C0C0N, Cochin- One Exciting Concept-Password Less Authentication (PLA)

Though I did not liked the registration process which again has two halves one starts on the web page and finishes on the mobile application downloading, installing and sending the IMSI, ICC-ID and receiving the APPID from the server, but the good thing is I don’t have to remember the passwords.

What I see as advantages:

1.No need to carry tokens

2.No need to remember complex password(s)

3.If I have multiple bank accounts I do not have to remember multiple passwords or multiple tokens for that matter. If any bank implements this design then all I have to do is download the respective bank’s public key and still hold the same userid and same PIN

4.I just have to protect my phone as it would become my Identity device

5.If I lose my phone or stolen, its same as calling your credit card or telecom company to block the card or SIM

Even if a malware or spyware gets hold of my userid and PIN the authentication lands on to my mobile phone and if I’m not the one to initiate the authentication request sure I can decline that or simply say change pin.The same applies to any online purchases as well and for any system or application changes in my web mails, or corporate accounts or for that matter my own banking accounts.

When he explained me the advantages, I felt wow then why doesn’t paypal implements I got simple answer, its under patent processing and can’t talk internal company details, however, I see some work required towards all mobile phones i.e. GSM and CDMA networks and some low level development so that all types of phones can use the public key encryption not just smart phones.

Some pics I got on the presentation that I luckily could mange is given below – interesting but intriguing as well.

Do let us know whats your take on this .