Stock O'holics Investing University

[fast.money]

$NXTD news from Monday! NXT-ID's Dynamic Pairing Prevents Security Vulnerabilities Such as Heartbleed Security Leak

http://finance.yahoo.com/news/nxt-ids-dynamic-pairing-prevents-153344444.html

SHELTON, CT--(Marketwired - Apr 14, 2014) - NXT-ID, Inc., (OTCQB: NXTD), a biometric authentication company focused on the growing mobile commerce market, announced today solutions to prevent issues such as the Heartbleed OpenSSL security leak using its patent pending Dynamic Pairing.

Gino Pereira, CEO of Nxt-ID said, "Dynamic Pairing is an important part of our MobileBio® product offerings including Wocket™. What sets us apart is that we not only authenticate who you are to access your private information, but we also protect it through sophisticated and novel encryption methods."

OpenSSL, a widely used open-source encryption standard, recently became the source of one of the largest security flaws ever reported. A little more than half the Internet is secured with OpenSSL, not including all the various email, chat, and app services on various platforms. The security flaw takes advantage of what OpenSSL calls a "heartbeat," where data is exchanged between a device and a server. Under normal circumstances, a device can only request a specific amount of data from the service. However, a recent bug introduced into the OpenSSL codebase allowed more than the specific amount to be extracted, causing more information to be revealed to the device than the device should be authorized to receive.

NXT-ID's Dynamic Pairing has its own heartbeat method, but unlike other methods such as OpenSSL, each data request is dynamic and based upon a risk analysis algorithm that inherently validates authentication. Since, by its very nature, authentication under dynamic pairing changes with each access, unauthorized data can never be revealed to any device. Dynamic Pairing adds authentication and security that overcome traditional vulnerabilities of methods such SSL and TLS.

In the case of Heartbleed, a hacker is accessing data over what the server assumed to be, a secure channel. The hacker then uses that channel to continually probe the server for more and more data. With Dynamic Pairing, the authentication score determines the level of trust the server gives an incoming connection. When a server utilizes Pairing Codes which are encrypted with dynamic authentication scores, a server would not be susceptible to an attack like Heartbleed.