internet transaction and communication security
DESCRIPTION
The internet - and your company - needs a new architecture for future internet transaction and communication security. And Guardog will prevent impersonation - the biggest weak point of all existing security schemes.TRANSCRIPT
![Page 1: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/1.jpg)
Introduces
![Page 2: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/2.jpg)
Internet security today:
![Page 3: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/3.jpg)
![Page 4: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/4.jpg)
![Page 5: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/5.jpg)
![Page 6: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/6.jpg)
Cybersecurity today.
Trojan horses
Keylogging
Phishing
Impersonation
Malware
Bots
Worms
Viruses
Rootkits
Spyware
![Page 7: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/7.jpg)
Recent breaches.
• Target– 70,000,000
• Facebook – 6,000,000
• Evernote – 50,000,000
• Adobe – 38,000,000.
• RSA – 660,000 to 1,000,000
• Zappos – 24,000,000
Today, this observation is all too true:
“A false sense of security is the only kind there is.”-- Michael Meade
![Page 8: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/8.jpg)
Costs of cybercrime.
Cost of cybercrime surges to $113 billion.
Costs have climbed by an average of 78%.
Time required to recover from a breach has increased 130%.
In the United States alone, the annual cybercrime cost seen by the 60
businesses studied ranged from $1.3 million to more than $58 million and
averaged $11.6 million per company – an increase of $2.6 million from
2012. The average cost of cleaning up after a single successful attack was
$1 million.
But the costs of correcting data breaches are no longer the only
cause for concern. The legal consequences, such as class-action
lawsuits on behalf of third parties affected by such cyber attacks, are
a growing worry of business owners.
![Page 9: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/9.jpg)
Cybersecurity today.
Today’s authentication scheme is 40 years old. It identifies its users from
one or a combination of the following elements:
1. Something the user has: computer, mobile phone or RSA key
2. Something the user knows: password, username, identification (PIN)
number etc.
![Page 10: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/10.jpg)
Static authentication.
All authentication protocols currently in use have one common weakness:
They are static.
Static credentials are prone to manipulation and theft.
After several years of helping organizations investigate hundred of security
breaches around the world, Mandiant has found a constant:
100% of breaches involved stolen credentials.
And the average time until a breach is detected is 462 days.
![Page 11: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/11.jpg)
Industry response.
Strong password
Two-factor authentication
Out-of-band verification. i.e. email, SMS, phone call follow-up
(very inconvenient and still only verifies initial login and doesn’t stop
Man-In-the-Middle intrusions)
Secure tunneling (SSL), disk or transparent encryption (AES)
![Page 12: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/12.jpg)
Industry response is insufficient.
Reports of successful attacks on smartcard-based technology illustrate
that "true two-factor authentication is not possible without a physical
component that is not accessible digitally.”
-- Jaime Blasco, Director, AlienVault Labs
To overcome the limitation of static authentication – the weakness in digital
identity security – a new physical component is required.
![Page 13: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/13.jpg)
But now there’s
Guardog has four elements that no other system has (think of them as
Guardog’s four muscular legs).
![Page 14: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/14.jpg)
1
Guardog gives a user a physical element: a Guardog key which the user
inserts into his/her computer. This non-digital element, integral to a user’s
session with the service provider, is beyond the reach of any intruder.
The Guardog key is also available as a Smartphone app.
![Page 15: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/15.jpg)
2
When a user logs in to the service provider, to authenticate who he/she is,
Guardog has the service provider authenticate itself back to the user. Since
this is the reverse of LOGIN, we call it NIGOL.
Login/Nigol starts a mutual authentication that we call . . .
![Page 16: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/16.jpg)
The patented Guardog invention:
![Page 17: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/17.jpg)
3
Cothentication™ does not stop at login. Instead, it continues throughout
every session. Each time a user makes a request of the service provider –
any monetary transaction or any transmission of information – Guardog
institutes another Cothentication. Guardog repeatedly verifies the user’s
and service provider’s identity.
![Page 18: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/18.jpg)
4
Guardog’s Cothentication is dynamic, and based on 128 bit encryption
through randomly generated codes. Thus every exchange is different from
every previous exchange. This unpredictable characteristic defeats any and
every attempted intrusion.
![Page 19: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/19.jpg)
1. The Guardog Key.
Guardog uses a unique and radically different approach to deliver the only absolute solution for Internet transaction and communication security. Guardog gives the user a physical element: the Guardog key, either as a USB key or as a Smartphone app which works in conjunction with the browser. By employing either of these physical elements, integral to a user’s session with the service provider, Guardog puts the session beyond the reach of any intruder.
![Page 20: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/20.jpg)
1. The Guardog Key.
Simply put, the Guardog Key is a next-generation hardware security device.
It is designed to help all users achieve a higher level of digital security
simply and easily. The Guardog Key helps protect digital identity,
communications and transactions. It is a critical component in a state-of-
the-art closed loop security solution that leaves a would-be "Man In The
Browser" (MIB) and “Man-In-the-Middle” (MITM)...a "Man Out In The Cold!"
