Tag: Gemalto

Device makers embracing software over hardware

Software-and-Application-SecurityA report from digital security outfit Gemalto has found that the device manufacturing industry is embracing software over hardware as its primary business model.

The change highlights how crucial software is becoming to device manufacturers, in improving business performance and growing revenue. And, as end-users begin to demand more options and control of their devices and data, entire industries are being forced to change their business models and strategies to cater to their customers.

According to Gemalto’s ‘How Software is Powering the Hardware Renaissance‘ report, the majority (84 percent) of organisations in the sector are changing how they operate. More than 37 percent have already made a full shift to a software-centric business model, one that places software at the core of how a company delivers value and generates revenue.

The research also found that 94 percent of respondents have increased their investment in software development in the last five years. Germany is leading the charge. All German organisations questioned have boosted their software-based services over this time; with France second (98 percent) and the US (93 percent) in third.

Hardware technology companies are already reaping substantial benefits – of those that have changed their models, the average increase in revenue has been 11 percent. They expect further growth in the next five years, with the revenue from software projected to rise from 15-18 percent.

As well as revenue growth, businesses that have moved to software-based selling have seen other benefits. Over eight in 10 have driven diversity in hardware with software features (86 percent), implemented remote feature upgrades (84 percent) and improved customer experience (84 percent). Businesses also report having a more flexible strategy that allows them to adapt to market change (79 percent), better control copy protection (76 percent) and being more competitive (73 percent).

These changes are also having a positive impact on employees. The majority of businesses have retrained their employees (64 percent) and hired new ones (58 percent), with 61 percent also revealing they have or intend to reshuffle employees into different roles.

With businesses starting to see the potential of the IoT, software-based business models are generating commercial benefits. Around nine in 10 respondents believe IoT is driving growth in the industry and that IoT itself is a chance to change their company’s business model (85percent). Enabling automated upgrades (61percent), remote support (57 percent), collecting usage analytics (54 percent) and gathering increased and higher quality customer insights (53 percent) are the main benefits businesses see IoT enabling.

Changing from hardware to a software-based selling model isn’t without challenges. When it comes to practicalities, almost all organisations (96 percent) that have changed, or are changing, have experienced some difficulties in making the transition work.

Looking at the challenges faced in more detail, half of the respondents reported that they needed to hire staff with different skills. Around one in three said solutions evolved organically without a central strategy (36 percent) and managed new sales and operational methodologies with old legacy processes (34 percent), caused challenges in the transition.

Gemalto Senior Vice President, Software Monetisation Shlomo Weiss said: “The results of this survey validate what we see on a daily basis with our customers as we help them make this transition. Companies who adopt software-based revenue models will reap three main benefits: long-term relationships with their customers, predictable revenue streams and a clear competitive advantage. From gaining insight into product usage, to pay-per-use payment structures and on to new market penetration – all the companies we surveyed identified a real need to transform how they do business.”

Consumers will abandon insecure businesses

sdfgdsfgsdfgsdfgCompanies that suffer from a data breach could lose more than 70 percent of their customers, according to a new survey.

Ok, the survey was carried out by Gemalto which is a security company, but it was based on questions asked to 10,000 consumers.

Just under 70 percent of consumers feel businesses don’t take the security of customer data very seriously.

This is a little ironic because the Gemalto study found that consumers are failing to adequately secure themselves, with over half (56 percent) still using the same password for multiple online accounts.

Even when businesses offer robust security solutions, such as two-factor authentication, two fifths (41 percent) of consumers admit to not using the technology to secure social media accounts, leaving them vulnerable to data breaches.

This may be because the majority of consumers (62 percent) believe the business holding their data is mostly responsible for its security.

This is resulting in businesses being forced to take additional steps to protect consumers and enforce robust security measures, as well as educate them on the benefits of adopting these. Retailers (61 percent), banks (59 percent) and social media sites (58 percent) were found to have a lot of work to do, with these being sectors that consumers would leave if they suffered a breach.

