allen, Bikash Mandal, Robert Bachynsky, Farid Mahid, Rifayet Alam and Mohammad Sharif, Esrat Zaman, Tord Fransson, Leslie Gurtner and Shamrat Asfaq. Based on several years of strong growth, we decided the time was right to invest in a formal, and actual presence says Tobias Gurtner President of Research & Insight and Mikael Zaman Rodin President of Sales & Marketing. Mukul is well-respected and toghether with the team we are here to serve and help Canadian organisations to become Passwordless.

As a global True Passwordless Authentication company, Ciptor & ITSAFE has thousands of clients across the world, including government, banks, insurance, education, logistics, retail, law-enforcement. Mukul and Team Canada is now tasked and dedicated to expanding the client base with Passwordless Authentication and to provide fast and reliable customer support, provide IT teams with powerful capabilities to manage the delivery of hardware SecurityKeys to users in Canada and accelerates the adoption of strong authentication via Passwordless Authentication.

For more information on Ciptor & IT-SAFE Passwordless Authenticaton solutions, visit ciptor.com and IT-SAFE

Some 500 Coop supermarket stores in Sweden have been forced to close due to an ongoing "colossal" cyber-attack affecting organisations around the world. Coop Sweden says it closed more than half of its 800 stores on Friday after point-of-sale tills and self-service checkouts stopped working.

The hackers who are believed to be behind the massive cyber attack that has affected hundreds of companies globally are demanding 70 million dollars.

- I'm not a bit surprised, says Minister of Defense Peter Hultqvist

The food chain expects a large loss. In order to be able to open its almost 800 stores as soon as possible, Coop has put all its resources into the work. In addition, hundreds of IT technicians have been sent to stores around the country to get their payment systems in order.

Exact figures on how the attack will affect the company financially are still unknown According to IT expert's calculations, it is likely that the food chain will lose more than 12 million dollars every day.

How can you secure your business from a Coop-scenario?

Prevent poor cryptographic key handling by preventing accidental copying and distribution of cryptographic keys. NetHSM offering significant advantages: It is easy to use, easy to customize, and provides superior security. Furthermore its implementation can be audited to ensure it is free of backdoors. The NetHSM device meets high performance requirements and is available at an unbeatably low price from Germany. With the NetHSM you will defend your business against remote attacks and eliminate remote extraction of private keys by storing cryptographic keys securely on hardware

Store your cryptographic keys for web servers TLS, DNSSEC, PKI, and CA securely in the network-connected NetHSM hardware. Your private keys are kept secure inside the NetHSM hardware in case of server hacks and the physical compromise of your data center. NetHSM therefore allows the user to easily fulfill security compliance requirements.

For common usage of the NetHSM, please visit the NetHSM product information

The new Nitrokey 3 is the best Nitrokey ever!

Protection against hackers and industrial espionage

It offers NFC, USB-C and USB-A Mini (optional) for the first time. The Nitrokey 3 combines the features of previous Nitrokey models: FIDO2, one-time passwords, OpenPGP smart card, Curve25519, password manager, Common Criteria EAL 6+ certified secure element, firmware updates. This reliably protects your accounts against phishing and password theft, and encrypts your communications and data. With strong hardware encryption, trustworthy thanks to open source, quality made in Germany.

Use Cases

Passwordless login: Forget your password to log in to Microsoft services (e.g. Office 365) and Nextcloud and use Nitrokey for passwordless login instead.

Protect online accounts using two-factor authentication (2FA): Nitrokey is your key to secure login to websites (e.g. Google, Facebook; overview at www.dongleauth.info). Using FIDO2, FIDO U2F, or one-time passwords (OTP), your accounts remain secure even if your password is stolen.

Phishing protection: When using FIDO, the respective domain is automatically checked and users are effectively protected against phishing attacks.

Mobile usage with smartphones: Using FIDO and NFC, you can also securely access your accounts on Android and iPhone smartphones.

Encrypt data and emails: Encrypt your emails with GnuPG, OpenPGP, S/MIME, Thunderbird or Outlook. Encrypt entire hard drives using TrueCrypt/VeraCrypt, LUKS or individual files using GnuPG. Your private keys are securely stored in Nitrokey and cannot be exported/stolen.

