atsec tests Pierson MIIKOO cryptographic algorithms
2009-07-15Beijing China – Recently, atsec information security tested the cryptographic algorithms implemented by Pierson Capital Technology in its MIIKOO product. Testing included two FIPS Approved cryptographic algorithms validated under the Cryptographic Algorithm Validation Program (CAVP) by the U.S. National Institute of Standards and Technology (NIST), and also another two non-FIPS Approved cryptographic algorithms — HOTP and CRC-32. atsec performed source code review and independent testing on the two algorithms.
The NIST certification validates that the algorithms in the MIIKOO have been implemented correctly. Frank Psaila, CTO of Pierson Capital, notes: “Our commitment and expertise to provide a secure environment for our clients has been the best driver to get us through this certification process. We at PCT believed in this product from its conception and four years later we're getting back the results of all our efforts.”
Cryptographic algorithm validation is a prerequisite for testing a cryptographic module’s conformance to the FIPS 140-2 standard. All of the NIST Approved algorithm tests must be conducted by third-party laboratories that are accredited as Cryptographic and Security Testing (CST) laboratories. atsec information security, an accredited CST laboratory, was a natural choice for Pierson, as atsec has a great deal of global experience in information security evaluation and testing of IT products. Steve Weingart, atsec principal consultant and tester for this project, notes: “By going through the process of independent testing and validation of their cryptographic implementations, Pierson has shown that they are committed to meeting a higher quality and interoperability standard for their products.”
The certificate numbers, product information and vendor information can be found on the Validation List pages of the CAVP’s official website at http://csrc.nist.gov/groups/STM/cavp/validation.html.
About atsec information security
atsec information security is an independent, standards-based information technology security services company that combines a business-oriented approach to information security with in-depth technical knowledge and global experience. atsec was founded in Munich (Germany) in 2000 and has extensive international operations with offices in the U.S., Germany, Sweden and China.
atsec offers evaluation and testing services leading to formal certification for IT security including evaluation under Common Criteria schemes in the U.S., Germany, and Sweden; cryptographic module and algorithm testing under the Cryptographic Module Validation Program of the National Institute of Standards and Technology (NIST) in the U.S. and Communications Security Establishment Canada (CSEC) in Canada; and compliance validation to the Payment Card Industry (PCI) Data Security Standard.
atsec also offers secure code review, ISO/IEC 27001 ISMS consulting, and penetration testing and scanning services.
atsec works with leading global companies such as IBM, Apple, Microsoft, Hewlett-Packard, Oracle, Cray, BMW, SGI, Vodafone, Swisscom, RWE, and Wincor-Nixdorf.
About Pierson Capital
Established over four continents, the Pierson Capital Group is an international, privately-held entity that focuses on developing businesses in the World's fast growing emerging markets. Pierson Capital Technology is an important component of the group and serves as its technology division, overseeing and managing the groups’ technological projects.
We primarily serve as strategic advisors to our clients, providing them with valuable insight in structuring, financing and implementing customer-tailored projects in a highly competitive, multicultural and sophisticated geopolitical environment. With our task force of experts in technology design and financial engineering, our core business consists in leveraging strong strategic alliances with financial institutes and conglomerates for the design and long term financing of major infrastructure programs.
Pierson Capital Technology is also actively engaged as advisor, promoter and an investor in various lucrative projects in a variety of fields such as high technology start-ups, security and banking. MIIKOO System is Pierson Capital Technology's main project, and is the result of years of research and development conducted by the company in order to provide a unique and unparalleled identity recognition services for industries such as banking, insurance and health care where identity theft is a major risk. MIIKOO System provides a state of the art, fully integrated, 4-Factor Authentication platform that could be implemented into these industries current systems without changing the industry infrastructure itself.
