Secure communications via IdentaDefense

Transcription

1 Secure communications via IdentaDefense How vulnerable is sensitive data? Communication is the least secure area of digital information. The many benefits of sending information electronically in a digital format are significantly reduced by vulnerability to theft. The convenience of correspondence, sending data files and presentations, text and other messages may be outweighed by security concerns as the increasing rate of cybercrime has been outpacing the developing of improved security methods. The recent estimates of economic loss due to fraud and data theft are astronomical: $ 1 trillion was lost to intellectual property theft in 2009 (Cyberspace Policy Review) $46 billion was lost in US to cyber theft in 2004 (Congressional Research Services) $559 million in losses was reported by US consumers to IC3 Web site alone in 2009 Today there is no method to send sensitive data electronically on a large scale, that is also secure, as would be required in the normal conduct of business. Industries, agencies and communication providers typically rely on inadequate security technologies that cannot verify identity. This inability is allowing fraud and privacy breaches to proliferate. The Aberdeen Group estimated that worldwide business losses to identity theft exceeded $221 billion in 2009; also 10 % of U.S. consumers have been the victims of identity theft according to Javelin Strategy and Research.

2 Why aren t digital communications secure? Digital communications are not secure because typically the information does not require that the intended recipient is actually the person accessing the information. Anyone with the correct password can fool a system. It also does not verify that the sender was actually the person claimed to have sent it. We have all received from an associate that actually was fraudulent because someone stole addresses from the purported sender. Although there are multiple identification methods, this in itself can be a significant obstacle. The incompatibility of many of these technologies renders them useless for broad application where disparate organizations must work together. The impracticality of creating a common set of standards for these myriad technologies has limited their use to closed groups of users as in a single company or department, or agency. Similarly, token based security systems cannot verify the identity of the sender or recipient. They also cannot confirm that decryption was performed by the intended recipient. A token system also constrains where data is accessible to the location of key storage. While the data is protected in transit this

3 encryption is of little use if someone has unauthorized acess to the computer storing the private key. Use of smart cards does not fully address these issues. Smart cards can be lost or stolen, and when lost, stolen, damaged or misplaced can prevent a valid user from accessing encrypted content on the computer. Biometrics would be a simple way to verify identity with a unique physical trait. Unfortunately, the myriad biometric devices, algorithms and the inability to create a common standard have made them unsuitable for general electronic communications or large scale use. What are the key practical limitations of system architecture? Today s secure communication systems are typically limited by a time consuming and costly installation and not being interoperable with other security systems, reducing effectiveness. These systems require proprietary custom installations and all elements are integrated within the existing internal security architecture They are not Interoperable with other security technologies and cannot verify the identity of senders/recipients. The time consuming and expensive nature of customized, proprietary installations discourages upgrading old systems and adding newer state of the art solutions. Lacking interoperable solutions keeps organizations from optimizing security based on communication need. A more robust and less expensive means of providing secure communications is required. A complete solution would consolidate identity verification into an interoperable system that easily integrates into existing security systems. Can secure digital communication be built on an interoperable identity verification technology? IdentaDefense technology is a universal, interoperable biometric identification solution for secure communications. IdentaDefense is not constrained to any particular computer location, biometric device, encryption form or digital communication system. It is a universal identity verification solution to protect all types of confidential communication. Its seamless interoperability relies on a flexible infrastructure for mixing and matching all available biometric or token based information, encryption techniques and data transmission. As technologies change Identazone can rapidly accommodate these changes due to its modular design. This universal approach to identity verification is unmatched.

4 Can another identity verification technology work as well as IdentaDefense for secure communications? No other identity verification product is flexible enough to fulfill the varying requirements Identazone s patented technology has been designed to meet. IdentaDefense can meet what often seems as conflicting customization requirements of various companies at the same time because of its modular nature. Further, IdentaDefense s ability to accommodate any device, algorithm and encryption in a single platform is far more cost effective than trying to custom integrate proprietary systems. This doesn t take into consideration the practical difficulty of reaching an agreement among companies on the preferred identity verification technology. Finally, only IdentaDefense can offer different biometric solutions to address the differences in individual physical traits for optimal identity verification. In summary, only IdentaDefense, because of its triple-platform independent architecture, has the flexibility to work with any biometric device or protocol, any communication infrastructure and any encryption method. This means that our customers have complete freedom to choose whatever combination of devices, methods or technologies work best for them.

5 How can IdentaDefense protect communications? IdentaDefense enables a user to send and receive encrypted digital data (for example, message, voice message, instant message, fax, ftp/http uploads) that may be opened only by the intended person. It utilizes highly accurate identification verification based on unique physical traits or any other identity verification technology employed by the company. Decryption of received correspondence is certified as opened by the intended recipient and reported to sender IdentaDefense uniquely removes all limits and constraints on secure communications because it is fully interoperable. It installs simply like software, works with all available biometric devices, supports unlimited factor authentication, existing biometric, security and software standards, communication protocols and encryption methods. IdentaDefense technology also assures that verification of identity will not be limited to the computer where the owner of information was registered, but can work from any computer.

6 How does IdentaDefense work? IdentaDefense is a data transfer method that can transform or any other type of digital communications into a confidential communication channel for business, government and personal use. It is accomplished as simply sending with an attachment; identity verification is performed instantly. The interoperable capabilities of IdentaDefense ensure that identity verification is performed using whatever identity verification technology is selected. Most often this means a biometric touch sensor device. The typical steps are as follows: First, all users are screened to help select the biometric sensor that works best for them. For example, because of different traits in fingerprints some manufacturer s sensors work better than others for a specific user. Second, enrollment is completed. The user s biometric identity is created and stored as encrypted templates in IdentaDefense s secure biometric identity server. Note that no personal information is stored in IdentaDefense, assuring privacy. User selects anyone who already subscribed to IdentaDefense and performed biometric enrollment. These individuals become IdentaDefense contacts ( similar to how you create your contacts). This is how an IdentaDefense network is created. User can now perform secure communication by using biometrically enabled devices and ANY COMMUNICATION CHANNELS ( FTP, SMTP, HTTP, VOICE, FAX, INSTANT MESSAGES, ETC) For what markets is IdentaDefense appropriate? Since IdentaDefense can transform or any other type of digital communication into a confidential communication channel, it is ideal for those enterprises or organizations that do not use, or are worried about using, regular service out of security concerns for sensitive information. This broad category includes the medical, legal and financial communities in addition to government, and small and large businesses.

7 Although it is natural to be concerned about adding a level of complexity to communications, know that the IdentaZone identity verification measures are simple to use and do not add complexity. Using this system is as simple as sending with an attachment. Identity verification is performed instantly.