One thing that I've always had trouble with at trade shows is the tiny print map that tries to cover every booth always strains my eyes – that is if I can figure out where I am on the map and if I still have the map with me. I get easily lost amidst loud and flashy presentations, the music and models. To help attendees who can sympathize with me, we created the CeBIT Mobile Fair Application to help attendees view fair information from anywhere, anytime and any mobile phone. The CeBIT Mobile Fair Application allowed attendees to access Hall Plans, find Exhibitors, discover Forum Area Programs and stay on top of Fair News, Announcements and Events via their Java supported mobile phones including BlackBerry® devices and PDAs.

Cebit Eurasia was a very rewarding experience - not only did Aradiom win the Best Mobile Government Services award for our QuickCity IBB Mobil application for the City of Istanbul, but we also got to help trade show attendees like me who get easily lost in space and time!

Regina

The theme of the meeting was "Mobile Trust Services" and there were extensive lists of technologies and products presented by and for the financial services industry. I noticed how many advances have been made in mobile banking and finance technologies, but not so much in affordable and convenient banking security solutions. Partly the problem is that banking fraud covers a wide range of tactics, strategies and technologies, thus making it very difficult for one solution to prevent them all. Another problem is finding the balance between usability and the level of security – who would want to carry a full body scanner with a secure offline transmission feature everywhere they go just to make an electronic bill payment?

During my presentation, I used "Silent Banker Trojan", a recently discovered threat that combines a Trojan with a Man-In-the-Middle attack, as an example of how sophisticated the cyber threats are becoming. The presentation broke down how the attack works and what features are needed to guard against such attacks. The key take-away from this analysis was that conventional 2FA and OTP solutions are not enough to guard against cyber attacks anymore. Not only should your 2FA solution provide timed-OTPs, but it needs to be able to authenticate the bank (or the bank's website) and the transaction details to the user – while making it user friendly so that your customers don't get lost during the process. It sounds complicated, but SolidPass makes it really easy. For more information on how SolidPass works against Silent Banker Trojan. See my presentation below.

We've been traveling quite a bit here at Aradiom. We were at CTIA San Francisco the week prior and are at the Mobey Forum this week in Oslo. And we just got our CTIA interview uploaded on Vator.TV. All I can say is that someone badly needs a haircut and to get some sleep!

Traveling and attending conferences are fun, yet tiring and I am always struck by the ways in which conferences can both be similar and very different from each other. There's a curious sense of deja vu at each conference. The food: coffee and donuts (or pastries) are our staple foods during the day at the booth. The milieu: I am usually amazed at the number of companies at any given conference - think of a niche and someone is attempting to exploit it.

And then the things that are different - CTIA features an extremely broad cross-section of companies whereas the Mobey Forum has a far more razor sharp focus on the financial sector. We seem to get more in-depth questions about our 2FA product SolidPass at conferences like Mobey. Regardless of the type of conference though, the most appealing things are the connections we make and inspiration we draw from other entrepreneurial efforts (although sometimes this means deciding what *not* to do - mobile TV anyone?). Of course, one can't talk about the differences without mentioning Stormtroopers.

Look for us in Oslo, Norway if you make it out there!

Baris

There’s an interesting article in the Economist about using biometrics for banking security. It’s amusing and for those of us whose minds immediately jump to bad movies featuring disembodied body parts, note that hacked fingers will not work in the scanner.

What the article does highlight are the 2 reasons we believe on-phone soft token security is very compelling for financial institutions and beyond: cost and convenience.

As a delivery mechanism and distribution point, the mobile phone is perfect for distributing tools and solutions to customers. Beyond the initial data push cost to get an application on the phone, a Two Factor Authentication (“2FA”) solution such as SolidPass™ works completely offline.

Of course financial institutions are not the only ones with an interest in 2FA and one-time-password (“OTP”) generation capabilities. Most notably, larger IT shops which use VPN for example typically end up having a TOC with a hard token (a card, USB, fob etc.) which is 3-10 times that of an updatable, secure, software based 2FA phone solution.

Baris

If you've landed on this page - welcome to our official blog. We plan to have regular, relevant information about us, our team, our products and may even have some musings about mobile technology in this space. Hope to see you soon and often.

Baris