by Klaus Schmeh | Apr 16, 2020 | Products
Retailers and restaurateurs need to upgrade. The Kassensicherungsverordnung (KassenSichV) [Cash Register Security Ordinance] requires them to equip their cash registers with cryptographic security mechanisms that prevent tax fraud. The focus here is on a so-called Technical Security Device (TSE), a security module that must be certified according to the specifications of the German Federal Office for Information Security (BSI). A TSE must be used in every cash register, whereby the technical details are regulated in standard TR-03153.
cryptovision, which has specialised in crypto solutions for two decades, has completely developed an innovative TSE module on behalf of Bundesdruckerei and its subsidiary D-TRUST. A few days ago, this product received the required certificate from BSI. Now nothing stands in the way of its use in supermarkets, restaurants or furniture stores.
The primary goal in the multi-year design process was to develop not only a secure and legally compliant TSE solution, but above all one that is suitable for everyday use. No retailer will tolerate that a cash register that he uses dozens of times a day is suddenly more cumbersome to operate. Against this background, cryptovision and Bundesdruckerei decided to implement a microSD card, as known from digital cameras for example. With a size of less than two square centimetres, such a card can be integrated into small (mobile) POS systems without any problems. It can also be used on a server.
As the only solution on the German market, the TSE developed by cryptovision uses the latest chip generation with the card operating system JCOP 4 from NXP. All security-relevant functions are stored centrally on this chip – this increases not only security but also the future viability of the TSE. The product enables up to four transactions per second, with a lifetime that can be set at up to 20 million transactions. The solution can be accessed via several interfaces (C-API, JAVA-API or transport layer), which makes integration by manufacturers of POS systems easy.
“With our TSE product, we have once again succeeded in meeting high security requirements and legal regulations in a solution that is suitable for everyday use,” says Markus Hoffmeister, CEO of cryptovision, happily. “Our long-standing partnerships with NXP, Bundesdruckerei and D-TRUST were a great advantage in this respect”.
For Hoffmeister, the legally required protection of cash registers is only the beginning of a development that will also result in the protection of numerous other technical devices: “The future belongs to the Internet of Things (IoT). From electricity meters to cars to refrigerators, there is hardly anything that will not be connected to a communication network at some point in the future. Security will play a central role in this.” cryptovision is prepared for this. The Jacolyn CSP security solution, which forms the core of the certified TSE product, is not only suitable for cash registers. It can be used in many IoT applications in the future.
Additional links:
Press release by Bundesdruckerei (German): https://www.bundesdruckerei.de/de/Newsroom/Pressemitteilungen/Digitale-Kassendaten-vor-Manipulationen-schuetzen
Website about cryptovision’s TSE solution: https://www.cryptovision.com/en/solutions/iot-and-industry/fiscalization-solutions
by Klaus Schmeh | Apr 2, 2020 | Event
The SecIT 2020 in Hanover was to become a real highlight for cryptovision. Klaus Schmeh, Chief Editor Marketing at the Gelsenkirchen-based specialist for cryptography and electronic identities, was booked for a lecture, where he was to be on stage together with Bruce Schneier. Schneier is considered the most famous cryptologist in the world.
But then came the corona crisis, and with SecIT 2020 Schmeh’s joint appearance with the prominent partner fell through. At least, the organizers reacted quickly and converted the conference into an online event, which took place a few days later. The agenda was reduced, with both Schmeh and Schneier retaining their presentations. On 30 and 31 March, the virtual SecIT finally took place. Klaus gave a video conference on quantum cryptography before Schneier spoke live from the USA about Incedent Response. Though a virtual lecture was an unusual experience because of the lack of personal contact with the audience, Klaus’s engaging presentation style and his popular comic slides once again did their job. In the online forum it was quickly agreed: the experiment was a success, but even the best online event cannot replace a face-to-face gathering.
SecIT website: https://sec-it.heise.de/
by Klaus Schmeh | Mar 19, 2020 | General
“I’m at the home office right now.” As good as everyone has heard that phrase several times over the last few days. No wonder, because in the times of the coronavirus, working from home is as much a part of everyday life for many people as breathing masks and empty supermarket shelves. According to the German industry association Bitkom, one in three professionals in Germany is currently working in a home office for the first time, while for 43 percent, existing homework regulations have been extended.
Inevitably, the issue of security now comes into focus, because remote access should of course only be available to authorized employees of a company, and not to hackers.
Centrally managed company laptops or tablet PCs protected by endpoint security measures can usually be securely integrated into the corporate network using a virtual private network (VPN) enhanced with two-factor authentication (e.g. with a company ID). However, if a company has not yet implemented an endpoint security concept, a VPN is not sufficient. Instead, a sealed-off VDI (Virtual Desktop Infrastructure) is necessary, as it can be implemented on the server side with solutions from VMware, Citrix or Microsoft.
On the user side, both a fat client (for example via RemoteApp/RemoteDesktop) and a thin client can be used. A product bundle cryptovision offers together with partners such as IGEL, IBM or genua is best suited for this purpose. In such a solution, cryptovision’s smart credential middleware SCinterface is integrated, so that the user can log on in the home office with a secure two-factor authentication and does not become a security risk (think of phishing or attacks on the client system). Since SCinterface supports all common cards and security tokens, a company can also use existing Smart Credentials for the home office VDI.
You want to know more about cryptovision’s solutions for the secure home office? Our colleagues will be happy to advise you.
SCinterface website: https://www.cryptovision.com/en/products/secure-token-integration/sc-interface/
by Klaus Schmeh | Mar 13, 2020 | Event
It is with great regret that we have to announce the cancellation of this year’s Mindshare Conference. In the current situation, due to local restrictions as well as our own assessment, it is not possible to have our annual event in Gelsenkirchen. We very much care for our customers, partners and friends and want to make sure you are all staying safe. We are looking forward to meeting you next year in Gelsenkirchen. To get the latest information on Mindshare 2021 please subscribe to our newsletter.
Mindshare website: https://www.cryptovision.com/en/mindshare-2020/
by Klaus Schmeh | Mar 3, 2020 | Event, General Conferences, Webnews
“The program committee was blown away by your Powerpoint slides”, said a member of the organizing team at RSA 2020 to cryptovision’s Klaus Schmeh. As one of very few Germans, Klaus was chosen to give a presentation at the conference part of the event, which represents the world’s largest crypto gathering with over 45,000 attendees. Titled “Understanding and Explaining Post-Quantum Crypto with Cartoons”, the talk introduced the main post-quantum crypto algorithms with every slide showing a cartoon. Over 200 people in the audience proved as blown away by the presentation as the program committee.
cryptovision’s Adam Ross gave a talk, too. At the German-American IT Security Forum, hosted by the German industry association, TeleTrusT, he spoke about “Securing the Internet of Things – Embedded Security Made in Germany”.
Along with their co-worker Lutz Feldhege, Adam and Klaus ran a booth at the German pavilion of the exhibition part of RSA 2020, showcasing cryptovision products such as the smart credential middleware SCinterface and the PKI solution CAmelot. With about 600 booths, RSA once again qualified as the largest crypto exhibition in the world. Cryptovision is proud to have been a part of this great event.
Event website: https://www.rsaconference.com/events/us20