i-Sprint Innovations. PHOTO: Cybercrime Magazine.

New Security Paradigm Powers i-Sprint’s Growth In Asia-Pac Region

IAM Becomes Bastion for Security-Minded Organizations

John P. Mello, Jr.

Northport, N.Y. – Mar. 11, 2020

For many years, a feudal model dominated information security. Organizations protected their internal networks with a hard perimeter — its “castle walls” — that was supposed to protect the data behind it. As adversaries found more and more ways to breach that perimeter, it became more and more porous.

Moreover, as data became more distributed — through developments such as the cloud, the Internet of Things, and the proliferation of endpoint devices — perimeters began to disappear. Taking its place of importance has been identity and access management (IAM). IAM has become the new perimeter.

That change in the information security paradigm is contributing to robust growth in the IAM market. Cybersecurity Ventures predicts global spending on IAM products and services will exceed US$16 billion annually by 2022 and grow at a compound annual growth rate of 12 to 15 percent over the next three years.

One company poised to cash in on the burgeoning demand for IAM solutions is i-Sprint, which has a direct presence and active authorized partners across Singapore, China, Hong Kong, Taiwan, Malaysia, Thailand, Japan, and the United States. One of i-Sprint’s companies, An Xun Ben, is doing especially well in China, where it was the only company to pull in a 4.5 rating in the IAM segment in the 2019 China Network Security Segment Matrix report.

Poised for Latest IAM Trends

Founded in Singapore in 2000, i-Sprint cut its cybersecurity teeth in the demanding financial services industry and used that experience to broaden its reach into other sectors. “With our proven track record in the financial services industry and in regulated industries with strong compliance requirements, we have been able to extend our market coverage to public services such as government agencies, critical infrastructure such as power plants, core services such as healthcare and education, and general businesses such as manufacturing,” explains i-Sprint CEO Dutch Ng.

That extended market coverage now encompasses 150 regional financial institutions, government agencies, and large corporations, which use i-Sprint’s suite of security products to protect assets worth more than $10 trillion.

According to i-Sprint, its suite of products is poised to keep pace with developing IAM trends in 2020. For example, many countries have created or are in the process of creating National Digital Identity (NDI) platforms so their citizens and businesses can interact with their governments in ways that are both convenient and secure. i-Sprint’s authentication infrastructure product, AccessMatrix Universal Authentication Server, is designed to integrate with any NDI infrastructure and has already been deployed in several Asian countries that have NDI platforms.



Authentication without Passwords

Another developing trend is authentication without passwords. Passwords can be a drag on both productivity and overhead. One study estimated that $420 in productivity per employee annually is lost due to workers struggling with passwords. Another found the annual cost of resetting passwords is $1.9 million based on an enterprise of 10,000 employees.

Passwordless authentication uses a combination of biometric authenticators — face, finger, voice, behavior and such — with push-and-login or scan-and-login to eliminate the need for passwords. i-Sprint is ready for this growing trend with a proven passwordless authentication solution that’s already been deployed with the company’s banking and finance companies throughout Asia.

Single Sign-On

Single Sign-On is another IAM trend where i-Sprint is well-positioned for growth. Organizations are turning to Single Sign-On as a way to remove friction in the sign-on process, which can become onerous for users in today’s complex infrastructure encompassing on-premise, cloud, and mobile logins.

Organizations are looking for a Single Sign-On solution that’s secure and based on industry standards, such as OpenID, Oauth, and SAML. i-Sprint is one of a handful of organizations in Asia certified to operate with OpenID Connect standards, and its AccessMatrix Universal Sign-On solution, which is already being used by its Asian customers, allows users to securely access applications and websites without having to remember multiple sets of credentials.

Adaptive Contextual Authentication

Another hot area in IAM is Adaptive Contextual Authentication. Unlike static authentication methods that give a user an unchanging set of privileges after authentication, ACA dynamically sets privileges based on data collected about the user. The data can be historical — such as physical location, preferences, IP address, and machine address — as well as behavioral — like keystroke dynamics, sound, and tapping behavior. So if a user accesses an application from the same point device at the same location during regular hours via the same Internet provider to perform similar transactions, there is a high probability that user is legitimate. That means the application can use a less restrictive authentication method than it would if the user exhibited a less common access pattern. i-Sprint offers ACA and already has such solutions deployed with many of its Asian customers.

