Jump to content

GrIDsure: Difference between revisions

Edit links
From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
m updated reference link from using http to https
Rescuing 3 sources and tagging 0 as dead. #IABot (v1.6beta2)
Line 1: Line 1:
{{Orphan|August 2009|date=March 2012}}
{{Orphan|August 2009|date=March 2012}}
'''GrIDsure''' was a [[personal identification]] system which extends the [[chip and PIN|standard ‘shared-secret’ authentication model]] to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. It was invented by Jonathan Craymer and Stephen Howes in November 2005. It has received positive media reception.<ref>{{cite web|url=http://mediaproducts.gartner.com/reprints/veracode/156005.html |title=Media Products Overview |publisher=Mediaproducts.gartner.com |date=2008-01-08 |accessdate=2010-03-27}}</ref><ref>{{cite web|url=http://www.ovum.com/news/euronews.asp?id=6300 |title=Telecoms and Software News |publisher=Ovum.com |date= |accessdate=2010-03-27}}</ref><ref>{{cite web|url=http://www.it-analysis.com/business/compliance/content.php?cid=9686 |title=Superior accessible security |publisher=It-analysis.com |date= |accessdate=2010-03-27}}</ref>
'''GrIDsure''' was a [[personal identification]] system which extends the [[chip and PIN|standard ‘shared-secret’ authentication model]] to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. It was invented by Jonathan Craymer and Stephen Howes in November 2005. It has received positive media reception.<ref>{{cite web|url=http://mediaproducts.gartner.com/reprints/veracode/156005.html |title=Media Products Overview |publisher=Mediaproducts.gartner.com |date=2008-01-08 |accessdate=2010-03-27}}</ref><ref>{{cite web |url=http://www.ovum.com/news/euronews.asp?id=6300 |title=Telecoms and Software News |publisher=Ovum.com |date= |accessdate=2010-03-27 |deadurl=yes |archiveurl=https://web.archive.org/web/20110715025611/http://www.ovum.com/news/euronews.asp?id=6300 |archivedate=2011-07-15 |df= }}</ref><ref>{{cite web|url=http://www.it-analysis.com/business/compliance/content.php?cid=9686 |title=Superior accessible security |publisher=It-analysis.com |date= |accessdate=2010-03-27}}</ref>


GrIDsure went into [[liquidation]] in October 2011 after investor funding dried up.<ref name="crn">{{cite web | url=http://www.channelweb.co.uk/crn-uk/news/2122095/stricken-gridsure-talks-trade-buyer | title=Stricken GrIDsure in talks with trade buyer | publisher=ChannelWeb | date=2 Nov 2011 | accessdate=March 22, 2012 | author=Woodburn, Doug}}</ref>
GrIDsure went into [[liquidation]] in October 2011 after investor funding dried up.<ref name="crn">{{cite web | url=http://www.channelweb.co.uk/crn-uk/news/2122095/stricken-gridsure-talks-trade-buyer | title=Stricken GrIDsure in talks with trade buyer | publisher=ChannelWeb | date=2 Nov 2011 | accessdate=March 22, 2012 | author=Woodburn, Doug}}</ref>
Line 33: Line 33:
* ''The Institute of Engineering & Technology'' [https://web.archive.org/web/20080129055032/http://www2.theiet.org/oncomms/sector/magazine.cfm?issueID=219 Grid Expectations]
* ''The Institute of Engineering & Technology'' [https://web.archive.org/web/20080129055032/http://www2.theiet.org/oncomms/sector/magazine.cfm?issueID=219 Grid Expectations]
* ''The Register'' [https://www.theregister.co.uk/2007/10/04/pin_fraud/ UK start-up tackles PIN fraud with patterns]
* ''The Register'' [https://www.theregister.co.uk/2007/10/04/pin_fraud/ UK start-up tackles PIN fraud with patterns]
* ''Info Security Magazine'' [http://www.infosecurity-magazine.com/news/071025_Gridsure.html Card issuer to adopt graphical Pin randomiser]
* ''Info Security Magazine'' [https://web.archive.org/web/20081121224136/http://www.infosecurity-magazine.com/news/071025_Gridsure.html Card issuer to adopt graphical Pin randomiser]
* ''Security Park'' [http://www.securitypark.co.uk/security_article259966.html Pattern-based ID verification system combats online fraud]
* ''Security Park'' [https://web.archive.org/web/20071023084344/http://www.securitypark.co.uk/security_article259966.html Pattern-based ID verification system combats online fraud]
* ''Computing.co.uk'' [http://www.computing.co.uk/computing/news/2162444/banks-seek-fraud-solutions banks seek fraud solutions]
* ''Computing.co.uk'' [http://www.computing.co.uk/computing/news/2162444/banks-seek-fraud-solutions banks seek fraud solutions]
* ''Cambridge Evening News'' [https://archive.is/20070721081410/http://www.cambridge-news.co.uk/business/news/2007/10/09/e82ba8a4-a675-4e5a-aeda-338a3114153b.lpf ID system the "perfect solution" to fight fraud]
* ''Cambridge Evening News'' [https://archive.is/20070721081410/http://www.cambridge-news.co.uk/business/news/2007/10/09/e82ba8a4-a675-4e5a-aeda-338a3114153b.lpf ID system the "perfect solution" to fight fraud]

