contents

hardware
 
Hamburg Lottery Company Opts for Secure Two-Factor Authentication with Giesecke & Devrient's Internet Smart Card

Giesecke & Devrient (G&D) is unveiling its new Internet Smart Card at CarteS 2007. The card will be deployed for the first time in Northern Germany, where starting next week, players in the Hamburg lottery can use the USB token to access the company's online portal. Together with the statutory lottery identification process, the "Lotto Internet Stick" meets the legal requirement in Germany to prove that a player has reached the age of majority and thus complies with the requirements laid down by the Commission for the Protection of Minors in the Media for closed user groups. Identification and authentication provide the basis for robust protection of young people when using Internet services. Players just insert the token into their computer's USB port and enter their PIN number. The PC is then automatically configured for the token.

Players initially demonstrate that they have reached the age of majority (lottery identification process) by presenting appropriate ID in person at a lottery sales point. They are then given their personal Lotto Internet Stick, with the required PIN number being sent separately by e-mail.

The stick ensures that lottery players always have secure access to the online service. The Internet Smart Card is a personal tool that players can carry with them to protect their private identity on the Web and use on almost every device with Internet access.

G&D describes the Internet Smart Card as the smallest Web server-based security proxy currently available worldwide, whose contents can be displayed by all standard browsers. Additional hardware, middleware, and client software are no longer required on the user's PC.

The Internet Smart Card checks SSL certificates during the logon and authentication process. It thereby prevents users from unintentionally connecting to a fraudulent website and the site's operators gaining access to sensitive user data. The card user and the Internet provider's server are able to authenticate themselves to each other via an encrypted end-to-end connection that utilizes standard security protocols, such as Secure Socket Layer (SSL) and Transport Layer Security (TLS), and by checking client and/or service certificates on the Internet Smart Card.

Furthermore, G&D's Internet Smart Card can perform additional functions, such as secure user logon to other Internet portals, closed user groups, or for online gaming.

The fact that the logon data is only held on the Internet Smart Card means that, when connecting to a service platform, the user is protected against phishing, pharming, password spying, spoofing, keyboard logging, man-in-the-middle attacks, and attacks by malignant software known as trojans. The card is very easy to use, thanks to automatic configuration on computers running Windows XP and Vista. For Windows 2000, Linux, and Mac OS systems, just a few simple steps are required.



write your comments about the article :: © 2007 Networking News :: home page