Skip to main content

< Update - History, Current Status and Future Scenarios of Expanded Password System >

The concept of Expanded Password System first came up in 2000. It was followed by the prototyping in 2001 and the commercial implementations from 2003. Over the period of 2003 to 2008, the business was successful, with commercial adoptions amounting to over US$1 million.

It then ceased to grow as people were more and more carried away by the myths of biometrics and ‘password-less’ authentication which the advocates alleged would kill the passwords altogether. We knew that their allegations were false but people would not listen to our small voice. We opted to get out of Japan where biometrics people were overwhelmingly dominant.

Now, we have not a few friends and supporters globally.  In 2019 we saw the publication of our article by Taylor & Francis and the selection of our proposition as a finalist for “FDATA Global Open Finance Summit & Awards 2019”.

We will be able to come up with the commercial products for the global market just easily and quickly with a relatively small budget because the practicability-proven algorithms are already here.

Click the link for the full text.


Comments

Popular posts from this blog

Probabilistic Is Human Body, Not Pattern-Matching Algorithm

The probabilistic nature of biometrics comes from the unpredictably variable body features of living animals rather than imperfect algorithms of pattern matching; perfection of pattern matching algorithm would not affect the probabilistic nature of biometrics. Biometrics that measures the probabilistic body features does not escape False Rejection/False Non-Match/False Negative that inevitably comes with False Acceptance/False Match/False Positive.   Since it cannot escape FR/FNM/FN, biometrics cannot escape the dependence on a fallback measure, a default password/pincode in most cases, which brings the security to the level lower than a password/pincode-only authentication. And yet, so many people who need higher security are spending so much money for bringing security down. Click the link for more - https://www.linkedin.com/pulse/negative-security-effect-biometrics-deployed-hitoshi-kokumai/

Expanded Password System to Complement FIDO2

2 is larger than 1 but is not necessarily stronger than 1, as two children could be overwhelmed by a grown-up. For a two-factor authentication to be really reliable, each factor should be reasonably secure and usable enough. On the other hand, ‘password-less’ authentication, however attractive it might sound, would only benefit bad guys as examined in the link page - https://www.linkedin.com/pulse/removal-passwords-its-security-effect-hitoshi-kokumai/ People who offer a token as 'a factor' of two factor authentication schemes could all be viewed as our potential down-stream partners. Among them are the people who offer FIDO2-compatible solutions. Put together, we could come up with the two-factor authentications that are much more reliable than otherwise.

Robust 2-Channel Authentication

2 is larger than 1, but not necessarily stronger than 1. https://www.theregister.com/2020/07/20/twitter_security_update_hackers_broke_2fa/ By bringing in the concept of Expanded Password System, we are able to protect important accounts more reliably than conventional 2-factor/step authentications as outlined here – “Advanced Persistent Threats in Digital Identity” https://www.linkedin.com/pulse/advanced-persistent-threats-digital-identity-hitoshi-kokumai/ This is not a hypothesis. It has been quietly but effectively deployed since 2014 for a security-centric corporate network by 1,200 employees.   Needless to say, asymmetric cryptography could be additionally incorporated for yet higher security where needed.