Revision as of 23:55, 21 October 2017

GrIDsure was a personal identification system which extends the standard ‘shared-secret’ authentication model to create a secure methodology whereby a dynamic ‘one-time’ password or PIN can be generated by a user. It was invented by Jonathan Craymer and Stephen Howes in November 2005. It has received positive media reception.[1][2][3]

GrIDsure went into liquidation in October 2011 after investor funding dried up.[4]

On the 18th of November 2011 Cryptocard announced it has acquired the intellectual property of GrIDsure which includes 8 patents that have been granted and a further 16 pending. Cryptocard was already a GrIDsure OEM partner and uses the product in their portfolio.

Authentication method

In order to authenticate, the user is asked to input a series of numbers based on a preregistered pattern on a grid (that the user knows) and a grid of pseudo-random numbers generated by the authenticator. This results in a different series of numbers each time the user authenticates.[5]

Academic reception

A study was carried out on the statistical security of GrIDsure by Richard Weber in the Statistical Laboratory of the University of Cambridge. He concluded "This is one of the most beautiful ideas I have seen in many years of looking at algorithms and optimisation problems." [citation needed]

In March 2008, an independent security researcher, Mike Bond,[6] identified flaws[7] in the Gridsure authentication scheme, specifically commenting on Weber's analysis, and concluded:

"The Gridsure authentication mechanism remains largely unproven. Studies so far are flawed or taken out of context; my own initial studies indicate further weaknesses."

The introduction to Dr Bond's paper states "This document is not intended to be a fully representative or balanced appraisal of the scheme."[citation needed]

University College London conducted a usability trial. In a covering letter to the study report, Professor Sasse states:

"Having looked at many mechanisms which have been proposed in recent years to overcome users' problems with PINs and passwords, this is the first one that has the potential to offer good usability and increased security at the same time."[citation needed]

See also

Media coverage

Notes

  1. ^ "Media Products Overview". Mediaproducts.gartner.com. 2008-01-08. Retrieved 2010-03-27.
  2. ^ "Telecoms and Software News". Ovum.com. Archived from the original on 2011-07-15. Retrieved 2010-03-27. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)
  3. ^ "Superior accessible security". It-analysis.com. Retrieved 2010-03-27.
  4. ^ Woodburn, Doug (2 Nov 2011). "Stricken GrIDsure in talks with trade buyer". ChannelWeb. Retrieved March 22, 2012.
  5. ^ Esnouf, Frédéric (29 Aug 2009). "Strong authentication using your Brain : IAG and Gridsure". Retrieved March 22, 2012.
  6. ^ Mike Bond, Security Researcher
  7. ^ Mike Bond, Comments on Gridsure Authentication, 27 March 2008
Retrieved from "https://en.wikipedia.org/w/index.php?title=GrIDsure&oldid=806428205"