Two-factor authentication solution for electronic-statements
By Digital News Asia February 6, 2014
- Strategic collaboration with Assurity aims at boosting security of electronic statements
- Uses Assurity's OneKey 2FA device to enable recipients to ‘unlock’ their e-statements
HONG Kong-headquartered Toppan Forms has teamed up with Assurity Trusted Solutions to launch what it said was Singapore's first two-factor authentication (2FA) solution for push electronic statements.
The solution will leverage Assurity's OneKey 2FA device to enable recipients to ‘unlock’ their e-statements securely and conveniently, Toppan Forms said in a statement.
“The conventional model requires end-users to log into their service provider's portal to view their e-statements. End-users may forget to do so since the e-statements are not sent directly to their designated email boxes, which may in turn lead to disputes between them and their service providers,” said Caroline Wong, general manager of sales and marketing at Toppan Forms.
“With our new solution, end-users receive the e-statements directly in their email boxes. They have to key in a One-Time Password (OTP) generated by their OneKey to unlock their e-statements. The act of unlocking using a 2FA device and OTP that are unique to them constitutes an acknowledgement of receipt,” she added.
Amid the global rising trend of identity theft and online fraud, and in the wake of the recent hacking incidents in Singapore, relying on passwords alone is not secure enough, Toppan Forms said.
Toppan Forms' use of OneKey will help “enhance the security of push e-statements,” said Assurity chief operating officer Chai Chin Loon.
“Toppan Forms' new solution is innovative as it is the first 2FA-enabled solution for push e-statements in Singapore.
“Currently, e-statements that are sent to the recipient's designated email box are accessible either without a password or with a static password. If the recipient's email account is hacked, the e-statements' passwords (if any) can be easily hacked, and the recipient's personal and financial information stolen.
“In contrast to static passwords, OTPs are not vulnerable to replay attacks. Even if the cyber intruder manages to record an OTP that was already used to log into the recipient's e-statement, he or she would not be able to abuse it since it will no longer be valid,” Chai added.
The solution can be used by existing service providers which have subscribed to the nationwide 2FA system and whose customers are currently using OneKey, and also by public and private sector companies looking for a secure, 2FA-enabled solution for their e-statements, Toppan Forms said.
Established in Singapore since 1972, Toppan Forms (S) Pte Ltd specialises in business forms printing. Meanwhile, Assurity Trusted Solutions Pte Ltd is a wholly-owned subsidiary of the Infocomm Development Authority of Singapore (IDA).
Adaptive identities coming to forefront of security: RSA
Singapore PM’s website not hacked, but exploited: Trend Micro
Fortinet advocates two-factor authentication as breaches escalate
The end of passwords, and other IT predictions
For more technology news and the latest updates, follow us on Twitter, LinkedIn or Like us on Facebook.