(MOITC).
![Page 21: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/21.jpg)
2. The Guardog Server.
Mutual. The Guardog server “faces” both ways – toward the service provider
and toward the user. Guardog is a mutually trusted party.
It creates and validates randomized, “destination-aware” secure
communications and transactions.
Zero knowledge. Just as a dog guarding a valuable installation has no
knowledge of what’s inside, Guardog has zero knowledge of the Internet
transactions and communications whose security it protects.
![Page 22: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/22.jpg)
3. The service provider (The Bank).
A service provider uses designated authentication servers to perform
special functions such as authenticating itself to the user and confirming
the user’s authentication back to the service provider.
![Page 23: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/23.jpg)
16-step Cothentication process.
To begin a session with a service provider who has installed the
Guardog system, a user inserts his/her Guardog key in a USB port or
activates the Guardog Smartphone app in conjunction with his/her
computer browser. This sets in motion a 16-step Cothentication
process: the user authenticates himself/herself to the service provider
and the service provider authenticates itself to the user...all within
milliseconds. On step 14, Guardog "opens a gate" between the user
and the service provider. The gate stays open through step 15, then
closes on step 16...no time for a would-be intruder to get in.
![Page 24: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/24.jpg)
16-step Cothentication process.
![Page 25: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/25.jpg)
Once Guardog Cothentication is complete...
Only when these 16 authentication steps are complete does Guardog “open
a gate” or “open a window” between the user and the service provider, for
the communication or transaction itself.
Within a session, whenever the user makes a new request, these steps are
repeated. Once they are completed, Guardog opens another gate or
window, for this new communication or transaction.
![Page 26: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/26.jpg)
Guardog visualized.
Imagine you are standing in front of a huge blank wall.
All of a sudden a window opens somewhere in the wall and an anonymous message passes through in a split second. Then the window disappears.
Then another window opens up in a totally different spot - and disappears.
It is never clear if and where another window will open.
That’s how Guardog works.
The message transfer cannot be spoofed, predicted or duplicatedbecause it is random, encrypted and dynamic.
This is Nuclear Launch Code Security.
![Page 27: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/27.jpg)
AAF1267KL998MM6543)2
![Page 28: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/28.jpg)
GHJ773121212KKJDCE34
![Page 29: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/29.jpg)
AAF1267KL998MM6543)2
![Page 30: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/30.jpg)
Competitive Analysis.
1. YubiKey
2. Safelock
3. Ironkey
4. iCloud Keychain
5. Smartcards
6. Public key/private key
![Page 31: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/31.jpg)
Comparison.
Competitors Guardog
Strong password Non-transferable Dynamic Credential
2 Factor Authentication (RSA) Continuous Mutual Authentication
Out of Band Verification (email, SMS) Destination-aware Secure Messaging
SSL and transparent encryption (AES) Authenticated Encryption/Decryption
Encryption Key protected by password Encryption key protected by server and client side keys
END RESULTSIdentity fraud reduction Prevents identity fraud
Increased barrier of attacks Eliminates an entire category of threats
Mitigates the risk of impersonations
Provides physical control over digital xxxassets
Protects 100% of user accounts
![Page 32: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/32.jpg)
Guardog API supports:
Operating System:
Windows Server 2008, 2008 R2, 2013, Linux
Web Servers:
Apache, IIS etc.
Database
MySQL, MSSQL etc.
Network Protocols:
TCP, HTTP, HTTPS
Development Languages:
PHP, Asp.net, C/C++, Java
![Page 33: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/33.jpg)
In summary:
The old authentication
versus
the new authentication :
![Page 34: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/34.jpg)
The existing Cybersecurity model:
She sat down at her computer and inserted her username and password
into her browser. Authenticated. She instructed her bank to move $150.00
from her checking to her savings account. She also sent a wire transfer to
her sister in California. She paid the bill for her American Express card and
instructed the bank to notify her of any payments over $200 as an
additional security measure.
![Page 35: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/35.jpg)
Guardog’s Cybersecurity model:
She sat down at her computer and inserted Guardog’s patented
Guardog thumbdrive. She opened the browser for her bank Cothenticated
and Cothenticated instructed her bank to move $150.00 from her checking
Cothenticated to her savings account. Cothenticated She also sent a wire
transfer Cothenticated to her sister in California. Cothenticated She paid the
bill for her American Express card Cothenticated and instructed the bank to
notify her Cothenticated of any payments over $200 as an additional
security measure. Cothenticated
![Page 36: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/36.jpg)
Protection of Intellectual Property.
Guardog technology is patented in the USA, Canada, China, Japan,
Australia and New Zealand.
![Page 37: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/37.jpg)
In conclusion.
Cybersecurity has been solved.
The perpetual motion machine and cold fusion are next on our list.
Thank you.
![Page 38: Internet transaction and communication security](https://reader034.vdocument.in/reader034/viewer/2022052601/5598bc261a28abbc4a8b4829/html5/thumbnails/38.jpg)