Blockchain

Blockchain technology created a lot of buzz as a way to secure cryptocurrency, but it was quickly discovered it had applications beyond virtual money, not the least of which is IAM.

i-Sprint’s AccessMatrix solution has a blockchain module that uses the technology for audit and regulatory purposes. The solution creates an immutable timestamp in blockchain each time a person, thing, or service accesses the system.  That means every transaction and activity can be logged and stored in blockchain to ensure it can be audited to minimize risks and enforce compliance policies.

Blockchain can be especially valuable in second-hand markets where trust and transparency is very important. That’s because the unchangeable nature of blockchain reduces the chances of unintentional mistakes and tampering.

i-Sprint’s blockchain solution is being used in a number of innovative ways, including by a tea leaves trading platform, a cellar for collectible Chinese wines, and an e-commerce platform with tourist tax refund capability.

Mobile Suite

i-Sprint also has a suite of mobile offerings that enable organizations to keep them secure from threats posed by those devices. The solution includes YESsafe AppPortal+, YESsafe Token+, Token for SWIFT, and YESsafe AppProtect+.

YESsafe AppPortal+ is a mobile application security management solution that creates a platform for deploying, securing, and running mobile apps, as well as authenticating users.

YESsafe Token+ is software that runs on a mobile device and supports both one-time-only password and PKI technology. It gathers strong certification, transaction authorization, and other functions under its umbrella, as well as provides complete data protection on a device.

SWIFT — the Society for Worldwide Interbank Financial Telecommunications — is a worldwide network that allows financial institutions to send and receive information about financial transactions securely. i-Sprint’s mobile token for SWIFT can be deployed in combination with the SWIFT application for the kind of one-time password authentication used for two-factor authentication.

The resiliency of i-Sprint’s YESsafe AppProtect+ software was tested at the end of 2019 when a dangerous flaw was discovered in the Android mobile operating system.

Called StrandHogg, the flaw was discovered by Promon, a Norwegian mobile security firm. By exploiting the vulnerability, an attacker could spoof legitimate apps, like banking software, and trick users into revealing sensitive information about themselves and their accounts, as well as steal data from a phone and hijack its camera and microphone.

However, AppProtect+ uses a technology called RASP — Runtime Application Self-Protection — that can block attacks on iOS and Android apps in real time. Not only can it block passive attacks, such as reverse engineering, repackaging, and source code modification, but a new feature added to AppProtect+ blocks the kind of task hijacking enabled by StrandHogg.

Counterfeiting Products

A report compiled by the International Hologram Manufacturers Association (IHMA) revealed that the global economic value of counterfeiting and piracy could reach $2.3 trillion USD by 2022. This is a major and growing global issue that can generate great economic loss, damage brand reputation and possibly create health hazards for consumers.

In addition to consumer education, some companies have added authentication labels to their products. However, counterfeiters quickly follow up on the labels

To counter that, i-Sprint developed AccessReal code (AR code), a clone-proof code that uses a unique digital watermark with product information to create a product identification DNA that is unique individually. It is an encrypted code that eliminates any possibility of counterfeiting.

Moreover, it warns businesses when any suspected or duplicated AR code is scanned. With the technology businesses can better identify the source of a counterfeit, and protect consumers by keeping them safe and away from any hazards. This will result in the ability of businesses to strengthen consumers’ confidence level with their brands and build up their reputation.

COVID-19

While i-Sprint is poised to take advantage of the latest IAM trends, it, as well as many other companies across the globe, may experience a pothole in near-future growth due to COVID-19.

Coronavirus has affected business activities because more employees have had to work from home and fewer business meetings are being held, the company explained. So far, it continued, we have a lot of repeat business from existing customers, so Q1 and Q2 look good. But, it added, we could certainly experience a temporary slowdown in business with companies more conservative on purchasing and rolling out new digital transformation initiatives.

i-Sprint Archives

John P. Mello, Jr. is a freelance writer specializing in business and technology subjects, including consumer electronics, business computing and cyber security.


About i-Sprint

i-Sprint Innovations (i-Sprint) established in the year 2000, is a leading provider in Securing Identity and Transactions in the Cyber World that enables individuals, organizations, and societies to build trust and identity assurance for powering productivity gain through digital identity and identity of things (IDoT).

An ISO27001 and ISO9001 certified company, we are committed to delivering a qualified and secured management system that meets the needs of our clients. i-Sprint’s clients include leading global and regional financial service institutions, government agencies, telecommunications, public utilities, manufacturing, healthcare, education, multi-national corporations and others. Currently, i-Sprint has a direct presence and active authorized partners across Singapore, China, Hong Kong, Taiwan, Malaysia, Thailand, Japan and the United States.