Gemalto Identity and Data Protection CTO Jason Hart said: “Consumers are evidently happy to relinquish the responsibility of protecting their data to business, but are expecting it to be kept secure without any effort on their part.”

“In the face of upcoming data regulations such as GDPR, it’s now up to businesses to ensure they are forcing security protocols on their customers to keep data secure. It’s no longer enough to offer these solutions as an option. These protocols must be mandatory from the start – otherwise, businesses will face not only financial consequences but also potential legal action from consumers.”

Despite their behaviour, consumers’ security concerns are high, as two-thirds worry they will be victims of a data breach shortly.

Consequently, consumers now hold businesses accountable – if their data is stolen, 93 percent of consumers would take or consider taking legal action against the compromised business.

More than half believe that social media sites are one of the biggest threats to their data, with 20 percent fearful of travel sites – worryingly, 9 percent think no sites pose a risk to them.

A third of consumers trust banks the most with their data, despite them being frequent targets and victims of data breaches, with industry certified bodies (12 percent), device manufacturers (11 percent ) and the government (10 percent ) next on the list.

Hart said: “It’s astonishing that consumers are now putting their data at risk, by failing to use these measures, despite growing concerns around their security. It’s resulting in an alarming amount of breaches – 80 percent – being caused by weak or previously stolen credentials. Something has to change soon on both the business and consumer sides, or this is only going to get worse.”

Gemalto launches cloudy security

Ominous Clouds over Dublin CityDigital security outfit Gemalto has announced the launch of SafeNet Data Protection On Demand, a centralised cloud-based services platform which it claims will help companies to protect data, meet compliance mandates and manage the security of all their sensitive information in every location.

Gemalto executive vice president for Enterprise & Cybersecurity Sebastien Cano said that businesses are challenged by the cost and complexity of protecting data across disparate IT infrastructures and hybrid cloud environments.

SafeNet Data Protection On Demand helps solve these issues by providing a single data security-as-a-service platform that integrates easily with existing IT systems, DevOps tools and cloud services to protect wherever data is created, accessed or stored.

SafeNet Data Protection On Demand makes enterprise-grade data protection accessible to companies of all of sizes – from the smallest to the largest of enterprises. With no hardware and software to buy, configure or manage and simple pay-as-you-go pricing, companies can more cost effectively and quickly deploy data protection to secure sensitive information in any environment on demand.

The big idea is that a client can integrate security across all company IT systems and removes barriers between business and DevOps, expediting go-to-market timelines.

By tying up with Gemalto’s extensive partner ecosystem they can  integrate data security across their multi-cloud applications. The platform is designed to work with many of the most widely used IT products and technology companies such as Amazon Web Services, Dell EMC, Google, IBM, Microsoft, NetApp, Huawei, Oracle and Salesforce. In addition, customers can quickly develop and build secure higher order use cases through proprietary and third-party APIs.

Cano said: “Complexity has always been a pain point for organizations when it comes to deploying encryption and key management, and the growth of cloud computing and the Internet of Things (IoT) will only magnify this challenge.”

 

Gemalto finds bigger breaches on the rise

hqdefaultSecurity vendor Gemalto claims that more data was stolen in the first half of this year than in the entirety of 2016, but the number of reported European breaches dropped 35 percent.

According to Gemalto research, over 1.9 million data records were nicked compared to just under 1.4 million in all of 2016, representing an increase of 164 percent.

The report said that the numbers of data records pinched will grow significantly, especially as government regulations in the US, Europe and elsewhere enact laws to protect the privacy and data of their constituents by associating a monetary value to improperly securing data.

“Security is no longer a reactive measure but an expectation from companies and consumers”, the report said.

Gemalto’s research found identity theft to be the leading type of data breach, accounting for 74 percent of all breaches in the first six months of this year. The number of records exposed as a result of identity theft jumped 255 percent.

North America maintained its position as the number one attack target, making up over 86 percent of both total breaches and total records stolen.

