Green Armor: M.I.T.-Harvard Research Paper Underscores the Importance of Leveraging Psychology in the Design of Online Authentication Systems
Report Describes Ineffectiveness of Popular Authentication System Resulting From Failure to Adequately Address Human-Factors Issues
February 7, 2007 - Hackensack, NJ - Green Armor Solutions today noted that a research paper published on Sunday by researchers at M.I.T. and Harvard underscores the importance of Green Armor’s long-held claim that leveraging psychology in the design of a website-authentication system is critical in order to ensure the long-term effectiveness of the system.
The study, The Emperor’s New Security Indicators, describes the failure of a popular site-authentication system to adequately protect online banking users from phishing and Internet fraud during studies run by researchers last year.
Many of the concerns and tests described in the M.I.T.-Harvard paper were previously discussed and conducted in research performed by Green Armor Solutions’ founder Shira Rubinoff in 2004 and 2005, and much of the integral design of Green Armor’s Identity Cues series of products was created specifically to address issues such as those discussed in the M.I.T.-Harvard research.
“As described in the M.I.T.-Harvard study, and as published in Green Armor’s research findings, site-authentication vulnerabilities often stem from human weaknesses, not technological deficiencies,” noted Shira Rubinoff, Founder and President of Green Armor Solutions. “By properly leveraging psychology in the design of a product we can create authentication offerings that are more effective and more secure than the one discussed in the M.I.T.-Harvard report.”
Green Armor’s site-authentication technology, for example, offers numerous advantages over the system tested in the M.I.T.-Harvard study. Psychologically-sound visual cues are used to prove site authenticity instead of images (which are problematic for numerous reasons as described in the research reports authored by M.I.T.-Harvard and Green Armor). Green Armor’s patent-pending medium for achieving site authentication without requiring users to enroll or to undergo a multi-step login process, as well as its multiple defenses against man-in-the-middle attacks, are also important differentiators.
In addition, as opposed to the system mentioned in the study, the Green Armor system does not require the use of challenge questions, and, therefore, does not increase risks of Identity Theft by conditioning users to answer sensitive challenge questions over the Internet before they know the identity of the party asking the questions.
Furthermore, both Green Armor’s white paper (describing its research findings) and the M.I.T.-Harvard study discuss the problem of users not consciously paying attention to images used for site authentication; while such a phenomenon is a critical problem for most site-authentication systems, Green Armor’s technology utilizes several significant patent-pending design elements to help address this issue, and remains effective even if users do not make an active effort to check site validity.
More information about Green Armor Solutions and its Identity Cues series of authentication products which leverage psychology to deliver maximum security with maximum convenience can be found on the Green Armor Solutions web site at: http://www.greenarmor.com/ .
About Green Armor Solutions Inc.
Green Armor Solutions offers innovative solutions to information-security challenges facing today's businesses. Its Identity Cues series of products (all patent-pending) leverage a unique blend of psychology and technology to help deliver maximum security with maximum user convenience. They provide strong two-factor authentication (exceeding FFIEC and NCUA guidelines) as well as effective site authentication (mutual authentication) that protects against phishing, pharming, and online fraud, while allowing users to continue to enjoy the simple, comfortable user experience with which they are already familiar. Identity Cues products can help companies address security and privacy requirements as part of compliance initiatives for FFIEC/NCUA Authentication, HIPAA, and GLBA.
Note: Green Armor Solutions Inc. does not update the contents of its press releases after the releases have been issued. As a result, information in a particular press release may not be accurate if read at a point in time subsequent to the initial release. Furthermore, to the extent that any press release
contains information that is not historical fact, that information
should be considered opinion or forward-looking.