ACCESSWIRE
14 Aug 2019, 01:01 GMT+10
MIDDLETOWN, DE / ACCESSWIRE / August 13, 2019 / Phishing attacks are increasing in volume and severity. The most common form of phishing is tricking you to visit and log into fake websites, where hackers then steal your password. As both hackers and their methods are becoming more sophisticated, it also becomes increasingly difficult to distinguish between real and fake websites.
Enter a new-gen security key, the MIRkey.
Google recently told Business Insider that they "have had no reported or confirmed account takeovers since implementing security keys at Google". This means that since approximately 2017, none of Google's 85 000+ employees was successfully phished on their work-related accounts. And, according to a Google spokesperson: "Security keys now form the basis of all account access at Google". This is impressive for a company the size of Google and was all as a result of using a physical security key.
Security keys are a superior alternative to two-factor authentication (2FA) OTP codes. The problem with OTP codes is that the code is entered on the phishing website along with the user's password - allowing account takeover when the hacker uses the correct credentials with the OTP on the actual website.
In contrast to OTP codes, the MIRkey security key performs an authentication protocol known as FIDO2, allowing users to complete the login process by simply inserting the device and pressing a button to indicate user presence. Your security key is registered with an account such as Gmail, Coinbase, or Dropbox with the aid of public key cryptography. What this ultimately means is that even if you inadvertently end up on a phishing site the hacker wouldn't be able to take over the account without physical access to your security key that contains a private key for the account.
Most modern browsers now support the authentication specification known as WebAuthn where you don't need any special software or drivers to be able to use the key. This eases rollout across the whole enterprise and enables strong multi-factor authentication with most known account services such as Google, Coinbase, Facebook, GitHub, Amazon, SalesForce, LastPass etc.; and password-less login with Microsoft Hello for business accounts.
Besides securing cryptocurrency exchange logins such as Coinbase, as a hardware wallet the MIRkey allows you to store, send, and receive digital currency such as Bitcoin. If you purchase or trade cryptocurrencies, it is crucial to make sure the coin's private keys are secure. The MIRkey integrates with popular software like Electrum to allow you to easily send and receive currency while still keeping the private key safe on the MIRkey - even if your computer is compromised.
The MIRkey is also a general purpose PKCS#11 compliant Hardware Security Module (HSM) and therefore works out of the box with existing software like Adobe Reader DC (for document signing and encryption), VPN clients (that is, OpenVPN), OpenSSH, Thunderbird (signing and encrypting emails), Firefox, Disk volume encryption (VeraCrypt) and any application that uses the PKCS#11 API.
A software development kit allows the integration of custom applications with the MIRkey to help secure production lines, protect IoT server keys, sign software activations and assists with general key management. These keys are stored encrypted with master keys in tamper-proof silicon that can only be unlocked with the user password. Its hardware and operating system-free nature, safeguards your keys from being stolen or copied without your knowledge. This protects your keys from ransomware as well as malware and viruses. Cryptographic operations are performed on the MIRkey itself - therefore, the keys never leave the secure module. This prevents access to the keys even when a system is compromised.
About ellipticSecure (ellipticsecure.com)
ellipticSecure specializes in Cybersecurity products like PKCS#11 Hardware Security Modules, Hardware Security Keys, Bitcoin wallets and Hardware-as-a-Service services. Safe, secure key management for both enterprise and individual use.
SOURCE: ellipticSecure
Get a daily dose of Los Angeles Herald news through our daily email, its complimentary and keeps you fully up to date with world and business news as well.
Publish news of your business, community or sports group, personnel appointments, major event and more by submitting a news release to Los Angeles Herald.
More InformationLONDON - Prime Minister Boris Johnson's Conservative Party will win an overwhelming victory in Britain's election with a majority of ...
BETHLEHEM, Palestinian territories - Israel announced Thursday that Christians in the Gaza Strip will be barred from visiting Holy cities ...
NIAMEY, Niger - At least 71 soldiers were killed and twelve others sustained injuries in a deadly terror attack that ...
BAGHDAD, Iraq - As protests in Iraq enter their third month, the numbers of arrests, abductions, and killings of protesters ...
SYDNEY, Australia - Two Australian schoolboys severely injured in the White Island volcano eruption in New Zealand on Monday have ...
WASHINGTON, DC - An executive order issued by President Donald Trump interpreting members of the Jewish religion as part of ...
This holiday season, Americans will buy some 20 million turkeys and 300 million pounds of ham.Some of these turkeys and ...
The news was recently filled with stories about Trump's praise for Conan, the Belgian Malinois used to hunt Islamic State ...
WASHINGTON - The Pentagon on Thursday flight-tested a missile that had been banned under a treaty that the United States ...
You've likely heard about direct-to-consumer DNA testing kits. In the past few years, at-home genetic testing has been featured in ...
It seems like every time we switch on the idiot box we are confronted with news footage of another disaster. ...
California [USA], Dec 12 (ANI): You can now bring the world of Star Wars right into your chats on Facebook ...