Welcome!

News Feed Item

New Strong Authentication Specifications Dedicated to Payment and Access to Services, across All Channels, Released by Natural Security Alliance

The Natural Security Alliance has released the newest specifications for its world first strong authentication standard.

The standard defines a strong authentication method, for payment and access to services, across all channels (e.g. home, store, branch), without compromising security or privacy. This authentication method combines local biometric verification, a personal device and wireless technology, and can be implemented into various form factors, including a smartcard, micro-SD Card, mobile phone, secure element and token.

The latest specifications are the result of a working group of key retailers, banks, vendors and payment specialists involved in Natural Security Alliance since 2008 and represent 180 man-years of development.

The newly released core specifications define the architecture and the different components required to enable a transaction based on a wireless acceptance device (WAD) used by an acceptance user (e.g. a retailer) and a wireless personal device (WPD) used by an individual user.

Previous specifications have been successfully tested in a 6-month consumer pilot carried out in France, which gave more than 900 customers the opportunity to test the first implementation of the Natural Security standard for proximity payments. The trial clearly showed that the public both accepted and adopted this biometric authentication method for proximity payments – with 94% of participants saying they were ready to use this means of payment for all purchases in superstores and smaller shops.

This standard is based on a unique combination of wireless technology, local biometric verification and personal device:

  • a personal device stores applications and data used to authenticate the user, resolving problems related to privacy and avoiding the use of biometric databases. The standard can be implemented into various form factors, including smartcard, micro-SD Card, Mobile Phone Secure Element and token.
  • wireless communication technology (current IEEE 802.15.4 and Bluetooth Low Energy planned) spares users the need to physically handle this device.
  • biometrics replaces or complements PINs so a transaction can only take place when both the user and the device are present.

This standard defines the architecture and the different components required to enable a transaction based on a wireless acceptance device (WAD) used by an acceptance user (e.g. a merchant) and a wireless personal device (WPD) used by an individual user. The Natural Security standard defines the following core specifications:

  • The Natural Security General Description [CORE1 / V 2.3] provides an introduction and a general overview of the Natural Security technology. It also describes services that can be provided by the Natural Security technology.
  • The Wireless Personal Device (WPD) [CORE2 / V 2.4] specification describes the device used by the Individual User (e.g. a customer) to execute a WPD session. This document also describes the Personal Access Provider architecture, which is the Natural Security core application residing in any WPD.
  • The Wireless Acceptance Device (WAD) [CORE3/ V 2.4] specification describes the device used by the Acceptance User (e.g. a merchant) to execute a WPD session. This document also describes the transaction flow of a WPD session.
  • The Wireless Personal Area Network (WPAN) [CORE4/ V 3.02] specification describes a mid-range wireless communication protocol used to connect the WPD with the WAD. This protocol based on WPAN is defined by Natural Security.
  • The Wireless Biometric Intelligent Reader (WBIR) Protocol [CORE5 / v2-43] specification provides the functional description of a device integrating the main Natural Security components, thus simplifying the integration of the Natural Security solution in existing systems. This document also describes the protocol messages to be used by a “Controlling-Device”, such as a POS or a PC, to control a WBIR.

