Operations
9/22/2016
01:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Lenovo, Intel, Paypal And Synaptics Announce Collaboration To Bring Fido Authentication To Laptops

ENOVO, INTEL, PAYPAL AND SYNAPTICS REVEAL COLLABORATION TO BRING A SIMPLE AND SAFE ONLINE AUTHENTICATION TO PCS WITH THE INDUSTRY'S FIRST FIDO-ENABLED EMBEDDED FINGERPRINT SOLUTION.

RESEARCH TRIANGLE PARK, North Carolina – September 23, 2016 – Lenovo (HKSE: 992) (ADR: LNVGY), Intel, Synaptics and PayPal revealed a collaborative effort today to bring simple and safe authentication experiences to enterprise and consumer use cases today. The collaboration will enable Lenovo customers to be able to authenticate to online FIDO-enabled services like PayPal by using a fingerprint instead of a password.

This innovative biometric authentication system for PCs will implement current FIDO standards, bringing established FIDO biometric authentication capabilities to the PC. Though verifying identity has long been the domain of passwords, they have become less safe to use without security factors in today’s digital world. 

The 7th Gen Intel Core processors with Intel Software Guard Extensions (SGX) lay the groundwork for robust, hardware-protected biometric authentication securing users’ FIDO credentials and biometric information. The Synaptics Natural ID™ fingerprint sensor features enterprise-level security with TLS 1.2 encryption. Synaptics’ Natural ID Fingerprint Solution is secured by SentryPoint™ features, including TLS 1.2 encryption and anti-spoofing algorithms. PayPal leverages its unique authentication ecosystem to continue making payments more secure and convenient.

The goal? Reduce fraud and increase security, while making online authentication nearly frictionless with biometrics secured by built-in, hardware-level protection.

As the use cases for Internet-connected devices grows at the enterprise and consumer level, there is a critical need for highly secure, but unobtrusive methods for protecting identities, data and machines. Lenovo and Intel’s shared hardware expertise allows for a unified, built-in security architecture that's more secure, private and hassle free. Likewise PayPal brings its authentication expertise and Synaptics their biometrics knowledge to deliver a much needed alternative solution to the password problem.

Lenovo Quote
“The average user has to remember passwords for many different accounts, from PC log-in, email to online shopping. We wanted to help change that by freeing users from the burden of remembering complex passwords by providing a simple authentication solution,” said Johnson Jia, senior vice president, PC & Smart Device Business Group, Lenovo.  “We’re excited to be the first PC company to partner with Intel, PayPal and Synaptics to bring users simpler and safer online authentication based on the released FIDO standards, through fingerprint readers designed for improved security on our laptops starting with the Yoga 910 convertible.”

Synaptics Natural ID Fingerprint Solution and Quote
The Synaptics Natural ID fingerprint sensor solution combines enterprise-level security with design flexibility. OEMs can select from a wide range of Synaptics SentryPoint features, such as match-in-sensor, TLS 1.2 encryption and anti-spoofing algorithms, to enable robust, biometric authentication for device unlock and online transactions.
 
“Today’s notebook and PC users want solutions that are safer and more convenient for online transactions,” said Godfrey Cheng, vice president of marketing, Human Interface Systems Division, Synaptics. “Together with our ecosystem partners, we’re deploying strong security architectures to protect user identity and accelerating the adoption of biometric authentication solutions worldwide.”

PayPal Quote
“In an ongoing effort to enhance security in the financial services industry, we are working with Intel and Lenovo on a FIDO authentication solution which enables biometric authentication for Personal Computers,” said Bill Scott, vice president, Identity Product and Engineering at PayPal. “Security has always been a priority for PayPal, and we are committed to offering our customers secure, password-less authentication options leveraging FIDO standards.”

Intel Quote
 “Intel continues to drive innovation to simplify and secure the computing experience,” said Navin Shenoy, general manager of the Client Computing Group, Intel. “We are excited about the close collaboration between Intel, Lenovo, PayPal and Synaptics using the new 7th Gen Intel Core processors to bring secure payments via biometric authentication to the PC.”

FIDO Alliance Quote
“I commend Intel, Lenovo, Synaptics and PayPal, all FIDO Alliance board members, for partnering to FIDO-enable biometric authentication on the desktop,” saidBrett McDowell, executive director of the FIDO Alliance. “Passwords are a universal problem that is not limited to mobile devices.  Every internet connected device needs the ability to upgrade to simpler, stronger FIDO authentication and thanks to this partnership, the desktop ecosystem is on an accelerated path to get the same FIDO capabilities already well established across the mobile ecosystem.”

Hardware-based Protection
Secure password-less sign on requires strong authentication that is ideally rooted in the hardware. Lenovo PCs using Natural ID and Intel Core processors achieve this by quickly and securely capturing user credentials, which are encrypted and stored in the hardware, making them less susceptible to malware attacks.

Sign In With Your Fingertip
We’re making signing in simpler and safer on a PC. Though all the user has to do is touch the fingerprint reader, sophisticated technology is at work protecting the sensitive credentials. Each login is wrapped in three layers of protection designed so that neither the user’s fingerprint information nor their FIDO credentials, ever leave their device: built-in hardware security, a secure device ID, and FIDO-compliant biometric authentication.

About Lenovo
Lenovo (HKSE: 992) (ADR: LNVGY) is a $45 billion global Fortune 500 company and a leader in providing innovative consumer, commercial, and enterprise technology. Our portfolio of high-quality, secure products and services covers PCs (including the legendary Think and multimode Yoga brands), workstations, servers, storage, smart TVs and a family of mobile products like smartphones (including the Moto brand), tablets and apps. Join us on LinkedIn, follow us onFacebook or Twitter (@Lenovo) or visit us at www.lenovo.com.
LENOVO is a trademark of Lenovo. INTEL and INTEL CORE are trademarks of Intel Corporation. PAYPAL is a trademark of PayPal, Inc. SYNAPTICS, NATURAL ID and SENTRYPOINT are trademarks of Synaptics Incorporated. FIDO is a trademark of FIDO Alliance, Inc. All other trademarks are the property of their respective owners. ©2016, Lenovo Group Limited.

Press Contacts
Lenovo: Wendy Fung at [email protected]
Intel: Scott Massey at [email protected]
Synaptics: David Hurd at [email protected]
PayPal: Sarah Tolle at [email protected]
FIDO: Megan Shamas at [email protected]
 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
BlueBorne Attack Highlights Flaws in Linux, IoT Security
Kelly Sheridan, Associate Editor, Dark Reading,  12/14/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.