The Smart Card Alliance endorses the Obama Administration's National Strategy for Trusted Identities in Cyberspace (NSTIC), developed under the auspices of the President's Cyberspace Policy Review by the National Security Staff and an interagency writing team.
The NSTIC initiative correctly recognizes that there are very real problems of identity management, privacy and security in our society today, and brings a much needed focus on solving the problems. Although its scope is limited to cyberspace, the Framework it outlines would also establish essential foundational elements that can help to strengthen identity, privacy and security in healthcare, social security administration, immigration reform and other programs in the physical world.
The NSTIC Framework draft is well conceived and written. It is intentionally broad in scope, providing a wide range of trusted identity constructs and identity protection technologies. The Framework is very pragmatic and practical in its approach, because it limits its role to being an enabler, facilitator and accelerator of the Identity Ecosystem development. There is a clear recognition that many different public and private stakeholders will be involved in working out the specifics of the Framework and ultimately, using it.
The Healthcare and Identity Councils of the Smart Card Alliance, a non-profit public/private partnership organization whose members include healthcare providers, financial institutions, payment brands, enterprises, government users and technology providers, prepared specific comments on the NSTIC Framework draft. Some top-level points are:
* The Alliance strongly agrees with the ideas of using federal, state and local government and academia programs to accelerate development of the Identity Ecosystem, while leveraging existing procedures, standards and technologies such as FIPS 201 and the Federal Identity, Credentialing and Access Management Roadmap used to achieve Personal Identity Verification (PIV) and interoperability (PIV-I) in Homeland Security Presidential Directive (HSPD)-12. * The highest priority should be first defining the Identity Ecosystem for the most trusted digital transactions based on an identity medium, because this part of thee of thee this part of the Identity Ecosystem can have the greatest positive impact on identity, security and privacy and it is also the least developed commercially and therefore needs the greatest attention and leadership. * A suggested idea to make high-value identity transactions both secure and easy to use is the familiar approach of a card and PIN as an identity medium; however, to achieve high levels of security, the card must include smart card technology to carry PKI credentials, biometrics and other security features; other important advantages are that this would create a portable identity medium, and it provides a secure environment that is independent from the PC, thereby side-stepping issues involved with PC, website and service provider hacker threats.
The NSTIC document explains that the need for such a strategy is due to the rising tide of identity theft, online fraud and cyber intrusions, the proliferation of usernames and passwords that individuals must remember, and the need to deliver online services more securely and efficiently. The Framework mentions smart card technology as the kind of technology appropriate for an identity medium, or a personal security device to protect identities in online transactions, and prevent others from stealing or misusing identities.
An Identity Ecosystem that includes smart card technology as an identity medium for high-assurance online identity transactions will provide a very strong and proven foundation for protecting identities in cyberspace in a secure, privacy sensitive way. This foundation can be put in place without reinventing the wheel. The federal government has already established a set of best practices, standards and technology solutions for smart card-based identity management and authentication that can be adapted to this initiative.
What is the advantage of using smart card technology?
A smart card is a card with a small computer in it. Unlike magnetic stripe or RFID cards, the smart card's computer provides high levels of security and privacy protection. Unlike PCs and other open systems, smart cards are designed for security and are virtually impervious to malware, forgery and other fraudulent efforts to extract information.
Smart cards can provide a secure tamperproof container for PKI digital identity credentials and biometric identifiers. In addition, they can be delivered in a familiar card format, making them both portable and easy for broad public distribution and use.
These capabilities make smart card technology ideal for protecting identities and privacy, and for preventing fraud. Smart cards are readily used online and across networks and deliver very high levels of security over the Internet.
Many readers of the NSTIC Framework may not be aware that all U.S. federal government employees have a smart card-based ID card, the Personal Identity Verification (PIV) card, which can be used to access government facilities and information systems, and to digitally sign documents or online transactions. The new electronic passports in the U.S. and many other countries are based on smart card technology. The SIM cards used in 80 percent of the world's cell phones are smart cards. Nearly one billion credit and debit cards worldwide are smart cards, based on an interoperable global standard called EMV, named for its original sponsors Europay, MasterCard and Visa.
* Healthcare Identity Management: The Foundation for a Secure and Trusted National Health Information Network * Assurance Levels Overview and Recommendations * Identifiers and Authentication -- Smart Credential Choices to Protect Digital Identity * Identity Management Systems, Smart Cards and Privacy * Privacy and Secure Identification Systems: The Role of Smart Cards as a Privacy-Enabling Technology * Secure Identification Systems: Building a Chain of Trust
The current final draft is posted on www.nstic.ideascale.com for public review and input. The Department of Homeland Security is supporting the NSS in this public review period and is providing NSS with the use of an Open Government tool called IdeaScale to collect and prioritize comments. The document will be posted until July 19th, 2010.
"Using either public key infrastructure (PKI) or a one-time password (OTP)"
Gemalto and Vodafone Group R&D have won an IDDY in the POC category for the development of a solution that adds strong authentication capabilities to OpenID using a Universal Integrated Circuit Card (UICC, typically a SIM card) inserted in a handset or inside a USB token, and is using either public key infrastructure (PKI) or a one-time password (OTP) as the underlying authentication technology. The application allows the use of distinct devices to access the service and to authenticate. The UICC (SIM) is used as a networked cryptographic computer exposing authentication services accessible via IP protocols. This provides users with new and convenient options for securely accessing OpenID-enabled sites from devices such as a PC, handset or game station. Mobile network operators could offer a service to allow end users to leverage UICC-based OpenID single-sign-on to secure access to Web applications.
