Article posted: Jun 20, 2018
We interviewed Longmai COO Allen Liang for our reoccurring partner blog series. Longmai is one of the leading digital security device vendors in China and Versasec just announced its support for Longmai's mToken: https://versasec.com/docs/2018.06.20-Longmai.php. In our discussion, Allen talks about the growing use of two-factor authentication in China, standard encryption algorithm support and the changing identity and access management (IAM) landscape.
1. Where does Longmai see the strongest growth in two-factor authentication over the next two years? Please discuss in terms of regions, verticals and size of customer organizations.
Longmai continues enhancing the research and development of two-factor authentication products. From my point of view, the encryption algorithm will be an important part of the growth in two-factor authentication in the next two years. The encryption algorithm that Longmai mToken supports started from RSA1024 to RSA2048 today, and will be escalated to RSA4096. Different regions and organizations have different standards regarding product security systems. Longmai will continue to work with cybersecurity labs and security evaluation agencies in different regions to make sure Longmai's products can meet their safety standards and local market demands.
2. What's the main reason that more and more organizations are choosing to deploy IAM solutions?
There are several information security terms in addition to IAM. GAA(Generic Authentication Architecture) is a generic architecture which provides a generic authentication mechanism that can control access to new services by using the mobile authentication infrastructure used by users when they access the mobile network. MFA(Multifactor Authentication) is multi-factor security identity authentication with what you know, have and hold and it can be implemented through the technology of unique device authentication, terminal security, identification, and authentication protocols and more. IPA (Intelligent Portrait Authentication) is based on massive data, and uses the technology of stream analysis, data mining and machine learning, and builds intelligent real-time identity models to implement implicit authentication.
The reason that more and more organizations are choosing to deploy IAM solutions is to solve the above problems more conveniently. In other words, we describe the requirements of enterprises as IDaas, which solves the problems of enterprise users such as "multiple accounts, complicated authentication, and complex permission assignment," and provides secure, convenient, and manageable ID services.
3. Ideally, how would you like to see the user presence part of multifactor authentication handled? Can we replace the PIN codes with something as secure and yet cost efficient?
A. There is no standard answer for this question. For Longmai, we will analyze and make strategies based on the actual environments of our customers. For now, we think multiple factor and biometric technologies are good replacements of PIN codes.
4. What do you believe is the biggest selling point of an IAM system built with vSEC:CMS? -Does ease of use, deployment and high level of security play a big role?
This depends on the requirements of customers' businesses. But yes, ease of use and security play big roles and are also the biggest selling points.
5. How and why will the multifactor authentication market grow in Asia-Pacific?
Information and cyber security belong at the strategic level for each country. Nowadays, Asia-Pacific countries increasingly focus on network information security, so the multifactor authentication market will keep growing in this area.
6. Why are USB tokens a good alternative to smartcards?
USB tokens don't require card readers like smartcards do, which makes them more convenient and cost-effective to deploy.