Differences between Hash functions, Symmetric & Asymmetric Algorithms

Cryptographic algorithms can be categorized into three classes: Hash functions, Symmetric and Asymmetric algorithms. This article sheds light on their differences, purpose and main fields of application.

Read more

Digital Identity - How Social Media Is Changing How We Authenticate Our Identity

Throughout the last decade, social media has played a vital part in our lives and has significantly shaped the younger generations. Read more

Using 3D-Secure and Device Fingerprints for EMV Payments Against CNP Fraud

Credit cardholders are generally protected from liability if unauthorized transactions are made with their credit cards because of consumer protection laws and card policies. This leaves merchants and financial institutions on the hook for losses related to credit card fraud. According to an October 2016 Nilson Report, card issuers were burdened with 72 percent of fraudulent losses in 2015 while merchants were left with 28 percent of the losses.

Read more

HTTPS Encryption and Attacks on Authentication in Remote Banking Services - a Russian Perspective

Read the Russian Version Шифрование HTTPS

This article discusses the secure HTTPS Protocol intended for web-resources and its principles of operation as well as its strengths and weaknesses. It explains how attacks on HTTPS may lead to traffic being decrypted, particularly in systems for remote banking services and personal logins to web-resources.

Read more

Is non-repudiation really non-repudiable with digital signatures?

What does non-repudiation mean? Repudiation means to reject or deny the validity of something. Non-repudiation is a legal concept that is widely used in information security. It refers to any service, which provides proof of the origin of data and the integrity of the data. In other words, non-repudiation makes it very difficult to successfully deny who/where a message came from as well as the authenticity of that message.

Read more

W3C's suggestion for a Web Cryptography API

The World Wide Web Consortium or W3C as it is commonly known was founded in 1994 by the original architect of the World Wide Web, Tim Berners-Lee. It is a consortium of international companies that are involved with the Web and the Internet.

Read more

The future of eIDAS in Britain

Markets hate uncertainty and the confusion regarding issues related to Britain’s exit from the European Union have roiled equity and currency markets. But it’s not just the financial markets which are affected- companies which rely upon EU regulations in order to conduct their day to day business are also reeling from this uncertainty.

Read more

Digital authentication - factors, mechanisms and schemes

Indiana University defines authentication as "the process of determining whether someone or something is who or what it is declared to be." Similarly, digital authentication is about having suitably secure mechanisms in place to be able to confirm whether an individual or online user is who they say they are.

Read more

US Court Rejects DocuSign E-Signatures as method to provide Digital Authorization

An interesting case rose in the state of California this year regarding a bankruptcy lawyer who utilized DocuSign for many official legal documents. 

Read more