Passwordless logon to Windows 10 computers: Employees will be able to log in to their Windows 10 Pro computers managed by Azure Active Directory without passwords. All that is required is a Nitrokey 3.
Passwordless login to your own enterprise systems: Replace your password policy, unauthorized password slips and costly password resets with passwordless login with the Nitrokey 3. Security and acceptance through simplicity. We are happy to advise you on integration.

Administering servers securely with SSH: Always have your SSH key securely with you in Nitrokey. Your key is PIN protected and cannot be exported/stolen from the Nitrokey. This eliminates the insecure and annoying synchronization of key files on client systems.

Protect Internet of Things (IoT) and own products: Protect your own hardware products by integrating Nitrokey. Ideal for remote maintenance and ensuring product authenticity.

Store cryptographic keys securely: Store cryptographic keys and certificates securely in Nitrokey, preventing their theft.
Protect computer BIOS integrity: Using the Nitrokey and Measured Boot, the integrity of the computer BIOS/firmware is verified. The colored LED of the Nitrokey signals whether the BIOS has integrity (green) or whether tampering has been detected (red). Compatible e.g. with NitroPads.

Functions

FIDO U2F, FIDO2 for passwordless login: FIDO sets new standards in easy usability and thus achieves high acceptance. FIDO reliably protects your accounts against password theft and phishing.

Disabled passwords to protect accounts against identity theft: Protect your accounts against identity theft. One-time passwords are generated in Nitrokey and serve as a second authentication factor for logins (in addition to your normal password). Thus, your accounts remain secure even if your password is stolen.

Secure cryptographic key storage: Store your private keys for encrypting emails, hard drives or individual files securely in Nitrokey. This way they are protected against loss, theft and computer viruses and are always with you. Key backups protect against loss.

Password Manager: Store your passwords securely encrypted in the integrated password manager. This way you always have your passwords with you and they remain protected even if you lose your Nitrokey.

Integrity Check / Tamper Detection: Verify the integrity from the computer BIOS using Verified Boot. The Nitrokey's colored LED indicates whether the BIOS has integrity (green) or tampering has been detected (red). Supported computers require a BIOS based on Coreboot and Heads such as the NitroPad.

Apr 30th, 2021

Beijing, China and Santa Clara, CA — April 29, 2021 — FEITIAN has been qualified to be the first security key and smart card vendor to achieve the FIDO Biometric Component Certification.  This is mandatory to qualify for FIDO Level 3 and higher Certification.

FEITIAN continues to build a full range of strong Multi-Factor Authentication (MFA) and Identification Access Management (IAM) solutions with a variety of security keys and smart cards. The fingerprint biometric module is now certified as a component of FEITIAN’s already FIDO Certified security keys and smart cards. This represents the first and the only security key or smart card module with Fingerprint Biometrics capabilities that passed the FIDO Biometric Component Certification Program. This FIDO Biometric Component Certification has proved that FEITAIN has the ability as well as strength to provide a best in class security solution in the field of multi-factor authentication.

In recent years, biometric technologies such as facial recognition, iris scanning, and fingerprint matching have become popular across commercial, personal, and public sectors. In particular, fingerprint biometric has driven digital transformation across many industries, such as banking and transportation. This has become a popular way to replace passwords and PINs. Biometric Component Certification Program launched by FIDO Alliance, is the first industry-defined program to validate biometric performance and security.

"We are pleased to announce this industry-first certification for the fingerprint biometric component which is already being used in a number of FEITIAN security key and smart card products. The certification is a testament to the security, reliability, and accuracy of our products", says Mr. Yan Yan, Vice President at FEITIAN.

In 2017, FEITIAN teamed with Microsoft to introduce the first FIDO2 biometric solution as part of the passwordless initiative to increase online security by eliminating passwords and FEITIAN continues to extend the biometric product line. FEITIAN products currently with the newly certified biometric module include: BioPass FIDO security key (USB-A/USB-C), BioPass FIDO Plus (PIV enabled), AllinPass FIDO security key (USB/NFC/BLE), and Fingerprint Biometric Smart Card.