Category: Mobile Security

The agency has managed to break through a roadblock that had been giving it a considerable challenge.

The majority of government agencies find that establishing adequate mobile security is not exactly an easy process, as federal experts still battle their way through the tech to try to be able to provide the right level of access through smartphones and tablets, while still protecting their applications and data.

That said, the Department of Defense may now have broken through one of the biggest problems it had faced in this area.

Deputy chief information officer for cybersecurity at the Department of Defense, Richard Hale, has announced that a roadblock that the DoD has been facing for some time now in mobile security may now have been broken away. He explained that the department has come up with a new approach that will keep up its dependence on the Common Access Card (CAC), but that will apply it in a new and fresh way. It turns out that they will not be placing the public key infrastructure credential directly onto the smartphones and tablets. At the same time, “We will not have a separate CAC card reader or something like that,” he said.

Hale spoke of this new mobile security strategy as an AFCEA panel moderator of the D.C. chapter’s Cybersecurity Summit.

He said that there are three separate pilots underway that have already demonstrated that this mobile device security system can be implemented effectively. He did acknowledge that there remain certain security issues in the effort to bring the credentials to the device, but that the department is working their way through those. Therefore, they do not yet have a “formal program to put an issuance infrastructure in place.”

Still, Hale said that it is his belief that within the upcoming “couple of months we’ll make a decision that we have a particular path to credential issuance and then we will put a program up and start doing it.” He even went on to make a “bold prediction” in which he stated that by the close of 2015, the department would already be “issuing derived credentials on a production way on mobile devices.”

According to Hale, this mobile security effort is being examined for all of the major device vendors, including Android, iOS, Microsoft, and Blackberry.

Security standards are set to be implemented in the US in October of this year

The payments industry in the United States is poised for a major shift late this year. In October, liability for fraudulent transactions will move from card companies to retailers if these retailers have not invested in point-of-sale terminals that accept chip-based payments. The shift is meant to address issues concerning the safety of electronic transactions, which has been brought to light by the growing prominence of mobile commerce.

Standards will require retailers to invest in chip-based payment terminals

New security standards will require credit and debit cards to be equipped with a chip that will make transactions more secure. This shift happened more than a decade ago in several European countries and similar security standards are becoming more common throughout the world. In the United States, however, it has taken much longer for these standards to take hold, due to the complexities of the country’s financial structure and the retail industry. Retailers have been particularly resistant to having to fund new payment terminals in order to avoid liability issues.

Security standards could boost the adoption of mobile commerce

For those interested in mobile commerce, the new security standards could be seen as a boon. Security has long been an issue that the mobile world has had to manage, and the issue has become more important to address with the growing number of people using their smartphones to make purchases. The new point-of-sale terminals that retailers will have to adopt will support NFC-based transactions, which will make it easier for consumers with mobile devices to use their smartphones to pay for products in physical stores.

Card companies are pushing for security standards to take effect

October 1 is the deadline for retailers to incorporate chip-based payment terminals. There is some speculation that the implementation of security standards will be delayed, but this may cause a loss of faith in the standards themselves. Card companies are eager to have these standards instituted as soon as possible in order to bolster the security of the digital payments industry.