CHANNELS

Subscribe to the InfoTech eNewsletter

infoTECH News

TMCNet:  NXT-ID's Dynamic Pairing Prevents Security Vulnerabilities Such as Heartbleed Security Leak

[April 14, 2014]

NXT-ID's Dynamic Pairing Prevents Security Vulnerabilities Such as Heartbleed Security Leak

(Marketwire Via Acquire Media NewsEdge) SHELTON, CT -- (Marketwired) -- 04/14/14 -- NXT-ID, Inc., (OTCQB: NXTD), a biometric authentication company focused on the growing mobile commerce market, announced today solutions to prevent issues such as the Heartbleed OpenSSL security leak using its patent pending Dynamic Pairing.

Gino Pereira, CEO of Nxt-ID said, "Dynamic Pairing is an important part of our MobileBio® product offerings including Wocket�. What sets us apart is that we not only authenticate who you are to access your private information, but we also protect it through sophisticated and novel encryption methods." OpenSSL, a widely used open-source encryption standard, recently became the source of one of the largest security flaws ever reported. A little more than half the Internet is secured with OpenSSL, not including all the various email, chat, and app services on various platforms. The security flaw takes advantage of what OpenSSL calls a "heartbeat," where data is exchanged between a device and a server. Under normal circumstances, a device can only request a specific amount of data from the service. However, a recent bug introduced into the OpenSSL codebase allowed more than the specific amount to be extracted, causing more information to be revealed to the device than the device should be authorized to receive.

NXT-ID's Dynamic Pairing has its own heartbeat method, but unlike other methods such as OpenSSL, each data request is dynamic and based upon a risk analysis algorithm that inherently validates authentication. Since, by its very nature, authentication under dynamic pairing changes with each access, unauthorized data can never be revealed to any device. Dynamic Pairing adds authentication and security that overcome traditional vulnerabilities of methods such SSL and TLS.

In the case of Heartbleed, a hacker is accessing data over what the server assumed to be, a secure channel. The hacker then uses that channel to continually probe the server for more and more data. With Dynamic Pairing, the authentication score determines the level of trust the server gives an incoming connection. When a server utilizes Pairing Codes which are encrypted with dynamic authentication scores, a server would not be susceptible to an attack like Heartbleed.

About NXT-ID Inc. -Mobile Security for a Mobile WorldNXT-ID, Inc.'s (OTCQB: NXTD) innovative MobileBio� solution mitigates consumer risks associated with mobile computing, m-commerce and smart OS-enabled devices. The company is focused on the growing m-commerce market, launching its innovative MobileBio� suite of biometric solutions that secure consumers' mobile platforms led by the Wocket�; a next generation smart wallet designed to replace all the cards in your wallet, no smart phone required. The Wocket works anywhere credit cards are accepted and only works with your biometric stamp of approval. http://www.thewocket.com/, http://www.wocketwallet.com/ NXT-ID's wholly owned subsidiary, 3D-ID LLC, is engaged in biometric identification has 22 licensed patents in the field of 3D facial recognition http://www.nxt-id.com/, http://3d-id.net/ Forward-Looking Statements for NXT-ID This press release contains forward-looking statements as defined within Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. Forward-looking statements reflect management's current expectations, as of the date of this press release, and involve certain risks and uncertainties. Forward-looking statements include statements herein with respect to the successful execution of the Company's business strategy. The Company's actual results could differ materially from those anticipated in these forward- looking statements as a result of various factors. Such risks and uncertainties include, among other things, our ability to establish and maintain the proprietary nature of our technology through the patent process, as well as our ability to possibly license from others patents and patent applications necessary to develop products; the availability of financing; the Company's ability to implement its long range business plan for various applications of its technology; the Company's ability to enter into agreements with any necessary marketing and/or distribution partners; the impact of competition, the obtaining and maintenance of any necessary regulatory clearances applicable to applications of the Company's technology; and management of growth and other risks and uncertainties that may be detailed from time to time in the Company's reports filed with the Securities and Exchange Contact: Corporate info: Investor Inquiries: Kirin Smith ProActive Capital Group Direct: 646 863 6519 Media: 800 665-0411 Source: NXT-ID

[ InfoTech Spotlight's Homepage ]


blog comments powered by Disqus

FOLLOW US

Subscribe to InfoTECH Spotlight eNews

InfoTECH Spotlight eNews delivers the latest news impacting technology in the IT industry each week. Sign up to receive FREE breaking news today!
FREE eNewsletter