Gemalto said that North America has always seen the most declared data breaches, but said it expects that to change once the General Data Protection Regulation comes into effect next year.

In the first of half of this year European companies reported 49 data breaches, reflecting just five percent of the global total and a decline of 35 percent on the previous six months, Gemalto said.

IT professionals have outdated view about security

galleryreconstructiondrawinghadrianswallwalltowncragsj940488Despite the increasing number of data breaches and nearly 1.4 billion data records being lost or stolen in 2016 the vast majority of IT professionals still believe perimeter security is effective at keeping unauthorised users out of their networks. However, companies are under investing in technology that adequately protects their business.

According to the findings of the fourth-annual Data Security Confidence Index released today by Gemalto businesses feel that perimeter security is keeping them safe, with most (94 percent) believing that it is quite effective at keeping unauthorized users out of their network. However, 65 percent are not extremely confident their data would be protected, should their perimeter be breached, a slight decrease on last year (69 percent). Despite this, nearly six in 10 (59 percent) organisations report that they believe all their sensitive data is secure.

Many businesses are continuing to prioritise perimeter security without realising it is largely ineffective against sophisticated cyberattacks. According to the research findings, 76 percent  said their organisation had increased investment in perimeter security technologies such as firewalls, IDPS, antivirus, content filtering and anomaly detection to protect against external attackers. Despite this investment, two thirds (68 percent) believe that unauthorised users could access their network, rendering their perimeter security ineffective.

These findings suggest a lack of confidence in the solutions used, especially when over a quarter (28 percent) of organizations have suffered perimeter security breaches in the past 12 months. The reality of the situation worsens when considering that, on average, only eight percent of data breached was encrypted.

Businesses’ confidence is further undermined by over half of respondents (55 percent) not knowing where their sensitive data is stored. In addition, over a third of businesses do not encrypt valuable information such as payment (32 percent) or customer (35 percent) data. This means that, should the data be stolen, a hacker would have full access to this information, and can use it for crimes including identify theft, financial fraud or ransomware.

Gemalto’s  , Vice President and Chief Technology Officer for Data Protection Jason Hart said that it is clear that there is a divide between organizations’ perceptions of the effectiveness of perimeter security and the reality.

“By believing that their data is already secure, businesses are failing to prioritize the measures necessary to protect their data. Businesses need to be aware that hackers are after a company’s most valuable asset – data. It’s important to focus on protecting this resource, otherwise reality will inevitably bite those that fail to do so.”

With the General Data Protection Regulation (GDPR) becoming enforceable in May 2018, businesses must understand how to comply by properly securing personal data to avoid the risk of administrative fines and reputational damage. However, over half of respondents (53 percent) say they do not believe they will be fully compliant with GDPR by May next year. With less than a year to go, businesses must begin introducing the correct security protocols in their journey to reaching GDPR compliance, including encryption, two-factor authentication and key management strategies.

Hart said, “Investing in cybersecurity has clearly become more of a focus for businesses in the last 12 months. However, what is of concern is that so few are adequately securing the most vulnerable and crucial data they hold, or even understand where it is stored. This is standing in the way of GDPR compliance, and before long the businesses that don’t improve their cybersecurity will face severe legal, financial and reputational consequences.”

 

Gemalto teams up with Enfuce in Nordic alliance

Screen-Shot-2017-03-11-at-6.59.36-PMDigital security Gemalto has signed a deal with the Finnish-based financial services provider Enfuce.

The idea is to offer enterprises a rapid and cost-efficient deployment of convenient and strong customer authentication using mobile devices.

Enfuce has launched its cloud-based ‘authentication as a service’ solution, designed to make it simple for financial institutions, retailers and fintechs to secure their mobile applications.

It is built on Gemalto’s Mobile Protector Software Development Kit (SDK) and Confirm Authentication Server (CAS).  Users can decide to be authenticated for the transactions using a PIN code, fingerprint or facial recognition,

Using its Mobile Protector SDK, Enfuce’s customers can deploy secured mobile applications in a matter of weeks, helping them to comply with PSD2 banking regulations.

