Kaay eKaay
Main | Demo     German
SMART LOGIN

eKaay NFC - High Security Solution

Smartphone trojans may steal the keys stored on the smartphone within the storage of the eKaay app. For example, a trojan sitting deeply within the Operating System of the smartphone will be able to circumvent the sandbox architecture. Even the so-called key chain (for iOS devices in hardware, for Android devices in software) does not in a 100 percent way prevent trojans from stealing keys.

A solution for this problem is ekaay NFC: The keys are moved out to a card or a token, and are contacted by the smartphone via NFC:

eKaayNFC

Login with a Nexus S Android Smartphone and an NXP JavaCard at the Webmail of the Universität Tübingen (no fake).

Because not only the keys but the whole cryptology (''challenge/response'') is moved out to the card, the keys never leave the card and therefore cannot be stolen by smartphone or PC malware. eKaay becomes a high-security method.

The method can be implemented in case there are already NFC-enabled cards among the portal users, for example company cards, campus cards or customers cards.

Alternatively, the NFC-enabled tokens and cards of the FIDO Alliance (Google) could be used to store the ekaay keys, for example the Yubico tokens. This is decided by the eKaay user, i.e., independently of the portal.

More Information

Patent eKaay NFC: B.Borchert (2009): DE102009040009B4.

Conference talk (ICITST 2013, London) about eKaay NFC: B.Borchert, M.Günther: ''Indirect NFC-Login'' (slides, paper).

The same idea ''Move out the key to an NFC-enabled card in order to protect it from smartphone trojans'', applied to Online Banking: NFC-TAN and Display-TAN.

About eKaayeKaay VariantsSecurityLicenseImplementationContact
About us
History Smart Login
News
eKaay original
eKaay PIN
eKaay NFC
eKaay light
eKaay PIN light
eKaay Sign
Security comparisonLicense
Price List
References
Integration
Implementation
Contact
Imprint