What is Cryptomathic?Founded in 1986, Cryptomathic’s origin is contained in the company’s name: cryptology and mathematics. Initially, our core area of business was to deliver cryptographic algorithms to banks which in turn were integrated into their own solutions. Technology has advanced significantly and now a rising number of new markets require complex and highly secure systems and procedures to maintain the confidentiality and integrity of data.
We capitalised on this trend and today Cryptomathic is a leading provider of bespoke security solutions to organisations operating across a wide range of sectors including finance, smart card, digital rights management and government. We offer systems for e-banking, two-factor authentication (2FA), public key infrastructure (PKI) initiatives, EMV card issuing, ePassport and advanced key management, which contribute directly to our customers’ core business activities. Essentially, we specialise in areas where cryptographic security is an essential and critical requirement.
We capitalised on this trend and today Cryptomathic is a leading provider of bespoke security solutions to organisations operating across a wide range of sectors including finance, smart card, digital rights management and government. We offer systems for e-banking, two-factor authentication (2FA), public key infrastructure (PKI) initiatives, EMV card issuing, ePassport and advanced key management, which contribute directly to our customers’ core business activities. Essentially, we specialise in areas where cryptographic security is an essential and critical requirement.
In what sectors has Cryptomathic experienced the most success?
Cryptomathic has been successful across a number of different industry sectors, in particular banking, government and digital rights management:
Banking: Although the migration to EMV and the banking sector’s continued use of the internet to deliver services has created new opportunities for banks and improved convenience for customers, such advances have also resulted in increasingly sophisticated financial attacks from fraudsters. It is a continuing and complex process to ensure banking networks are successfully protecting sensitive data from existing and future threats, as most banks are operating a legacy IT system which was originally created for functionality and not security.
This is made even more challenging by the pace at which technology has advanced over the last decade, which would have been unimaginable when these IT systems were first introduced. With the 2008 APACS fraud figures (published in March 2009) revealing an ongoing increase in card-not-present fraud and a startling rise in identity theft – up by a third from six to eight per cent of total fraud - it is without doubt that Cryptomathic’s expertise will continue to be in strong demand from this market.
Government: By transferring our knowledge from securing highly sensitive data within the banking sector into the progressive ePassport landscape, we have developed and implemented solutions which guarantee the security of the biometrics data held within a machine readable travel document or eID card. Taking this one step further, Cryptomathic has designed the technology required to ‘speed up’ the ability of border controllers to access biometric details without impacting the integrity of the infrastructure or application. Due to our work with the UK Identity and Passport Service to deliver a public key infrastructure (PKI) solution in 2006, our consultancy, product offering and visibility in this area has gone from strength to strength. This skill-set has also been used to support the delivery of government ID initiatives.
Digital Rights Management (DRM): As technology becomes increasing mobile, so does data which raises new concerns regarding the protection of copyright information and its management. Interest has grown considerably in the creation of a trusted environment for protecting data which will still enable access by authorised users. PKI is mostly known for electronic commerce and personalised digital signatures with the aim of preventing illegal use of digital contents by unauthorised users. However, there are currently a number of very large, ‘transparent’ PKI solutions for DRM in mobile phones and Trusted Platform Modules in PCs. Cryptomathic has witnessed an increase in demand for these specialised large scale solutions.
Banking: Although the migration to EMV and the banking sector’s continued use of the internet to deliver services has created new opportunities for banks and improved convenience for customers, such advances have also resulted in increasingly sophisticated financial attacks from fraudsters. It is a continuing and complex process to ensure banking networks are successfully protecting sensitive data from existing and future threats, as most banks are operating a legacy IT system which was originally created for functionality and not security.
This is made even more challenging by the pace at which technology has advanced over the last decade, which would have been unimaginable when these IT systems were first introduced. With the 2008 APACS fraud figures (published in March 2009) revealing an ongoing increase in card-not-present fraud and a startling rise in identity theft – up by a third from six to eight per cent of total fraud - it is without doubt that Cryptomathic’s expertise will continue to be in strong demand from this market.