BASKING RIDGE, NJ, and AUSTIN, TX — Verizon Wireless announced today it has selected Gemalto, the world leader in digital security, to provide an over-the-air (OTA) platform and LTE Universal Integrated Circuit Card (UICC) for the industry’s first Long Term Evolution (LTE) mobile broadband network. The OTA platform and UICC will help Verizon Wireless deliver a secure and reliable multimedia data connection, provide global roaming and remotely add new UICC card applications and services on its 4G LTE wireless broadband network.
Verizon Wireless selected Gemalto for its OTA platform, which will help the wireless leader manage LTE devices on its 4G LTE network, as well as its UICC, a new innovative microprocessor smart card. The UICC will be used inside mobile devices to manage subscriber information exchange – such as transferring contacts and preferences from one device to another – while providing secure access to Verizon Wireless’ LTE network.
Kyle Malady, vice president of product development for Verizon Wireless, said, “As we build the global LTE ecosystem, we are bringing in partners who are best in their class and who have demonstrated the ability to bring products to market quickly. Gemalto fits the bill for its OTA platform and its UICC.”
Philippe Vallée, executive vice president of telecommunications for Gemalto, said, “We are very pleased Verizon Wireless chose us as a technology partner in the LTE OTA and UICC implementation, a significant industry milestone in the migration to all IP networks.”
By leveraging its 700 MHz spectrum for LTE deployment, Verizon Wireless is deploying a high quality wireless broadband network with excellent coverage and in-building penetration, all at a cost structure significantly below current levels.
For more information about Verizon Wireless, visit www.verizonwireless.com. For more information about Gemalto’s wireless telecom solutions, visit www.gemalto.com/telecom.
About Verizon Wireless
Verizon Wireless operates the nation’s most reliable and largest wireless voice and data network, serving more than 86.6 million customers. Headquartered in Basking Ridge, N.J., with more than 86,000 employees nationwide, Verizon Wireless is a joint venture of Verizon Communications (NYSE: VZ) and Vodafone (NYSE and LSE: VOD). For more information, visit www.verizonwireless.com. To preview and request broadcast-quality video footage and high-resolution stills of Verizon Wireless operations, log on to the Verizon Wireless Multimedia Library at www.verizonwireless.com/multimedia.
About Gemalto
Gemalto is the world leader in digital security with 2008 annual revenues of €1.68 billion, and 10,000 employees operating out of 75 offices, research and service centers in 40 countries.
Gemalto is at the heart of our evolving digital society. The freedom to communicate, travel, shop, bank, entertain, and work – anytime, anywhere – has become an integral part of what people want and expect, in ways that are convenient, enjoyable and secure.
Gemalto delivers on the growing demands of billions of people worldwide for mobile connectivity, identity and data protection, credit card safety, health and transportation services, e-government and national security. We do this by supplying to governments, wireless operators, banks and enterprises a wide range of secure personal devices, such as subscriber identification modules (SIM) in mobile phones, smart banking cards, smart card access badges, electronic passports, and USB tokens for online identity protection. To complete the solution we also provide software, systems and services to help our customers achieve their goals.
As the use of Gemalto’s software and secure devices increases with the number of people interacting in the digital and wireless world, the company is poised to thrive over the coming years.
Wave Systems Collaborates on Open Identity Initiative for Federal Government
Government Unveiling Pilot Program to Encourage Federal Agencies to Utilize Open Identity Technologies in Response to President Obama's Mandate for Greater Citizen Participation
LEE, MA -- (Marketwire) -- 09/09/09 -- Wave Systems Corp. (NASDAQ: WAVX) (www.wave.com) announced today its support of the first open identity pilot program aimed at enabling members of the public and businesses to register and participate in government websites without creating new user names and passwords. Wave joins Yahoo!, PayPal, Google, Equifax, AOL, VeriSign, Acxiom, Citi and Privo in supporting this new pilot program as digital identity providers offering solutions based on OpenID and Information Card technologies.
The Center for Information Technology, National Institutes of Health, U.S. Department of Health and Human Services and related agencies will participate in the pilot program. Wave and the other participating companies are being certified under the open trust frameworks developed by the OpenID Foundation and the Information Card Foundation and reviewed by the federal government. A joint announcement by both foundations was issued earlier today to coincide with the first day of the Gov 2.0 Summit in Washington, D.C.
"The Open Identity for Open Government Initiative, a joint mission of the Information Card Foundation and OpenID Foundation with the U.S. government, is one of the most significant steps in making government more transparent and participatory," said Drummond Reed, Executive Director of the Information Card Foundation. "But with open access comes the need for greater security and privacy. Wave Systems is developing the ability to tie open identity technology into the trusted computing infrastructure. This will provide the basis for stronger security and privacy, and would pave the way for a whole new class of trusted applications."
Wave has been developing a service which combines hardware security and open identities for secure, single sign-on for accessing Web services. It utilizes OpenID and SAML, open standards that allow the use of an existing identity to sign into multiple websites without creating new passwords. With OpenID, a visited website (relying party) communicates with an identity provider and that provider then confirms the visitor's identity to the website. To date many sites including Google, FaceBook and SalesForce participate in OpenID as an identity provider, relying party or both.
The following patent applications are thought to have been made in the name of Wave Systems Corp. However, this is not possible to confirm until the patents are officially approved, granted and registered.
Cryptographic data security system and method
US Patent Application Number 20020087860 of July 4, 2002
A method for communicating between a computer device and a trusted server is disclosed. According to the method of the invention, a one-time password for use in communication from the device to the server is generated. The device generates at least one one-time request-authentication datum that includes a function of at least a portion of a previous response from the server to a previous message from the device. The server then generates at least one one-time response authentication datum that includes a function of at least a portion of at least one one-time password.
Public Key Infrastructure (PKI) isn’t just for enterprise applications – a Machine-to-Machine (M2M) authentication strategy based on PKI can form the backbone of a secure embedded system.
