Mobile Authentication Server From Utimaco Safeware Enables Secure One-Time Passwords Via Your Mobile Phone Friday 27 July 2001 PDF Print New Internet Technology Addresses The Current Demand For Remote Mobile Authentication Utimaco Safeware today announced its Mobile Authentication Server (MAS), a new type of authentication service for mobile network operators and end users. In an age where the mobile communication network is far-reaching and GSM mobile phones are increasingly in use, the process of performing e-business transactions is no longer restricted to the workplace. MAS technology presents business and traveling users with the advantage of on-request, secure, one-way password protected access to restricted network applications from any worldwide location, at any time. The MAS is a central authentication service, which can be integrated into existing security infrastructures, consisting of a database containing cryptographically secured user information, the CryptoServer 2000 Hardware Security Module (HSM) and a Global Systems for Mobile (GSM) communications unit. The technology permits the user to authenticate him or herself via access-protected Internet services, such as e-banking or e-brokerage, using their mobile phone. In order to gain access to an Internet application, the user can log on from any web server that has first been secured using MAS. In a single, one-time logon procedure, the user enters their essential data, such as User-ID, name, mobile telephone number etc., into the user database. When an authentication request is made, an encrypted one-way password is generated with the assistance of a corresponding user data set within the HSM and is then transferred to the user's mobile telephone via the GSM interface by means of the SMS (Short Message Service) service. If the one-time password is successfully verified, the user is allowed access. Generally three attempts are allowed, within a defined time window, before access is denied. The password can be sent to the mobile telephone either as clear text SMS or encrypted SMS. The related keys are stored in a secured environment and user data is stored in an encrypted and signed database. Only the freely chosen user ID can be read in plain text, which would be of no interest to hackers. The MAS procedure offers an extremely high level of security for user authentication, according to the knowledge (PIN) and ownership (mobile telephone) principle. Also, owing to the widespread deployment of GSM mobile phones as hardware, the procedure is significantly less expensive than procedures with comparable security, which require additional hardware, such as smartcards or ID tokens. “We wanted to design an end-to-end security platform for m-commerce containing the very latest security procedures which would satisfy current and future demands in the enormous global mobile phone market,” explained Jackie Groves, managing director for Utimaco Safeware UK. “Our MAS technology lives up to the challenge by addressing the need for a highly-secure but convenient way for remote users to access confidential information using their telephone handset, something that a businessman is rarely apart from!” About Utimaco Safeware Utimaco Safeware is the leading European manufacturer of professional and certified IT security solutions. Utimaco Safeware develops and sells integrated security solutions based on established standards regulating mobile/desktop security and Internet security. Utimaco Safeware maintains its website at http://www.utimaco.com. This press release was distributed by ResponseSource Press Release Wire on behalf of Strategic Public Relations Ltd in the following categories: Consumer Technology, Personal Finance, Business & Finance, Computing & Telecoms, for more information visit https://pressreleasewire.responsesource.com/about.