Contactless Passwordless Auto Login

with the most innovative NFC hardware password manager which received the Global Infosec Awards 2021

By Jacques GASCUEL, CEO of Freemindtronic

On a daily basis, every company, regardless of its size, is faced with providing occasional access to some of its digital services to outsiders. Who, during a business meeting at their premises, has never received a request from a service provider or a customer during a debriefing to gain access to the Internet? In practice, we can observe diametrically opposed behaviors depending on the cybersecurity maturity of the company, ranging from the provision of the company’s WiFi code (the worst) to the guest captive portal (the preferred). Temporary profiles such as interns and other temporary workers will also have more specific needs for a period that may be longer, but while remaining occasional to access your ERP, CRM or even a VPN for teleworking. Here again, in practice, the rights granted to these “Outside Persons” depend on the information system security policies implemented in the company;

For all these reasons, an authorized person of the company, “The Boss”, must physically give the computer identifiers to provide the right of access to the requested service. Consequently, Outside persons will thus be aware of the identifiers.

When the missions are finished, the procedure wants the Boss to modify the passwords communicated, in an obvious concern of security. In the worst-case scenario, company personnel have to accommodate this change of passwords, resulting in wasted time and obvious annoyance, again related to the use of passwords.

Freemindtronic offers a solution to this recurring problem

It’s an hardware password manager, with multi-criteria of trust operating with contactless technology, the “Freemindtronic card”. It is an NFC device designed to secure the end-to-end transport of confidential data. This card thus makes it possible to carry out many often very complex use cases with confidence.

This device can store up to 200 “secrets” (ID, encryption keys, banking information, etc.) individually secured with cumulative trust criteria defined at the discretion of the user and / or the administrator. Freemindtronic cards all have RSA 4096 asymmetric key management. The user can thus very easily, without taking any risk, share his secrets by all usual means of communication, via a QR code encrypted with the public key of his correspondent also having a Freemindtronic card. This sharing can also be done by SMS or MMS, by NFC Beam or printed on paper, even in the sight of malicious people.

An advanced “Passwordless” autologin system allows passwordless and contactless authentication with the secrets stored in the Freemindtronic card. Indeed, the secrets are stored encrypted in the non-volatile physical memory of the Freemindtronic card. Authentication is all the stronger as it has an MFA (multi-factor authentication) system that can be configured up to 12 physical trust criteria. These criteria can individually enslave each secret to block access attempts and illicit uses. Effective protection against theft, loss and brute force attacks on the Freemindtronic Card.

Thus, humans are put back at the heart of their safety and cybersecurity. Everything is done so that he very simply regains absolute control of his digital life with a tool that fits in a pocket. This tool, which physically decentralizes the secrets of information systems, makes it possible to fight effectively against a large number of risks such as failures and corruption of information systems, espionage, phishing, identity theft but also risks associated with human error.

Working principle

So how do you ensure that the outside Person can connect without sharing the secrets?

The Boss pairs his Freemindtronic card with his NFC phone. The latter itself is paired with an extension for web browsers installed on ALL workstations. The local network where the NFC phone and workstations are connected will be end-to-end encrypted for each transaction. The Outside Person sends a connection request to the Boss. He receives it on his phone. He places his Freemindtronic Card under the NFC antenna of his phone and the connection is made automatically in a fraction of a second. At no time did the Boss communicate the secrets, they will be transmitted over a secure channel between the card and the access service. The Boss can thus with a single Freemindtronic Card, manage via his phone up to 200 secrets on all the computers of his company.

This solution may seem restrictive in centralized use if the connection requests are numerous, the workload becomes unacceptable for “The Boss”. Freemindtronic Cards also have a PKI management mode allowing administration of card holders. It will therefore be possible to provide a card to “Outside Persons” who can connect with it. The Freemindtronic card is set to read-only so that access to stored secrets is limited to specifically intended uses. This limitation prevents the copying, sharing, or modification of secrets. In addition, use of the Freemindtronic card can be restricted to company premises using the associated trust criteria.

About the author

Jacques Gascuel, inventor and CEO Freemindtronic Andorra. Jacques has been an entrepreneur for 30 years. He followed an electrical engineering training and university law studies in Toulouse (France). An inventor at heart, he has won several trophies and enjoys taking on challenges. “Every problem has its solution” according to him, which pushes him today, as the leader of an Andorran startup specializing in Cybersecurity, to create innovations in the field of the digital freedom of people and the security of their data.

Freemindtronic is an Andorran start-up which designs and manufactures tailor-made solutions for its customers in the field of safety and cyber security of information systems and computer systems.

Jacques can be reached online on Linkedin : https://ad.linkedin.com/in/jacques-gascuel-fullsecure

For more information, visit the company website at www.freemindtronic.com