Dick Lynch, Verizon CTO, is Inaugural Recipient of Qualcomm's 25th Anniversary Technology Innovation Partner Award
Qualcomm Honors Verizon's Lynch for his Role in Driving Wireless Industry's Success --
"This underscores Verizon's commitment and vision to accelerate an environment that will offer consumers greater data services and applications at higher speeds. Verizon Wireless' Get It Now(R) application download service was the first commercial implementation of Qualcomm's Brew(R) technology in the United States. In addition, Verizon's V CAST Mobile TV offering uses Qualcomm's MediaFLO(TM) services platform to broadcast high-quality mobile entertainment and information to subscribers nationwide. In July 2009, Qualcomm and Verizon Wireless formed a strategic alliance to launch nPhase, a joint venture aimed at accelerating the adoption of machine-to-machine (M2M) wireless communications and advancing the evolution of smart services worldwide",..
"We expect to launch our 4G LTE network in 25-30 markets by the end of 2010, covering approximately 100 million Americans. We’ve also noted the first devices that will be available to access the new network are likely to be PC cards and USB dongles, for high-speed laptop connectivity. Other types of devices, including those designed for individual consumers, are slated for the middle of next year"
SAN DIEGO, Qualcomm Incorporated today introduced its 25th Anniversary Technology Innovation Partner Award Program. The award's first recipient, Dick Lynch, chief technology officer of Verizon Communications, was honored today at Qualcomm's 2010 Uplinq Conference in San Diego. In conjunction with the award, Qualcomm will make a financial donation in Lynch's name to fund the advancement of wireless education.
"Since its founding, Qualcomm has consistently focused on innovation, entrepreneurship and collaboration," said Dr. Irwin M. Jacobs, co-founder and former chairman and CEO of Qualcomm. "Over the next 12 months, Qualcomm will recognize certain individuals who exemplify these shared principles, have played a key role in the success of the wireless industry, and have furthered adoption of Qualcomm technologies. I am especially pleased to present the first 25th Anniversary Technology Innovation Partner Award to Dick Lynch in recognition of his long career of leadership in the evolution of mobile wireless, now the largest technology platform in human history."
An acknowledged leader in the mobile services industry, Lynch has a long history of collaborating with Qualcomm to promote the proliferation of advanced mobile technologies. His strong advocacy inspired several industry-leading wireless companies to adopt CDMA and other innovative technology solutions and platforms pioneered by Qualcomm. In addition, he played an influential role in promoting the adoption of CDMA by the Telecommunications Industry Association as a North American digital cellular standard.
Lynch was an early champion of data services and recognized the role those services would play in people's lives. Among his many notable accomplishments at Verizon Communications, Lynch was instrumental in driving the adoption of CDMA IS-95A and CDMA2000(R) 1xEV-DO technology, which earned Verizon distinction as the first U.S. network to offer consumers access to mobile data services at broadband speeds. In a similarly groundbreaking move, Lynch announced Verizon's plans to be first in the United States to launch a next-generation Long Term Evolution (LTE) network.
Under Lynch's leadership, Verizon has frequently been the first to implement Qualcomm's technology innovations. This underscores Verizon's commitment and vision to accelerate an environment that will offer consumers greater data services and applications at higher speeds. Verizon Wireless' Get It Now(R) application download service was the first commercial implementation of Qualcomm's Brew(R) technology in the United States. In addition, Verizon's V CAST Mobile TV offering uses Qualcomm's MediaFLO(TM) services platform to broadcast high-quality mobile entertainment and information to subscribers nationwide. In July 2009, Qualcomm and Verizon Wireless formed a strategic alliance to launch nPhase, a joint venture aimed at accelerating the adoption of machine-to-machine (M2M) wireless communications and advancing the evolution of smart services worldwide.
About Qualcomm
Qualcomm Incorporated is the world leader in next-generation mobile technologies. For 25 years, Qualcomm ideas and inventions have driven the evolution of wireless communications, connecting people more closely to information, entertainment and each other. Today, Qualcomm technologies are powering the convergence of mobile communications and consumer electronics, making wireless devices and services more personal, affordable and accessible to people everywhere. For more information, visit Qualcomm around the Web:
The role of the UICC (sim card) in Long Term Evolution (LTE)
The value the UICC can bring to Long Term Evolution (LTE)
The UICC (Universal Integrated Circuit Card) is the smart card used in mobile terminals for GSM and UMTS/3G networks. It authenticates the subscriber to the network while ensuring the integrity and security of their personal data. It also stores applications for both operator and end-user use for the correct deployment of mobile services. Now in the pipeline for LTE, the UICC brings a whole host of fundamental features, tried and tested within GSM and now perfected for LTE. This technical focus will talk about its role as a secure device for authentication and the storage of personal data, as well as the value it can bring in terms of revenue generation and new service deployment.
"The inclusion of the UICC mandatory for accessing Long Term Evolution core networks"
A few key points:
Ready to deploy - LTE networks do not need a specific LTE USIM (Universal Subscriber Identity Module) function.
Fully integrated into IP networks - The UICC, as per existing standards, has become an IP connected processor with its own IP layers and IP stack (USB IC). This means that it is ready for deployment in all IP networks such as LTE.
Works with all 3G handsets - This means a wider park of cell phones to propose to your customer base.
Compliant with all distribution models - The UICC’s portability encourages the widest possible distribution model for the wireless business – UICC built in, subsidized handsets, or even generic, non subsidized phones.
Makes personalization easy - Carriers can use the UICC for plug and play personalization of the handset, both pre and post issuance on the field, offering a more tailored service for their subscribers.
Multi-device and convergence ready - The UICC comes in different form factors to suit your business model – standard USIM card, USB dongle, SIM in 3G laptops and Smart modem.
Secure storage of personal content - The UICC now stores up to 2GB of personal content for your user’s pleasure
All of the above has made the inclusion of the UICC mandatory for accessing Long Term Evolution core networks. So what does this mean for your business?
