Wednesday, February 22, 2012

Time for OTP

The age of the old id/password approach to security is long past its effectiveness. With the advent of smart-phones becoming payment mechanisms - effectively wallets - the need for better security mechanisms is growing. So we are seeing a revival of interest in one time password (OTP) security systems.

With Mobile phones, OTP could work in conjunction with Near Field Communication (NFC) which enables the phone to communicate with devices held a few centimeters. While NFC could be the enabler for the payments, it also could be the enabler for OTP by using mobile tags, which are able to generate instant encrypted passwords which are different for each usage and are based on a single root password. The generation of the passwords would be carried out in the loud and passed back to open the mobile for use. It would be transparent and simple. Some applications are coming out for this purpose, and it seems likely that they will become widely used for mobile devices in the near future. Here's a more complete description of the technology.

No comments: