By Sven Gossel, charismathics
As technologies evolve, product cycles have a well known pattern: from being a star to becoming a commodity. Well – here is the next star of the industry: iEnigma® , a software application for smart phones, just turn your smart phone into your digital identity and serve all needs for the enterprise, the banking institution or the individual. No change in security levels, no change to processes and no change to user habits. No evangelizing for a new technology, be compliant to all existing schemes. And upgrade them with a feature that nobody wants to miss after a short while. This product is not only making a digital identity ubiquitous – it is likely to change the way we think about the digital part of our lives.
The idea is as revolutionary as the concept of the product: Just keep your smart phone with you. Getting close to your computer it will authenticate the phone and let you work without pressing even a single button. Insecure? Already there in the market? You may want to take a deeper look. This product claims to be different, and the makers seem to have good reason for such claims.
On the enterprise side, it works with all existing identity management tools and embeds into running schemes. On the banking side, it fully supports NFC payment standards. And on the individual side, instead of a mystery happening in the background, you are in full and visual control of all your credentials. The product from charismathics ® claims to not only create a new level of privacy for all individuals; the user will enjoy an experience that current products are unable to provide.
So how does it work? Imagine, you have a smart card in your hands today. Well – this is only part of the story: the organization probably runs a directory service, a token management system and most likely a certificate life cycle product to support the card and its credentials. That all means a lot of work and organization, processes and manpower. And buying hardware. And providing support. Usage is ugly, people don’t like it too much. Those are just a few reasons, why such schemes are usually run only by larger companies. And why individuals usually prefer the username and password approach. So if you want to combine those worlds to make PKI security the standard approach for logical access as such, it has to be simple to use, must not require an excessive investment and must address a whole new set of users. In other words, your new product has to become a leapfrog technology, that should not compromise on security, but significantly gain on savings in hardware and manpower. And create a user experience, that sets a milestone by itself.
That is what iEnigma ® intends to do: It stores the individual user credentials inside the smart phone, bridges them into the computer via Bluetooth or WIFI and allows the user to maintain the product over the air interface, often just by the user himself. It also makes another user habit a real benefit: Smart phones are very personal devices. Which is why smart phones aren’t lost as often as your company ID card, or your ATM card. These are good news specifically for service providers!
Talking security, the communication in-between the phone and the computer is fully encrypted, the interfaces fully standardized and the application obviously supports smart card chips inside the phone. But it also supports credentials stored either in the SIM card of the phone, inside dedicated security storage areas or on separate devices, such as SD cards. The decision on where to store it is with the provider or with the individual – the application is fully configurable.
There are a few other benefits that are quite important: By definition, the product provides secure channel messaging and secure PIN entry – features that when using smart cards usually either lock the buyer to a single vendor or are quite expensive to implement. The other benefit is the combination with applications running on the smart phone itself. iEnigma ® also supports VPN and email clients, browsers as well as document management software on the phone itself. So when you are away from your desk, there is no limitation in security or a hole in the process flow.
Lastly, it uses the giant smart phone screen to simplify what otherwise a lot of people are paid for – as most of the support calls are for unlocking PINs, and people not reading the manuals. Charismathics even has redesigned the Bluetooth stacks of major chipset vendors to increase the usability of the interfaces. These by themselves provide a big saving for all scheme owners. However, the product allows enrolling for individual credentials also by itself, and it simplifies the process for Mom and Dad. And this is where the product gets visionary. Sven Gossel, Managing Director of charismathics, smiles and says: “We are just at the beginning of all the ideas around this product. Our aim is to make life easier for the organizations and users. But our vision is way beyond this step.” It seems quite clear that consumers are targeted by the company as well.
The product will first support Windows Mobile, RIM and Android, and will be ported to Apple and Symbian afterwards. iEnigma ® is also available as authentication engine for third parties so that banks and other service providers are able to use it in combination with their services.