Long Term Evolution – The role of UICC technology The value of the UICC in LTE networks Business opportunities Different Form Factors A vision of the future Conclusion
Editor's Note: Welcome to our weekly Reality Check column. We've gathered a group of visionaries and veterans in the mobile industry to give their insights into the marketplace.
Over the past year, the wireless industry has given a lot more attention to connecting “things.” The number of machines communicating with each other wirelessly will soon dwarf the number of people connected via mobile devices. This next big thing in information technology has been clearly defined as machine-to-machine communications, or M2M.
The nature of personal communication has changed dramatically in the past few years. Instead of placing quick phone calls, users tend to send text messages via instant message or a text message. M2M solutions have long specialized in this kind of communication. The devices that have traditionally taken advantage of 2G and 3G cellular networks have done so with short-bursts of data, such as weekly power meter readings or hourly position-location pings from a fleet of freight trucks.
Now we're seeing a new wave of “connections,” where the lines between personal and machine communications are blurring. E-readers, music players and even washing machines are examples of consumer devices that are being equipped with 3G capabilities to connect to the web and interact with other machines.
Some of these devices emit short data transmissions, some download larger files and others remain “always on,” constantly communicating with the network. From that perspective, the average utility meter, e-reader or garbage truck could be categorized as an M2M device. These machines are constantly signaling the cellular network, checking for updates to download or upload files, books and location information, for example.
M2M has specific needs
In general, we think of M2M as any device that uses electricity and communicates with another device: quite literally, machines talking to machines without a person actively creating that connection. There are a few requirements for M2M communications that set it apart from personal and other types of communication.
First is duration of use, or the lifetime of the device. Whereas the average consumer has grown accustomed to a new phone every year or two, the majority of M2M devices serving vertical industries such as energy, healthcare and fleet management require a longevity that could extend beyond 10 years.
System integrators and enterprise customers don't want to replace their M2M modules or devices unless it's absolutely necessary. For example, trucks with 3G-connected telematics devices or smart utility meters are expected to function at the same level for many years without needing replacement. Consequently, 2G and 3G-enabled M2M devices that are already installed will remain connected to their networks for a very long time
Several M2M-reliant industries, such as fleet management and asset tracking, also require ubiquitous coverage throughout a country or region. Whereas people are accustomed to the occasional dropped call or loss of service, many vital industries such as healthcare require security, location accuracy and network reliability to ensure quality of service. While 2G and 3G networks in many regions around the world already have nationwide coverage, it will take 4G networks several years to attain the same reach and reliability.
Most M2M applications require a relatively low amount of bandwidth. In many instances the network capacity and speeds offered by GPRS and CDMA2000 1x are more than sufficient for M2M applications. Using lower-bandwidth technologies is also attractive because M2M device costs and total cost of network ownership are key factors driving the selection of mobile connection technologies.
M2M Module Price Comparison
Source: Harbor Research, Inc., September 2010
Harbor Research recently published the above chart showing that technology innovation, economies of scale and an increasing number of suppliers are dramatically reducing cellular M2M module prices.
M2M is counting on technology longevity
So what does all this mean? Clearly the number of connected devices is going to grow, and we've seen predictions, such as L.M. Ericsson Telephone Co.'s, that there will be 50 billion connections by 2020. These connections will utilize a broad range of fixed and wireless technologies, including cable, DSL, satellite, Bluetooth, Wi-Fi, 2G, 3G and 4G.
Strictly looking at cellular technologies, Harbor Research reports that the annual number of cellular M2M connections will grow to 161 million by the end of this year, and is projected to reach 390 million in 2014. While this number seems small in comparison to 50 billion, add wireless connectivity to any “thing” and the possibilities are limitless. Imagine a “smart grid” with virtually everything connected and communicating for optimal results: meters, appliances, autos, lighting fixtures, medical monitors, retail inventory, etc. Now imagine the benefits: greater productivity, energy conservation, remote access, reduced costs, enhanced healthcare and more.
This makes for bullish predictions regarding M2M, such as Strategy Analytics' expectation that the global mobile M2M market will reach $57 billion by 2014. 3G networks will support circuit-switched voice and mobile broadband services for many years to come, and M2M only strengthens the business case for continued investments in 3G technologies.
Many wireless operators and device manufacturers are embracing M2M as they seek new ways to add affordable wireless connectivity to a growing number of previously isolated machines. In addition to its sheer number of connections, M2M allows operators to more fully utilize their 3G network data capabilities, increase revenues and enjoy reduced churn rates.
Just as mobile phones revolutionized the way people connect with each other and use information, M2M has the potential to do the same for everything else around us. Ongoing investments in 3G networks, devices and services will open up new possibilities for innovation with machine-to-machine communications.
Wireless Packet Data networks, such as GPRS, hold great promise for applications that rely on machine to machine (M2M) communication. Widespread availability and low price per Kilobyte are two key benefits of GPRS networks that make it an attractive technology to replace existing equipment or to deploy new wireless solutions.
Hypercom Corporation today announced that Westpac Banking Corporation, one of Australia's largest financial services organizations by market capitalization, has ordered and will deploy 15,000 Hypercom Optimum countertop terminals to merchants in Australia.
The deployment places Westpac in a local market-leading position. No other Australian bank currently offers a terminal with mains power connectivity (ie: GPRS or Ethernet connectivity) without the added cost of a phone line. The new Westpac Hypercom product offering features include a terminal of this type, plus a mains-powered, phone line-connected countertop terminal and a battery-powered mobile terminal.
The multi-million dollar Westpac order is the first of several purchases and deployments planned under the terms of a five-year agreement between Westpac and Hypercom announced in November 2009. Additionally, Hypercom, through its wholly owned subsidiary ACG, has in the last two months started providing service and support to Westpac's entire installed base of more than 80,000 terminals.
