IBM scientists recently developed a new mobile authentication security technology based on near-field communication, providing an additional layer of security when using an NFC-enabled device or contactless card to complete transactions.
A report by ABI Research showed that the number of NFC devices in use will surpass 500 million next year. Fraud and security breaches have been an increasing problem among mobile users.
To address the issue, IBM scientists developed the two-factor authentication to secure the mobile transactions—a system used by computer users who are asked for both a password and verification code sent by SMS.
The scientists applied the same concept using a PIN number and contactless smart card, which would be a bank-issued ATM card or employer-issued ID badge.
“Our two-factor authentication technology based on the Advanced Encryption Standard provides a robust security solution with no learning curve,” Diego Ortiz-Yepes, a mobile security scientist at IBM Research, said.
When a user holds their contactless card next to the NFC reader and keys in their PIN, a one-time code would be generated by the card and sent to the server by the mobile device. The technology is based on end-to-end encryption between the server and smartcard using the National Institute of Standards & Technology’s advanced encryption standard.
The technology is available for any NFC-enabled Android 4.0 device and is based on IBM Worklight, a mobile app that is part of the IBM MobileFirst portfolio. Future updates will feature additional NFC-enabled devices.