Gemalto - Experts & Thought Leaders

Fingerprint Cards AB has been deeply involved in the development of the new generation of Thales Gemalto biometric payment card, which is ready for global volume mass deployment. The new Thales solution, which features Fingerprints’ T-Shape sensor (T2) and biometric payment software platform, offers users advanced transaction speed, improved power efficiency, and enhanced security.  Fingerprints’ FPC1300-series Growth of the fourth-generation card is a vital juncture for the deployment of biometric payment cards The T2 sensor module, part of Fingerprints’ FPC1300-series, of which it has shipped more than one million units, enables cost-effective production of biometric payment cards. Thanks to dual-row packaging, the biometric sensor has been tailored to allow easy integration using standard automated manufacturing processes. This ensures reduced waste, optimizes production capacity and throughput and lowers related manufacturing costs.  The new card also comes with enhanced security features, including encryption, which adds additional privacy layers to the storage and communication of biometric data. The development of the fourth-generation card is an important milestone for the deployment of biometric payment cards at scale. Biometric payment card As innovation continues to lower market barriers, and consumers make their preferences clear, interest from banks in the biometric payment card continues to grow. Banks that seize the opportunity can leapfrog the competition and enhance customer acquisition, brand reputation, and fraud reduction. Visit Fingerprints’ payment solutions and Thales’ dedicated biometric payment card page to learn more about the technology that is unlocking the next generation of contactless.

GlobalPlatform has hailed its 20th year as a strategic milestone in its mission to create collaborative and open ecosystems in which stakeholders can efficiently deliver innovative digital services, while providing greater security, privacy, simplicity and convenience for users. Kevin Gillick, Executive Director of GlobalPlatform, comments: “Twenty years ago, we set out to create an environment for experts to develop the foundations for innovative digital services and devices. Billions of GlobalPlatform-compliant Secure Elements and Trusted Execution Environments are deployed around the world, protecting devices, data and services for identity, payments, telecoms, and transportation and we are now extending this experience with a comprehensive approach to IoT device security. It is fitting that our anniversary year should be pivotal for the organization and wider industry.” Addressing the needs of the IoT ecosystem The organization also appointed a Strategic Director to accelerate the association’s work on IoT security Building on GlobalPlatform’s previous work to secure the internet of things (IoT), the organization launched IoTopia in October 2019. It proposes a common framework for standardizing the design, certification, deployment and management of IoT devices. IoTopia device security will be testable and meet vertical and geographical market requirements by building upon four foundational pillars: Security by Design; Device Intent; Autonomous, Scalable, Secure Device Onboarding (SDO); and Device Lifecycle Management. The organization also appointed a Strategic Director to accelerate the association’s work on IoT security. Chris Steck, Head of Standardization, IoT & Industries at Cisco, is providing strategic guidance to the Board of Directors on GlobalPlatform’s IoT initiatives, the security requirements of cloud and edge devices and the use of GlobalPlatform technologies to bring trust to the IoT ecosystem. Security Evaluation Standard for IoT Platforms The GlobalPlatform Board has also been monitoring the rapid growth of the secure microcontroller unit (MCU) market. With IoT device manufacturers looking for ever greater security and a range of secure component choices, GlobalPlatform has taken the decision to begin standardization work to support the integration of greater security within IoT MCUs. GlobalPlatform will also support the IoT device security certification ecosystem with the adoption of the Security Evaluation Standard for IoT Platforms (SESIP) methodology. The objective is to build consistency across IoT certification schemes (regional or vertical) to facilitate product evaluation and certificate recognition. The organization will share further updates on these activities later this year. 2020 Board of Directors GlobalPlatform has announced its Board of Directors for fiscal year 2020. Five seats were open and after member voting, the following candidates have each been re-elected to serve a two-year term on the GlobalPlatform Board: Rob Coombs – Arm Stéphanie El Rhomri – FIME Rémi de Fouchier – Gemalto, a Thales company Sebastian Hans – Oracle Olivier Van Nieuwenhuyze – STMicroelectronics Secure, scalable and interoperable way Nils Gerhardt of G+D Mobile Security will continue as Chairman of the Board. Rob Coombs retains his position as Vice Chairman and Stéphanie El Rhomri will continue in her role as Treasurer and Secretary. “Through the expertise and collaboration of our members, board and strategic director, our work will enable the IoT ecosystem to evolve with trust and security at its core and assure that users can manage risk in-line with their needs” adds Kevin. “Our successes wouldn’t be possible without the commitment, vision and expertise of our membership. For 20 years we have solved technical and business challenges to ensure technologies deliver value in a secure, scalable and interoperable way.”

