News

Pin+ offers matrix encryption

Cliff Saran

Security firm PinPlus has developed a one-time password system with 2.1 billion combinations.

The so-called pin+ system utilises the power of matrix-pattern authentication (MPA) to generate one-time codes without hardware tokens or card readers.

Jonathan Craymer, managing director of PinPlus, said, "Pin+'s patent-pending system ensures "correct" codes can only be used once, while many other systems allow you to use codes again, leaving them susceptible to so-called replay attacks."

Steve Hope of pin+ partner Winfrasoft says, "We're offering improved resistance to reverse engineering as PinPlus's restriction of its standard character-set (using only the numbers one to six on a six-by-six matrix) increases repetition of characters on the matrix (each one appears six times) meaning an attacker would have to capture and analyse four to six successful logins to reverse a pattern, compared to just two or three for some other systems."

With the recent discovery of a flaw in RSA authentication, users are being urged to consider alternatives.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy