Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
Smartcards can be used to mitigate an advanced persistent threat (APT) due to the security of the physical card, a company claims.
Hilding Arrehed, director of ActivIdentity which sells smartcards among other products and services, claimed that as the cards are used to login to a PC an attack would require a physical copy of the card.
“If a user loses a card they can revoke it if it is lost. With the RSA attack the attacker got the seed file and the tokens were compromised, with a smartcard there is no seed data and the access keys are generated inside the card.”
ActivIdentity said that too many organisations rely on older-generation perimeter defences and have weak internal authentication, which is why the APT strategy has been so effective.
Arrehed said employ strong one-time-password tokens with algorithms based on multiple variables (seed key, time and event counter) that are more resistant to compromise, and protect token seed files with strong encryption.
This article originally appeared at scmagazineuk.com
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.