DigiCert Inc., the global provider of scalable PKI solutions for identity and encryption, Gemalto, a global provider in digital security, and ISARA Corp., the provider of quantum-safe security solutions, announced a partnership to develop advanced quantum-safe digital certificates and secure key management for connected devices commonly referred to as the Internet of Things (IoT). “DigiCert, Gemalto and ISARA are collaborating today to solve tomorrow’s problem of defending connected devices and their networks against the new security threats that the implementation of quantum computers will unleash,” says Deepika Chauhan, Executive VP of Emerging Markets at DigiCert. “The work we’re doing now will ensure that the connected systems that serve as the brains of automobiles, industrial control systems, medical devices, nuclear power plants and other critical infrastructure are safe from those threats in five, 10 and 20 years.” ISARA recognizes DigiCert’s track record in advancing many of the certificate innovations in use Secure Key Storage And Management The partnership provides significant advantages for enterprise security teams looking to secure connected devices with lengthy product lifetimes to avoid expensive security retrofitting as quantum computing becomes more prevalent. Organizations can deploy these solutions at any scale, given that DigiCert is already capable of issuing and reliably hosting billions of digital certificates for public trust and private PKI systems. The work of DigiCert with ISARA and Gemalto will enable quantum-resistant certificates with the full capability of hosted, on-premise and hybrid deployment options. DigiCert already works with many companies and consortiums using PKI to authenticate, encrypt and provide integrity for their connected devices. ISARA recognizes DigiCert’s track record in advancing many of the certificate innovations in use, as well as its robust certificate management capabilities, and in operating the industry’s most ubiquitous, trusted roots. Gemalto offers secure key storage and management via its SafeNet Hardware Security Modules (HSMs) that integrate with DigiCert APIs to enable large-scale, automated credential issuing for connected devices via an internet-enabled gateway to distribute identity over the cloud. Certificates obtained through this partnership will be enabled with quantum-safe cryptography ahead of any breakthroughs that could eventually lead to quantum computing threatening connected device security. Quantum-Safe Cryptography Gemalto’s SafeNet Hardware Security Modules act as the root of trust to secure the most sensitive data and applications" “Experts estimate that the dawn of large-scale quantum computing will arrive in the next eight to 10 years, bringing with it the moment when all current public key cryptography can no longer be trusted,” says Scott Totzke, CEO & Co-founder at ISARA. “The work we’re doing today ensures that a fundamental element of the security stack, root certificates, is secure by embedding quantum-safe cryptography. This means that IoT manufacturers and other large organizations will have the solutions and tools they need to prepare for the quantum threat well in advance of that date, keeping confidential information and high-value assets safe.” “Gemalto’s SafeNet Hardware Security Modules act as the root of trust to secure the most sensitive data and applications and protect billions of the digital transactions every day around the world,” said Todd Moore, Senior Vice President for Encryption Products at Gemalto. “This partnership with DigiCert and ISARA will help organizations build secure and future-proof cryptographic operations that can guard against the potential security threats of quantum computing and ensure a more secure world for connected automobiles, devices, machines, smart cities and mission-critical infrastructure.” Quantum Computing Security Many IoT devices rely on RSA and ECC cryptography to protect the confidentiality, integrity and authenticity of electronic communications. However, NIST and others in the security community predict that within a decade, large-scale quantum computing will break RSA and ECC public key cryptography. DigiCert, Gemalto and ISARA recognize that crypto-agility becomes paramount for manufacturers of connected devices that will be in use a decade or more from now. Efforts to address quantum computing security will support connected device manufacturers and users well into the future To advance the use of reliable quantum-proof certificates, DigiCert, Gemalto and ISARA are collaborating with industry standards bodies that also are pursuing the advancement of post-quantum cryptography such as the Internet Engineering Task Force (IETF). Efforts to address quantum computing security will support connected device manufacturers and users well into the future.  Sustainable Security Management Consider the automobile industry, which is producing more vehicles with semi- and fully-autonomous driving capabilities. A car should last for 20 years or more, and manufacturers will need to ensure that the IoT devices they install will be secure and continue to function even if there is a breakage in the RSA algorithms that would render digital certificates ineffective. “The automotive industry is very focused on long-term and sustainable security management that covers the lifecycle of our vehicles," said SAE Hardware Security Sub-Committee Chair Bill Mazzara. “Crypto agility is one of the key areas we consider and that includes quantum-resistant technology.”

