SecurEnvoy: Secure your network communications against the secret services
Date: Jul 21, 2014
Guest post: SecurEnvoy.
The political relationship between Germany and the USA is in a crisis. Just recently the media reported on a BND employee who is said to have been working as a double agent for the CIA. The Federal Republic drew their own conclusions and called on the top CIA official, until now based in the Berlin embassy, to leave Germany.
It is said that the USA had no other choice than to spy on the Federal Republic of Germany because close contacts existed with Russia and Iran. But it’s not just the politicians –German individuals and companies are also being spied on. However, there is a way to shut out the spy: with tokenless two-factor authentication only from SecurEnvoy.
With some authentication solutions, the codes that users must enter in addition to their user data to prove their identity are generated in advance by the manufacturer. However, this procedure carries risks because the code created earlier can be tapped, or reconstructed by criminals and misused for illegal activities.
In addition, manufacturers save copies of the codes on their servers. Those who manage to hack the server can use it to gain further access. In some countries it is also permissible for the manufacturers to pass on copies of the code to government authorities without having to inform their customers.
SecurEnvoy takes a different approach with the patented tokenless method. By dividing the seed records, an algorithm to generate the passcode, no information is stored by SecurEnvoy at any time. The developer knows neither the created seed records nor the passcode. The codes can therefore not be reproduced in this way.
The creation is carried out as follows: A portion of the record is locally generated at the client server, and the second part is made up of properties of the terminal; comprising information on the SIM card, the CPU, etc. Each time the user requests a passcode, the terminal device decrypts the first part of the seed record and passes on the second portion accordingly.