"Westpac Banking Corporation is highly respected for its leadership, performance, innovation and unwavering singular focus on its customers. Their rollout of Optimum terminals represents a significant market share gain for Hypercom in Australia and New Zealand, considerably expands our footprint, and is a superb endorsement of our company and products," said Jacques-Herve Maupin, Managing Director, Hypercom Asia Pacific.
The TPM provides a hardware basis, usually through an application specific integrated circuit (ASIC), for protecting computers. The TPM’s capabilities include trusted cryptography, protected storage, integrity management, and attestation through natively supporting public key infrastructure (PKI) authentication.
Public Key Infrastructure (PKI) isn’t just for enterprise applications – a Machine-to-Machine (M2M) authentication strategy based on PKI can form the backbone of a secure embedded system.
The company offers EMBedded Application Security System (EMBASSY) Trust Suite, a set of applications and services that are designed to bring functionality and user value to trusted platform module (TPM) enabled products. The EMBASSY Trust Suite includes the EMBASSY Security Center, Trusted Drive Manager, Private Information Manager, and Key Transfer Manager. It also offers middleware and tools, which include TCG enabled toolkit that assists application developers writing new applications or modifying existing ones; and Wave TCG-Enabled Cryptographic Service Provider, which allows software developers to utilize the security of a TCG standards-based platform. In addition, the company offers EMBASSY Trust Server Applications comprising EMBASSY Key Management Server, a server application designed to provide corporate-level backup and transition of the TPM keys; EMBASSY Authentication Server that provides centralized management, provisioning, and enforcement of multifactor domain access policies; and EMBASSY
Remote Administration Server, which provides centralized management and auditing of TPMs. Further, Wave Systems Corp. provides eSign Transaction Management Suite and broadband media distribution services. It sells its products to chip original equipment manufacturers (OEMs), PC OEMs, enterprise customers, and systems integrators.
VeriFone has launched a £337 million hostile bid for rival card terminal outfit Hypercom after seeing an initial friendly approach rebuffed.
VeriFone says its all-cash bid represents a 52% premium over Hypercom's closing share price on Thursday last week, prior to a share-for-share proposal presented to the Hypercom board on Friday.
Hypercom has vigorously rejected the bid, which it says singificantly undervalues the company. In a statements, the company says: "Hypercom believes that VeriFone's proposal is opportunistic and intended to disrupt its business, which has successfully taken market share from VeriFone in several markets."
Shares in Hypercom soared in after-hours trading, rising 45% to $6.12 as investors speculated that VeriFone's approach might draw out other bidders, including France's Ingenico which abandoned a $332 million Hypercom takeover attempt two years ago.
In a letter to the Hypercom board, VeriFone CEO Douglas Bergeron writes: "Consummation of the proposal would insulate your shareholders from the risk that Hypercom faces should it continue to experience disappointing financial and operating results in these challenging markets."
He goes on to say that VeriFone would be prepared to take "extraordinary steps" to win regulatory approval for the bid, including the sale of Hypercom's US terminal business.
If successful, the acquisition would give VeriFone an expanded footprint in Europe, where Hypercom currently commands a 23% market share.
However, Hypercom is preparing to mount a strong defence, noting that it expects to significantly exceed Wall Street securities analysts' consensus estimate of $112 million in net revenues for the third quarter, following strong sales in Asia and Europe.
"We believe that VeriFone's proposal is opportunistically timed to exploit our second quarter 2010 results which were affected by supply chain issues that have been resolved," says Philippe Tartavull, Hypercom's Chief Executive Officer and President. "Hypercom is currently experiencing the strongest growth in global order demand in recent years and we are focused on converting this demand into revenue in the second half of 2010."
The company says it is adopting a stockholder rights plan to fight off VeriFone and has hired UBS and DLA Piper as financial and legal advisors.
Hypercom and TeleCash, a First Data Company and one of Germany’s leading network operators and electronic payment service providers, today announced that they have started marketing Hypercom’s medHybrid, the industry’s first multifunction healthcare and credit/debit card payment terminal. The high security medHybrid incorporates two card readers to process the German health insurance cards (KVK and eGK) as well as credit and debit card payments.
“The overwhelming majority of Germany’s doctors want to be able to accept electronic payments in their offices, and the medHybrid allows them to do just that. By introducing this multifunction terminal and teaming with TeleCash, Hypercom again solidifies its leadership as the only transaction solutions provider with a complete and futureproof family of high security data transaction products for Germany’s doctors, dentists, hospitals, pharmacies and other healthcare service providers,” said Peter Vesco, Managing Director, Hypercom Northern Europe. “Joining with TeleCash will help us get medHybrid into the field, expand our reach and build our marketshare.”
“By joining with Hypercom to market the medHybrid, we can offer doctors, hospitals and medical facilities a complete package for secure, flexible card processing that will benefit all,” said Joachim Hammer, Director of Program Management, TeleCash. “It’s important to have the most experienced and reliable partner at your side, and that’s why we have teamed with Hypercom.”
Hypercom’s medHybrid has received e-Health BCS (Basic Command Set) approval from Gematik, the German healthcare organization. It is approved as compliant with the current EMV POS terminal specification from the Central Credit Committee (Zentraler Kreditausschuss – ZKA) in Germany, and approved by BSI (the German Federal Agency for Security in Information Technology).
The medHybrid sets a new benchmark for health card devices. Featuring a large, high contrast, backlit display and embossed keys, it provides an intuitive and highly secure authentication system for patients and healthcare service providers. The device accepts magnetic and chip-based cards, allowing service providers to expedite transactions and reduce capital investment costs. It also features a serial data interface along with USB and LAN connectivity. Also, according to announcements of the healthcare self administration, doctors and hospitals will be reimbursed for their investment in e-Health BCS terminals.