About Natural Security Alliance

The Natural Security Alliance is a global community of preeminent companies dedicated to accelerating the adoption and ongoing development of Natural Security Technology based solutions. The Natural Security Alliance is comprised of some of the most influential companies in world from the retail, banking, payment provider, and IT Communities. All Alliance members share a strategic commitment to delivering mission-critical authentication and payment solutions based on secure element, wireless and biometric technology. Visit www.naturalsecurityalliance.org for more information.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
Learn how to solve the problem of keeping files in sync between multiple Docker containers. In his session at 16th Cloud Expo, Aaron Brongersma, Senior Infrastructure Engineer at Modulus, discussed using rsync, GlusterFS, EBS and Bit Torrent Sync. He broke down the tools that are needed to help create a seamless user experience. In the end, can we have an environment where we can easily move Docker containers, servers, and volumes without impacting our applications? He shared his results so yo...
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, discussed how AI can simplify cloud operations. He covered the following topics: why cloud mana...
FinTechs use the cloud to operate at the speed and scale of digital financial activity, but are often hindered by the complexity of managing security and compliance in the cloud. In his session at 20th Cloud Expo, Sesh Murthy, co-founder and CTO of Cloud Raxak, showed how proactive and automated cloud security enables FinTechs to leverage the cloud to achieve their business goals. Through business-driven cloud security, FinTechs can speed time-to-market, diminish risk and costs, maintain continu...
Creating replica copies to tolerate a certain number of failures is easy, but very expensive at cloud-scale. Conventional RAID has lower overhead, but it is limited in the number of failures it can tolerate. And the management is like herding cats (overseeing capacity, rebuilds, migrations, and degraded performance). In his general session at 18th Cloud Expo, Scott Cleland, Senior Director of Product Marketing for the HGST Cloud Infrastructure Business Unit, discussed how a new approach is neces...
"This week we're really focusing on scalability, asset preservation and how do you back up to the cloud and in the cloud with object storage, which is really a new way of attacking dealing with your file, your blocked data, where you put it and how you access it," stated Jeff Greenwald, Senior Director of Market Development at HGST, in this SYS-CON.tv interview at 18th Cloud Expo, held June 7-9, 2016, at the Javits Center in New York City, NY.
Docker containers have brought great opportunities to shorten the deployment process through continuous integration and the delivery of applications and microservices. This applies equally to enterprise data centers as well as the cloud. In his session at 20th Cloud Expo, Jari Kolehmainen, founder and CTO of Kontena, discussed solutions and benefits of a deeply integrated deployment pipeline using technologies such as container management platforms, Docker containers, and the drone.io Cl tool. H...
Everything run by electricity will eventually be connected to the Internet. Get ahead of the Internet of Things revolution. In his session at @ThingsExpo, Akvelon expert and IoT industry leader Sergey Grebnov provided an educational dive into the world of managing your home, workplace and all the devices they contain with the power of machine-based AI and intelligent Bot services for a completely streamlined experience.
Kubernetes is a new and revolutionary open-sourced system for managing containers across multiple hosts in a cluster. Ansible is a simple IT automation tool for just about any requirement for reproducible environments. In his session at @DevOpsSummit at 18th Cloud Expo, Patrick Galbraith, a principal engineer at HPE, discussed how to build a fully functional Kubernetes cluster on a number of virtual machines or bare-metal hosts. Also included will be a brief demonstration of running a Galera MyS...
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
Enterprises are universally struggling to understand where the new tools and methodologies of DevOps fit into their organizations, and are universally making the same mistakes. These mistakes are not unavoidable, and in fact, avoiding them gifts an organization with sustained competitive advantage, just like it did for Japanese Manufacturing Post WWII.
DXWorldEXPO LLC, the producer of the world's most influential technology conferences and trade shows has announced the 22nd International CloudEXPO | DXWorldEXPO "Early Bird Registration" is now open. Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)
In his session at @DevOpsSummit at 20th Cloud Expo, Kelly Looney, director of DevOps consulting for Skytap, showed how an incremental approach to introducing containers into complex, distributed applications results in modernization with less risk and more reward. He also shared the story of how Skytap used Docker to get out of the business of managing infrastructure, and into the business of delivering innovation and business value. Attendees learned how up-front planning allows for a clean sep...
Amazon started as an online bookseller 20 years ago. Since then, it has evolved into a technology juggernaut that has disrupted multiple markets and industries and touches many aspects of our lives. It is a relentless technology and business model innovator driving disruption throughout numerous ecosystems. Amazon’s AWS revenues alone are approaching $16B a year making it one of the largest IT companies in the world. With dominant offerings in Cloud, IoT, eCommerce, Big Data, AI, Digital Assista...
"Our strategy is to focus on the hyperscale providers - AWS, Azure, and Google. Over the last year we saw that a lot of developers need to learn how to do their job in the cloud and we see this DevOps movement that we are catering to with our content," stated Alessandro Fasan, Head of Global Sales at Cloud Academy, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.