 |
|||||||
 |
 |
 |
 |
 |
 |
 |
 |
|
Technology MySecureID uses a strong 3-factor authentication process thus ensuring that personal and financial data is safe and secure from hackers and fraudsters. This authentication consists of the USB key, a PIN and the MySecureID datacenter. A further safeguard which is an integral part of the MySecureID solution is the data encryption/decryption process takes place entirely within the MySecureID USB , thus securing the transaction and eliminating any opportunities for hackers. SOFTWARE SOLUTIONS Currently, the only tools combating online fraud are software solutions. As the typical online merchant uses an average of 5 detection tools, MySecureID compliments rather than competes directly against other fraud detection tools. The only tool which might be considered as a direct competitor to MySecureID is the card association payer authentication services' 3D-Secure. However, after 5 years on the market this service has limited merchant participation. This is believed to be due to the complicated merchant implementation process, which the merchants cannot justify, based on the low consumer enrolment levels. 3D-Secure is therefore not considered to be major impediment to MySecureID. Further, 3D-Secure will be one of the many consumer applications offered by MySecureID Key. PUBLIC KEY INFRASTRUCTURE ('PKI') Public key encryption, also called asymmetric encryption, uses two mathematically related keys, a public key and a private key. This two keys work in tandem, with one used for encryption while the other one is used for decryption (which one is used for which purpose depends on whether the goal is confidentiality of the data or authentication of the sender). The public key is made known to everyone who wants to engage in encrypted communications with the owner of the key pair. The private key is never shared; it is known only to its owner. However, in order to authenticate the identity of the user, a certificate is required. A personal certificate for the specific transaction is downloaded from the root certificate which is usually stored on the network server. This downloading process creates a massive hole for hackers to exploit. MySecureID's encryption/decryption process takes place entirely within the MySecureID Key , thus securing the transaction and eliminating any opportunities for hackers. HARDWARE SOLUTIONS The hardware authentication device market includes both onetime password-generating tokens and USB authenticating tokens. The market is presently focused on enterprise solutions with limited presence at the consumer level. SINGLE-SIGN-ON AND OTHER CONSUMER APPLICATIONS MySecureID Key is marketed to the user as a multiple application device, including single-sign-on as well as other consumer applications, MySecureID Key will be offered to the user at minimal cost as a digital identity organizer. The patented encryption of MySecureID's key will protect the user's information from undesirable third parties while the portability of the USB authentication token, in the form of a key chain fob (token), allows the user secure and continuous access to the information. The ability to provide effective password management to users, who are inundated with user names and passwords, via a USB-based smartcard device is a considerable advantage over an OTP device or a non-smartcard USB authentication device. The additional consumer applications contained within the device further enhance the value to the user. TRANSACTION AUTHENTICATION The original introduction of the MySecureID Key is as a fraud detection tool. By incorporating the MySecureID Key into the checkout process, an easily accomplished process by the merchant via the toolkit provided by MySecureID, MySecureID represents a fast and easy process for gateways, processors and merchants to verify user identities. In addition, the checkout process can be simplified by allowing the consumer to checkout using the MySecureID Key, as the key auto completes checkout based on the secure account, shipping and other relative information stored inside. This facilitating feature will dramatically increase the order completion rate, as well as increasing consumer confidence levels. IMPLEMENTATION OF MySecureID The MySecureID payment processing method can be seamlessly integrated into the current electronic payment Infrastructure and requires minimal integration at the merchant level. MySecureID's process provides an additional transparent layer of security to existing transaction fraud prevention and transaction authentication. A key benefit of MysecureID is that merchants are never in possession of the user's credit card information. This significantly reduces the possibility of data being compromised within merchant data storage. During a MySecureID transaction, the MySecureID datacenter will provide the required credit card information directly to the merchant gateway. Moreover, as opposed to current fraud ranking software responses, MySecureID's authentication provides a 'Go - No Go' response thereby eliminating the need for manual review incorporated in the existing fraud management processes. MySecureID Key transmits the appropriate information using dynamic encryption and a unique authorization packet per transaction, encrypted by the MySecureID datacenter that can only be decrypted by the user's own MySecureID Key. The encrypted packets have a one-time life cycle, and are replaced at the end of the transaction with a new authorization encryption key. Even if packets were to be intercepted, any information would of no use to unauthorized parties. Moreover, the user PC used to complete the online transaction is solely a communications vehicle transferring data within the MySecureID infrastructure and no data is ever retained thereby eliminating a possible source of data vulnerability. |