The US Department of Defence is considering adding EMV-compliant pre-paid payment capabilities to its chip-based ID card for military personnel and staff.
The DoD has issued a request for information on the possibility of adding payment functionality to the Common Access Card, which is issued to all military and reserve personnel, civilian employees, other non-DoD government employees, state employees of the National Guard, and contractors.
The RFI document says the Department is "exploring options to provide an end-to-end enterprise solution by adding electronic payment functionality to identity cards using commercially-adopted, standards-based systems to enable the CAC/PIV card to act as an open loop, pre-paid, payment card".
The document stresses the application of commonly applied business standards, to ensure maximum usability and create the conditions for a government-wide platform applicable to all publicly-issued ID cards.
Critically, "the payment solution must be EMV-compliant on both the contact and contactless interfaces and fully functional at all EMV point of sale terminals or ATMs world-wide, where EMV is adopted," the document states.
If the initiative gets off the ground, it could kick-start the uptake of EMV-based chip cards in the commercial and banking sector, which is lagging the rest of world in the move to more secure chip and PIN payment technology.
Hypercom and First Data Team to Step Up Payment Industry's Attack on Card Data Fraud
HISTORY:April 12, 2010
"FIPS 140-2 Level 3 and X509 compliant"
"eliminates the need for off-site secure room key injection by incorporating PKI (Public Key Infrastructure) to securely distribute symmetric 3DES keys"
First Data Approves Hypercom as an Encrypting Service Organization for Remote Key Injection
Hypercom and TASQ to Roll-out HyperSafe(R) Remote Key System
Industry Leaders to Boost Security for Merchants with TransArmor(TM) and HyperSafe
SCOTTSDALE, Ariz., & ATLANTA, Apr 12, 2010 (BUSINESS WIRE) -- High security electronic payment and digital transactions solutions provider Hypercom Corporation and First Data Corporation, a global leader in electronic commerce and payment processing, today announced that First Data has approved Hypercom as an encrypting service organization for remote key injection and that Hypercom's HyperSafe(R) Remote Key System will be available through First Data's TASQ
Technology. The companies also announced that Hypercom is teaming with First Data to implement the First Data(R) TransArmorSM solution as a significant advance in the payment industry's attack on card data fraud.
Industry's Leading Standards-Based Remote Key Injection
Hypercom's Remote Key System (HRKS) is the industry's leading standards-based remote key injection product that allows retailers to quickly and securely initiate on-site, in-store payment terminal key injection at the point of sale. Available through First Data's TASQ Technology, the system offers a fast and highly secure alternative to the industry's traditional secure room key injection process.
HRKS eliminates the need for off-site secure room key injection by incorporating PKI (Public Key Infrastructure) to securely distribute symmetric 3DES keys. HRKS meets ANSI x9.24 and Visa PIN Security Guidelines for remote key management, and is
At a time when nine out of 10 Americans have a cell phone, the country's top two operators are getting creative about finding growth opportunities in an increasingly crowded wireless market.
AT&T and Verizon Wireless are betting heavily on embedded devices, from tried-and-true telematics solutions to wirelessly enabled dog collars. If their expectations hold true, the incremental revenue brought in by nontraditional cellular connections could be the next growth spurt for the wireless industry, helping to offset an inevitable slump in the rate of subscriber growth.
The head of AT&T's Emerging Device segment, Glenn Lurie, believes the addition of machine-to-machine (M2M) and wirelessly enabled devices could take the U.S. wireless penetration rate from about 90 percent to 500 percent. "There are a certain number of customers with a handset in their hand. This space is absolutely going to dwarf that," he says. "There are going to be a lot more connections and a lot more customers in the emerging device space than there are today in the current space of mobility."
The Secure POS Vendor Alliance (SPVA), a non-profit business organization founded by Hypercom, Ingenico and VeriFone has announced the release of its End-to-End Encryption Security Requirements related to payment card data in payment card reading devices. The paper is targeted to vendors of POS devices and is intended to help create "widespread understanding of payment security issues and the adoption of best practices."
"The SPVA's end-to-end security requirements guidelines set a baseline for the industry and represent the first step to further strengthen payment security standards globally," said T.K. Cheung, SPVA chairman and Hypercom vice president global quality & security. "We will be enhancing this guideline as the security environment evolves and will announce each update as it occurs."
Prepared by the association's End-to-End Encryption Technical Working Group, the newly released SPVA guideline allows companies to engage different solutions and select products that can be trusted and are secure. Key elements covered by the SPVA-approved standard include:
Data to be encrypted during transmission Key management Physical and logistical security of the Tamper-Resistant Security Module and key components Encryption monitoring and management systems requirements The SPVA defines end-to-end as: the transmission of cardholder data in an encrypted form, from its point of presentment, such that it prevents the data from being known in plain text until the point of decryption.
"SPVA does not endorse any specific vendor's solution, nor does it have any intention of supporting one solution over another," said Steven Hughes, SPVA president. "We recognize that end-to-end encryption requirements can be complex. Against this backdrop, our goal is to use existing published standards and provide an auditable set of requirements that creates a secure payment environment."
Since its launch in April 2009, SPVA has experienced rapid growth with prominent industry leaders joining, including Atos Worldline, Heartland Payment Systems, Chase Paymentech, Radiant Systems, Inc., Voltage Security and many others. All members are eligible to participate in SPVA's Technical Working Groups and contribute to future industry standard publications.
To download the association's End-to-End Encryption Security Requirements white paper and to learn more about the SPVA, visit http://www.spva.org.
Markets for cellular machine-to-machine (M2M) communication modules – the radio units providing wireless connectivity to a range of devices that communicate without human intervention – are expected to show strong growth in the coming years. According to new market data from ABI Research, shipments will total nearly 80 million modules in 2013.
“The latest cellular M2M module market data collated by ABI Research shows strong growth trends that are closely in line with our earlier forecasts,” says senior analyst Sam Lucero. “We see four applications that will be particularly fertile for M2M and should provide significant opportunities for vendors.”
OEM telematics. While encompassing a variety of services, OEM telematics today is driven by automatic emergency service applications such as GM’s widely deployed OnStar, as well as by in-dash navigation systems. “In the US, the competitive response to OnStar’s success is a major factor in promoting cellular M2M,” says Lucero. Most of the major car manufacturers are responding with their own telematics programs. This will be more evident in the 2009-2010 model years. Later, eCall, despite a shaky start, is expected to create strong demand in Europe. There are also OEMT telematics programs in the Asia-Pacfic region, particularly Japan and South Korea.
Advanced (or “smart”) metering. Rollouts of electricity and water meters that transmit their data automatically via powerline, wireless sensor networks, and cellular connections are powered by utilities’ desire for demand-response functionality, for energy-efficiency purposes as well as operational efficiencies. It is happening in all developed regions of the world.
Point-of-sale terminals including ATMs. The ongoing shift to cashless transactions sees POS applications going increasingly wireless. Lucero notes that, “Traditionally, merchants had to arrange their own connectivity. Now there is a global push to bundle cellular connectivity as an offering to merchants along with the POS terminal.” Major vendors VeriFone, Ingenico, and Hypercom are rolling out their own cellular connectivity services worldwide.
Home security and managed home automation. There’s a trend to add wireless as a backup or replacement option for traditional landline connectivity. Cellular service providers want to get into the (primarily North American/European) security and managed home automation markets.
ABI Research’s “M2M Market Forecasts” tracks the M2M market on the basis of wireless WAN embedded modules and product revenue, as well as wireless WAN active nodes and service revenue.
Giesecke & Devrient, Nokia NFC Application Management JV
Giesecke & Devrient and Nokia have announced an agreement to form a joint venture to provide services to the NFC ecosystem by enabling consumer applications, such as credit cards or transport tickets, to be securely and easily downloaded over-the-air to NFC enabled mobile devices.
Ultimately, M2M solutions are created for increasing the profits and competitiveness of a company through more efficient processes, better customer service or new ways of doing things. M2M is about connecting people, devices and systems. M2M is about letting your machines talk.
Wave is demonstrating the hardening of standard Department of Defense PKI systems. Using TPMs, Wave will demonstrate issuing a standard, medium assurance certificate (X.509 version 3 PKI class 3) which is commonly used for network and application authentication. The TPM will bind the certificate to the hardware platform, creating a more tamper resistant certificate. This is the first time that fully certified (FIPS 140-2 L2) TPMs will be shown in this security capacity. Wave is working with External Certificate Authorities (ECA) approved by the DoD C.I.O. to more broadly disseminate this solution.
"Working with TPM security chip enabled PCs, Wave's Embassy software technology can strongly authenticate both the PC and the user in a government or enterprise network," said Steven Sprague, president and CEO, Wave Systems. "Network administrators can benefit from better authentication capabilities by using available biometrics, smart cards, passwords or the TPM, all tailored to specific security needs."
Giesecke & Devrient and Wave Systems Announce Strategic Partnership
(PKI)
"G&D is a well-positioned and highly experienced partner in the migration towards EMV chip technology"
Security -Both G&D software components,the key administrator,and the key station interact with a hardware security module (HSM) certified in accordance with the latest security requirements of the Federal Information Processing Standards (FIPS) mandated by credit card payment organizations. The system supports symmetric and asymmetric keys generated using the proven algorithms triple DES, AES, and RSA.
Security Solutions Combining Smart Card and Trusted Computing Software Technologies to be demonstrated at the CardTech/SecurTech Annual Conference April 12-14, 2005 in Las Vegas
Munich, Germany and Lee, MA, USA April 12, 2005–Giesecke & Devrient (G&D) and Wave Systems Corp. have formed a strategic alliance to offer an enhanced security solution to address the trusted computing market. In the IT sector, high complexity and a wide spectrum of applications are boosting the demand for security solutions among private users and businesses alike. The challenge is to devise comprehensive solutions that can satisfy customers’ security needs. Increasingly, what are known as Trusted Platform Modules (TPM) are being incorporated into personal computers for a more trustworthy computing environment.
The TPM is a processor which is integrated into the PC motherboard as a separate chip. Use of smart card technology adds a further component to the security solution: The card serves as a key to the computer, preventing unauthorized access to system and data. Giesecke & Devrient (G&D) and Wave Systems have formed a strategic alliance to market a comprehensive security solution that integrates both components.
The G&D-Wave Systems collaboration will address the organizations’ joint development activities in the fields of smart card technology and trusted computing software. The aim is to leverage the combination of smart card technology and TPM associated software to offer clients in industry and government a comprehensive, flexible and easy-to-use security solution.
Both partners are members of the Trusted Computing Group (TCG), an organization founded in 2003 by leading enterprises in the IT sector to develop open standards for a new generation of secure hardware and software products in virtually all application areas. “Multifactor authentication enabled by systems with TPMs and with smart cards helps IT managers further secure systems and data in the enterprise,” said Brian Berger, TCG marketing work group chair. “The increasing availability and usage of systems with TPMs has enabled a number of security innovations that will help both IT and users.”
