Meet us at e-Smart 2008

KerPass will make a presentation at e-Smart conference on the 18th of September 2008. We will present advanced solutions for delivering reliable software tokens on networked devices.

KerPass has obtained “Java Verified” certification.

Version 1.31 of our KerPass UST mobile client has just completed “Java Verified” certification. Such quality certification that focus mainly on usability will allow us to simplify the dialog with mobile operators, as we realized that the lake of it was complicating discussions.
When first approached, “Java Verified” is no picnic. Thanks to Orange partners and NSTL for making this easier to achieve.

Defeating the “Man in the Middle”, mobile SignCode to the rescue.

Right from the inception of the KerPass system, we considered “transaction validation” to be part of our roadmap. We took some time to develop a portable digital signature system based on elliptic curve cryptography and proposed additionally to it something we call “Password signature” which is a digital signature that you can use like a password. Read more »

Google apps will be protected by Arcot software smartcard

We are following carefully what is going on on this side for obvious reason, so the news that Arcot technology was selected to optionally deliver strong authentication to business customers accessing google apps is certainly something to watch.
Read more »

Nokia, Apple, Google is the ball starting to roll ?

There is an overall perception that 2008 is the year where mobile will take off as a platform widely open to innovation. Until now, the majority of those exposed to mobile application development have been stuck at the entry of so called operators walled garden, and/or are busy fixing fragmentation problems accross a wide variety of not so similar handset … Recent initiatives from Apple and Google (both newcomers in the mobile arena) suggest that what until recently was looking a distant future is about to happen. There will probably be resistances on the way towards “new mobile” (you may call it mobile 2.0), and to understand what may go wrong it helps to review what the much needed reorganization imply.
Read more »

KerPass at mobile monday Paris.

KerPass will be making a presentation (including various demo of UST phone token) at mobile monday Paris on the 07th of January 2008.

This will take place at :

BETC Euro RSCG,
85-87 rue du faubourg Saint Martin,
75010 Paris.

Mobile Android, it’s the applications stupid …

It is too early to be sure that Google and its followers of the open handset alliance will really deliver every promises that the mobile Android platform imply , however it looks to us that this project take a refreshing approach on what a mobile platform shall deliver.

The emergence of Android could be much more disruptive than say the release of the Iphone, as it can reach everybody phone …

Read more »

The mobile phone as a token container, can we trust storage ?

One question KerPass often receive relates to how safe is using a phone to store software token ? A mobile token like the one part of the KerPass UST system, requires storing several cryptographic keys. Security specialists generally consider that software token are not reliable because nearby malicious software can read and duplicate the private information it contains. Common sense certainly suggests that a secure storage system (eg smart card) is a better location to store private keys than say disk storage. That said the complete analogy that most are making in between the modern open and insecure pc and the mobile phone is not accurate. They are reasons beyond “It is nice to have that there…” that make the mobile phone well suited to be a token container.
Read more »

Meet us at Ip Convergence :

KerPass is making a presentation at the Ip convergence expo in Paris on the 3,4,5 October 2007. Our presentation (in French but speakers can attend you in English…) will be on the 3rd of October at 17:10 hrs , as part of the European telecom startup event.

Thanks to CEFT (Club des entrepreneurs francais des telecom) for their invitation.

If you want to have a hand on demo on how to make full use of the UST token system, or get to know the new SMS token system this is the place.

New KerPass API on line

We took quite a while to come here, but the new API is finally operational :
Time synchronous one time password and ECDSA digital signatures can be used in the context of any web application, after installing KerPass onto end user mobile phone.

• The demo as usual allows an efficient hand on introduction to the complete system
• At https://realm.kerpass.com/ you find a web application for creating and administering security realm to support your own applications
• The url https://api.kerpass.com/ provide full access to the api.
• All KerPass documentation can be found here.

Don’t hesitate to contact us to obtain the necessary applications to install onto end user mobile phone.