Government: By transferring our knowledge from securing highly sensitive data within the banking sector into the progressive ePassport landscape, we have developed and implemented solutions which guarantee the security of the biometrics data held within a machine readable travel document or eID card. Taking this one step further, Cryptomathic has designed the technology required to ‘speed up’ the ability of border controllers to access biometric details without impacting the integrity of the infrastructure or application. Due to our work with the UK Identity and Passport Service to deliver a public key infrastructure (PKI) solution in 2006, our consultancy, product offering and visibility in this area has gone from strength to strength. This skill-set has also been used to support the delivery of government ID initiatives.
Digital Rights Management (DRM): As technology becomes increasing mobile, so does data which raises new concerns regarding the protection of copyright information and its management. Interest has grown considerably in the creation of a trusted environment for protecting data which will still enable access by authorised users. PKI is mostly known for electronic commerce and personalised digital signatures with the aim of preventing illegal use of digital contents by unauthorised users. However, there are currently a number of very large, ‘transparent’ PKI solutions for DRM in mobile phones and Trusted Platform Modules in PCs. Cryptomathic has witnessed an increase in demand for these specialised large scale solutions.
Who would you say to date is Cryptomathic’s main competition?
As one of the first companies to commercialise cryptographic algorithms, Cryptomathic has used its academic base to pre-empt new security requirements brought about by emerging technologies or regulatory decisions. This enables us to react to specific and individual client and industry needs in a timely manner. Our biggest competition comes from organisations that decide to develop solutions in-house rather than use an outside agency, which is usually a commercial decision.
What are the benefits of Cryptomathic products over those of its competitors?
All of Cryptomathic’s products are designed and built to specifically meet customer requirements today and are adaptable to future needs. Ensuring a solution is sustainable in the long-term is core in all our services, but is something that many systems developed in-house fail to acknowledge or accommodate, resulting in expensive amendments and time intensive upgrades.
Despite the current economic circumstances do you still see a significant demand for your products in the industry?
Not only is there still a strong demand for our offering, but we have also witnessed new business growth, particularly from the financial sector. Although banks are under increasing pressure to economise without compromising levels of security, fraud costs the industry millions of pounds each year and implementing e-security solutions can eliminate this criminal exposure and the associated losses. Such systems are automated, which can also reduce demand on internal resources and human error; all of which save banks money.What security products do you see as having the greatest potential for adoption?Due to the convergence of industry sectors, and the fast pace at which innovative multiple-partnership solutions are coming to market, scalable, reliable, flexible and secure server solutions have the greatest potential for adoption. Products that span payments and mobile in particular are currently experiencing a rapid rise in demand.
What are the main challenges facing the company in 2009?
Cryptomathic’s main challenge at present is the management of our global expansion strategy. We have an established office network throughout Europe and last year opened a new office in Canada to provide our US and Canadian-based customers with local business and technical support. With a rising demand in North America, Middle East and Asia for security solutions, in particular orders for EMV data preparation solutions for contact and contact less payment cards, as well as automated key management systems, 2FA technologies and PKI expertise, it is logical for us to raise our global visibility.
What does the future hold for Cryptomathic?
The security solutions market we address is likely to continue growing strongly for the foreseeable future, as there will always be a demand for cryptography-based products. In the coming years, a key area of focus will be the integration of biometrics with cryptography based solutions. Both technologies are very effective and offer different benefits in a range of scenarios. Cryptographic solutions - particularly when combined with a Hardware Security Module (HSM) - are so robust that the only challenge that has arisen has been from other sources.
For example, a bank will never experience a threat on the cryptography of its systems. The weaknesses originate from connections to the customer/bank interface and are most commonly exploited by attacks based on trojan, phishing, pharming techniques. In this instance, and many others, cryptography and biometrics can work together advantageously to provide increased assurances of security.
In the long-term, we intend to grow our company and further extend our portfolio of proven solutions through a pre-determined acquisitions strategy. Our overarching aim is to continue to deliver functional solutions and support, with a real return on investment, to a portfolio of happy and loyal customers.
For example, a bank will never experience a threat on the cryptography of its systems. The weaknesses originate from connections to the customer/bank interface and are most commonly exploited by attacks based on trojan, phishing, pharming techniques. In this instance, and many others, cryptography and biometrics can work together advantageously to provide increased assurances of security.
In the long-term, we intend to grow our company and further extend our portfolio of proven solutions through a pre-determined acquisitions strategy. Our overarching aim is to continue to deliver functional solutions and support, with a real return on investment, to a portfolio of happy and loyal customers.
(Smartcard News Ltd, 2009)
0 comments:
Post a Comment