Thousands of security professionals gathered Nov. 14-15 at the Javits Center in New York City to explore new products, solutions and technologies, network with security luminaries and obtain high-quality industry education. ISC East, sponsored by the Security Industry Association (SIA), is the Northeast’s largest security industry event; more than 7,000 security professionals attended or exhibited at this year’s conference. Following day 1 of ISC East, SIA gathered industry luminaries and experts for SIA Honors Night, an annual event featuring a cocktail reception, a gala dinner benefiting Mission 500, engaging entertainment and an awards ceremony recognizing industry leaders. Sold-Out Event SIA Honors Night 2018 was a sold-out event held at the Current at Chelsea Piers. The awards presented at SIA Honors Night 2018 were: SIA Progress Award (presented by SIA’s Women in Security Forum) – Eddie Reynolds, president and CEO, iluminar Inc. Women in Biometrics Awards (co-founded by SIA and SecureIDNews and co-presented with sponsors FindBiometrics, IDEMIA and SIA’s Women in Security Forum) – Kelly Gallagher, senior account manager at NEC Corporation of America; Lisa MacDonald, director of the Identity Management Division in the Office of Biometric identity Management at the U.S. Department of Homeland Security; Colleen Manaher, executive director of U.S. Customs and Border Protection; Lora Sims, senior biometric examiner at Ideal Innovations, Inc.; and Anne Wang, director of biometric technology research and development at Gemalto Cogent SIA Insightful Practitioner Award – Guy M. Grace, Jr., chair of the Partner Alliance for Safer Schools Steering Committee and director of security and emergency planning for Littleton Public Schools in the Denver suburb of Littleton, Colorado Jay Hauhn Excellence in Partnerships Award – Larry Folsom, co-founder and president, I-View Now George R. Lippert Memorial Award – Pat Comunale, retired security industry veteran, former member of the SIA Board of Directors and former CEO and president for Tri-Ed Distribution, an Anixter company Standout Keynotes SIA Honors Night also highlighted Mission 500, a charity that advocates for children and families living in extreme poverty in the United States Honors Night guests enjoyed keynote remarks from Bonnie St. John, a Paralympic ski medalist, Fortune 500 business consultant, Rhodes scholar, former White House official and best-selling author. St. John discussed her journey to become the first African-American ever to win medals in Winter Olympic competition despite having her right leg amputated at age five and shared her top lessons from mentors and her advice for cultivating resilience. SIA Honors Night also highlighted Mission 500, a charity that advocates for children and families living in extreme poverty in the United States; each year, SIA Honors Night raises funds for Mission 500. SIA presented 26 engaging education sessions through the SIA Education @ ISC East program, including two standout keynotes and four hands-on workshops. Hundreds of conference attendees participated in these sessions, with impressive speakers like Valerie Thomas, ethical hacker and executive consultant at Securicon; Pierre Bourgeix, president at ESI Convergent; Scott Swann, president and CEO of IDEMIA National Security Solutions; and Jumbi Edulbehram, regional president – Americas, Oncam. SIA sponsored Infosecurity North America’s Keynote Stage, the central hub of the event Confronting Emerging Threats Highlighted education sessions at this year’s conference included: Friend or Foe? Technology Disruption and the Physical Security Industry, a keynote address by Philip Halpin, senior vice president and head of global security at Brown Brothers Harriman, one of the country’s oldest and largest privately held financial firms 21st Century Best Practices: Reporting From the Front Lines on How Law Enforcement and the Security Industry Are Confronting Emerging Threats, a keynote address by James A. Gagliano, a retired FBI supervisory special agent, CNN law enforcement analyst and adjunct assistant professor at St. John’s University Cybersecurity Professionals ISC East 2018 was co-located with two additional conferences – Infosecurity North America and Unmanned Security Expo Additional cutting-edge topics covered in the education sessions included the move to smart cities, convergence in the security industry and the use of artificial intelligence in video analytics. ISC East 2018 was co-located with two additional conferences – Infosecurity North America and Unmanned Security Expo. SIA sponsored Infosecurity North America’s Keynote Stage, the central hub of the event, which featured a presentation from world-famous hacker Kevin Mitnick, insights from Dave Hogue of the National Security Agency’s Cybersecurity Threat Operations Center, a discussion on the cyber skills shortage gap and ways to attract, develop and retain talented cybersecurity professionals and more. Handle Sensitive Data Additional events at ISC East 2018 included: A breakfast presented by ISC Security Events and SIA’s Women in Security Forum featuring a panel discussion celebrating women in security and supporting the participation and advancement of women in the industry Paid hands-on workshops providing cutting-edge information and valuable insights on the most current business trends, technologies and new developments in security Free exhibitor product training sessions sharing live, in-depth demonstrations A meeting with SIA’s Data Privacy Advisory Board, which provides information and best practices to help SIA members handle sensitive data in a safe and secure manner to protect the personally identifiable information of their employees, partners and customers from potential breaches