"Our two-factor authentication technology based on the Advanced Encryption Standard provides a robust security solution with no learning curve," said Diego Ortiz-Yepes, a mobile security scientist at IBM Research.
The user simply holds the contactless smartcard next to the NFC reader of the mobile device and after keying in their PIN, a one-time code would be generated by the card and sent to the server by the mobile device.
The IBM technology is based on end-to-end encryption between the smartcard and the server using the National Institute of Standards & Technology (NIST) AES (Advanced Encryption Standard) scheme. Current technologies on the market require users to carry an additional device, such as a random password generator, which is less convenient and in some instances less secure.
The technology, which is available today for any NFC-enabled Android 4.0 device, is based on IBM Worklight, a mobile application platform that is part of the IBM MobileFirst portfolio. Future updates will include additional NFC-enabled devices based on market trends.