In a secure platform environment, the TPM’s task is to protect and generate secret keys, and store system configurations safely. The TPM also functions as a hardware-based security mechanism that prevents system changes caused by virus attacks. “The combination of trusted computing with smart card technology shows a lot of complementary advantages. As an integrated part of the motherboard, trusted platform modules provide an early integrity control from software and hardware as well as identity control of the entire PC system. The addition of chip card technology, e.g. as smart card or smart USB token, enables portable user identification to achieve a reliable and flexible security solution,” said Andreas Raeschmeier, Head of Business Development at Giesecke & Devrient. Using smart card technology ensures that only users who can authenticate themselves with a card or token, plus the associated PIN, can gain access to the computer or network. “Smart card technology is flexible and easy to use. Users only have
to enter a four-digit PIN instead of a 20-digit passphrase. Possession of the card and knowledge of the PIN provide maximum security, and are user-friendly as well,” said Andreas Raeschmeier, pointing out the advantages of smart card technology.
IT security departments have different security requirements, extending from protection of sensitive data and access control through hard disk encryption to management of hardware and software configuration. In all of these, the trusted platform module can provide valuable support. “Wave is pleased to be partnering with G&D, a leader in the smart card market, which has strong established relationships in enterprise and government markets in Europe and beyond,” said Steven Sprague, Wave System’s president and CEO. “We believe G&D’s technology leadership can help further the adoption of trusted computing solutions in these geographical and business markets.”
Wave’s EMBASSY Trust Suite (ETS) secure software capabilities being demonstrated with G&D at CardTech/SecurTech include security policy management, key archive and management, digital signature, file and folder encryption, secure email, secure wireless authentication and storage and automation of user names, passwords and personal information.
For more information on demonstrations at CardTech/SecurTech, please contact the sales organizations of either company.
About Giesecke & Devrient:
Giesecke & Devrient (G&D) is a technology leader in the field of smart cards, providing smart card based solutions for the areas of telecommunications, electronic payment, health care, ID, transportation, and IT security (PKI). G&D is also a leading producer of banknotes and security documents, and dominant in the field of currency automation. Based in Munich, Germany, the G&D Group operates subsidiaries and joint ventures around the world. In fiscal 2003, the group employed some 6800 people and generated revenue of €1.05 billion. For more information, please visit our Web site at http://www.gi-de.com.
Imagine not having to carry any of the things you would normally keep in a wallet - cash, cards, ID, receipts - because your phone performed all of those functions, even more securely. That's the vision chip designer ARM and NXP semiconductors are both promoting at MWC 2010.
For this vision to become reality, to main boxes have to be ticked: security and communication. If we're to be expected to make our phones even more central to our lives than they already are, we need to totally confident about the security of the information stored on it and the transactions we make with it. Also, we need to be able to do these things wirelessly.
ARM has recently announced a strategic partnership with Giesecke & Devrient - which literally has a license to print money - to create an ultra-secure protected area in its Cortex A chip designs called TrustZone. This is designed to provide the highest level of protection for data and communication that reside in the zone.
"This will bring click and PIN to everyone" said Rob Brown of ARM's secure solutions division, explaining that it will allow secure payments for lower value transactions to be completed by merely waving your phone near a contact point, like the Oyster system on the London underground.
"A new market is opening up consisting of consumers whose first meeting with banks will take place over a mobile phone and who may never own a plastic credit card. People who may never enter a bricks-and-mortar bank now have the opportunity to "walk" into a virtual bank using their phone."
Swedish giant Ericsson has become the latest company to throw its hat into the mobile money ring, launching a new business unit that will concentrate on person-to-person payments.
The firm says it plans to "take a driving role" in mobile P2P payments, in both the developed and emerging markets through Ericsson Money Services, which is being launched after two years of perpetration and proof of concept in Europe and Asia.
M-payments and person-to-person money transfers are expected to become some of the most-used mobile applications in many countries in the next two or three years, providing a multi-billion dollar opportunity for providers.
Ericsson says it has already developed an end-to-end system and associated business and operational model, fulfilling all necessary regulatory, legal and security requirements, in cooperation with its operator customers and financial sector players.
Through Ericsson Money Services and its Money Interconnect Service, mobile operators, financial institutions and other service providers, wishing to extend their offering with mobile money services, can easily be connected to a real-time, cross-border, cross-currency switching network, boasts the vendor.
Semir Mahjoub, head of Ericsson Money Services, says: "A new market is opening up consisting of consumers whose first meeting with banks will take place over a mobile phone and who may never own a plastic credit card. People who may never enter a bricks-and-mortar bank now have the opportunity to "walk" into a virtual bank using their phone."
Ericsson: 70% of the entire world subscribes to a mobile service
"future growth of the mobile industry is in machine-to-machine communications in such areas as smart metering, transportation tracking, digital signage, and connected appliances and mobile broadband cameras"
"the global mobile market contains over five billion subscribers, growing at a rate of 2 million per day"
Swedish telecommunications company Ericsson is responsible for all kinds of wireless equipment, from cell site infrastructure to consumer premises equipment to mobile broadband chips. So when they talk about the industry, it would behoove you to pay attention.
Today, Ericsson announced its estimate that the global mobile market contains over five billion subscribers, growing at a rate of 2 million per day.
This is an extremely significant estimation, because according to estimates by the United Nations and the U.S. census bureau, the entire human population of the earth is only about 6.8 billion.
If the market grew by 2 million additions per day and the population remained static, the entire world would become mobile subscribers in just 2 and a half years. Ten years ago, the company says there were only 720 million subscribers.
Today's estimate comprises all wireless subscribers, and Ericsson says that more than 500 million of these are 3G subscriptions. The company says mobile broadband is growing at a similar pace to wireless as a whole, and that it expects to reach 3.4 billion by 2015.
Of course, individual subscribers are only part of the picture. Ericsson says a key component to the future growth of the mobile industry is in machine-to-machine communications in such areas as smart metering, transportation tracking, digital signage, and connected appliances and mobile broadband cameras.
Public Key Infrastructure (PKI) isn’t just for enterprise applications – a Machine-to-Machine (M2M) authentication strategy based on PKI can form the backbone of a secure embedded system.
News 
Market Data 
Discover 
AI