Gemalto Mobile Protector SDK provides Enfuce’s customers with APIs, needed to embed security into their mobile applications, without requiring developers to master security principles.

Initially targeting the Nordics, where it has already been sold, Enfuce plans to extend the service across Europe.

Enfuce CEO for Monika Liikamaa said: “The introduction of this ground-breaking ‘authentication as a service’ solution reflects our commitment to enable profound changes in the payment industry. By combining our extensive knowledge of the financial sector with Gemalto’s authentication capabilities, we can offer a ‘plug and play’ service that leaves clients free to focus on core activities.”

Gemalto gives Mercs smartphone keys

4550a36b2d1a5bc005e1abbfeafa461cDigital security outfit Gemalto is providing its Trusted Services Hub (TSH) to support Daimler AG’s new smartphone-based ‘digital vehicle key’ for the Mercedes-Benz E-Class range.

The premium car maker’s “innovative solution” gives drivers the freedom to lock/unlock and start their vehicles using their NFC smartphone. Gemalto’s TSH enables seamless and secure over-the-air deployment of the digital keys to any type of phone that supports the solution.

Drivers can lock/unlock their cars by simply placing the smartphone against the door handle. The engine can also be turned on with the phone in the charging tray of the dashboard and pressing the start button. It works even if the phone battery is drained and means you don’t need keys – unless your phone is out of battery, or stolen.

The Secure Element is a tamper resistant hardware platform, capable of securely hosting applications and storing confidential and cryptographic data. It can be found in a SIM provided by a Mobile Network Operator and/or an eSE (embedded Secure Element) built into phone handset by OEMs, the company claims.

The idea is part of the ‘Mercedes me connect’ programme.

Christine Caviglioli, vice president New Mobility Solutions at Gemalto said that digitalisation demands that companies harness their expertise to make friends and influence people with all stakeholders within the connected car ecosystems.

“For Daimler AG, this aim is supported by our solutions, which enable it to offer customers innovative services through their preferred device, without compromising security.”

Gemalto suffers from poor US sales

USmilitaryOUTSecurity outfit  Gemalto expects its revenue for first quarter to be lower by seven percent to nine percent at constant exchange rates compared to the same period of 2016. This is mainly due to lower than expected Payment business revenue in the United States.

The Gemalto Payment business revenue for the full year 2017 is estimated to be around €100 million lower than its initial expectation. This update primarily reflects a double digit decline in its assumption for the payment cards total available market in the United States due to EMV card inventory levels at its customers in the first semester. This situation also leads to a lower contribution from personalization services.

Looking ahead, taking into account the first quarter trend, Gemalto now expects its 2017 profit from operations outlook to be at a similar level to 2016. Gemalto is currently reviewing its action plan to minimize the impact.

The company will provide further details when it publishes its first quarter revenue on April 28, 2017.

Customers will blame companies for data breaches

affiche.Blame.51335Customers believe that outfits who hold their data are responsible for any data breaches and will not see themselves as responsible in anyway.

A new report created by digital security outfit Gemalto said that customers put any responsibility for protecting their personal data firmly at the hands of the organizations holding their data – and not themselves.

Of the 9,000 customers surveyed worldwide, 70 percent of the responsibility for protecting and securing customer data lies with companies and only 30 percent of the responsibility with themselves.

Less than a third of customers believe companies are taking protection of their personal data very seriously. This comes as customers are becoming increasingly fearful of their data being stolen, with 58 percent believing it will happen to them in the future. More than 4.8 billion data records have been exposed since 2013 with identity theft being the leading type of data breach accounting for 64 percent of all data breaches.

