|
 |
VIRTUAL PRIVATE SECURE INTERNET (VPSI) TECHNOLOGY is a next generation internet technology that sits on top of the existing internet infrastructure and creates an end-to-end, on demand (virtual), PRIVATE SECURE INTERNET between an enterprise and its customers. Based on the REL-ID Mutual Authentication & Encryption Protocol (RMAP), VPSI protects a bank and its customers against all types of attacks. Since its launch 2 years ago, we now have 5 public sector banks in India (State Bank of India, Bank of India and Canara bank to name a few) as our customers, and several pilots in APAC and Middle East are currently underway. We already have more than 200,000 end-users enrolled in this technology as of now (and counting). Read More |
|
| |
RELATIVE IDENTITY (REL-ID) Most security technologies (unfortunately) focus more on encryption and ways to generate complex keys to cipher the communication between two parties, instead of solving the problem of identification and authentication, which are central to any interaction. What good is a strong encryption when one doesn’t even know with whom one is exchanging protected, sensitive, and confidential data / resources?
Authentication necessarily has to be mutual and it MUST precede encryption. A mutually-authenticated, secure connection between two end-points has to be established before initiating any data transfer between them. Hence, we present a new identity framework – RELATIVE IDENTITY, which uses the ‘relationship’ between two entities to address and eliminate most of the fundamental problems of current identity technologies. Read More |
|
|
-
Server side Digital Certificates (hence SSL/HTTPS) cannot prevent phishing attacks as the end-user does not know what to and how to check the digital certificate (digital certificates are verified by the browsers and not authenticated)
-
OTP Hardware Tokens cannot prevent MITM, MITB, MOTM attacks, further they have to be rolled out every 4-5 years due to battery life
-
2-Way SSL (client side digital certificates) is extremely costly to deploy and maintain, and further, even this cannot prevent MITM attacks
-
The fundamental problem is with the current internet infrastructure. It is currently being used for something that it was NEVER designed for in the first place – secure and private communications! It was meant to be an open, public network to facilitate sharing and free exchange of data / resources.
-
So no amount of “patch up” will effective solve the security problem
|
|
-
Just like media moved from generalization to specialization (from public to private) e.g. TV channels, Radio stations - Internet as a communication channel needs to evolve too - from one large public unsecure network, to specialized dynamic virtual private internets (layered on top of the underlying communication framework)
-
Browsers (web-application entry points) would become specialized and one would see Banking Browser, Gaming Browser, News Browser, etc, with secure desktop and mobile APPS leading the way
-
The PC would have the technology to dynamically (on demand) become an specialized secure & private appliance creating a private shell for the applications to run
-
Mutual (Identities) Authentication based encrypted tunnel would be de facto standard in identity framework (identity and encryption will merge)
|
|