Despite becoming more aware of the threats posed to them online, only one in ten believe there are no apps or websites out there that pose the greatest risk to them and consumers are not changing behavior as a result:

• 80 per cent use social media, despite 59 percent believing these networks pose a great risk
• 87 per cent use online or mobile banking, with 34 percent believing they leave them vulnerable to cybercriminals
• Consumers are also more likely to shop online during busy commercial periods such as Black Friday and Christmas (2 percent increase online versus -2 per cent decrease in store), despite 21 percent admitting
the threat of cybercrime increases a lot during these periods

Nearly 60 per cent believe they will be a victim of a breach at some point, and organizations need to be prepared for the loss of business such incidents may cause. Most consumers who currently use the following, say they would stop using a retailer (60 per cent), bank (58 percent) or social media site (56 percent) if it suffered a breach, while 66 per cent say they would be unlikely to do business with an organisation that experienced a breach where their financial and sensitive information was stolen.

The lack of consumer confidence could be due to the lack of strong security measures being implemented by businesses. Within online banking, passwords are still the most common authentication methods – used by 84 per cent for online and 82 per cent for mobile banking, and more advanced transaction security the next highest for both. Solutions like two-factor authentication (43 per cent online and 42 per cent mobile) and data encryption (31 percent online and 27 percent mobile) trail behind.

Similar results can be seen in both the retail space, with only 25 percent of respondents that use online retail accounts claiming two-factor authentication is used on all their apps and websites, and in social media, with only 21 percent using the authentication for all platforms. Only 16 per cent of all respondents admitted to having a complete understanding of what data encryption is and does.

Jason Hart, CTO, Data Protection at Gemalto said that customers have clearly made the decision that they are prepared to take risks when it comes to their security, but should anything go wrong they put the blame with the business.

“The modern-day consumer is all about convenience and they expect businesses to provide this, while also keeping their data safe. With the impending threats of consumers taking legal action against companies, an education process is clearly needed to show consumers the steps they are taking to protect their data. Implementing and educating about advanced protocols like two-factor authentication and encryption solutions, should show consumers that the protection of their personal data is being taken very seriously.”

Security breaches are the kiss of death for companies

wargames-hackerCustomers are walking away from companies who have experienced a data loss due to hacking, according to a new survey.

Data security outfit Gemalto said that more than 64 per cent of consumers surveyed worldwide say they are unlikely to shop or do business again with a company that had experienced a breach where financial information was stolen.

Almost half – 49 per cent – had the same opinion when it came to data breaches where personal information was stolen.

Gemalto surveyed 5,750 consumers in Australia, Brazil, France, Germany, Japan, United Kingdom and United States.

It found that 60 percent of consumers thought that threats to their personal information increases during the festive season, and nearly 20 percent believe that they are likely to be a victim of a breach during the holiday season.

Only a quarter of all respondents feel that companies take the protection and security of customer data very seriously. More than twice as many respondents feel that the responsibility of protecting and securing customer data falls on the company (69 percent) versus the customer (31 percent). Of the employed respondents, only around two fifths (38 percent) feel that their employer takes the protection and security of employee data seriously.

A third of respondents have already been affected by data breach in the past. Around 40 percent were though visiting a fraudulent website (42 percent), phishing attacks (40 percent) or clicking a fraudulent web link (37 percent).

The survey found that customers were getting increasingly impatient with breached companies.

Around a quarter who have been a victim of a data breach, either have, or would, consider taking legal action against the breached company involved in exposing their personal information. Almost half of respondents said they would take or would consider taking legal action against any of the parties involved in exposing their personal information.

British and US spooks stole SIM card keys

james_bond_movie_poster_006Spies from the US and the UK hacked into the internal computer network of the largest manufacturer of SIM cards in the world and stole encryption keys used to protect the privacy of mobile phones.

According to the latest release from the Edward Snowden cache, the hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ.

It all happened in 2010 when GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s mobiles, including both voice and data.

Gemalto, a multinational firm incorporated in the Netherlands, makes chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world.

It makes two billion SIM cards a year and with the stolen encryption keys, intelligence agencies could monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments.

British spies mined the private communications of unwitting engineers and other company employees in multiple countries.

Apparently, Gemalto did not notice and still cannot work out how it was done.

According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ access.