Glossary Terms of info security terms
2FA (Two-Factor Authentication)
3FF (3rd Form Factor)
A very small SIM card, also known as micro-SIM, for use in small mobile device.
3G or 3rd generation mobile telecommunications is a generation of standards for mobile phones and mobile telecommunication services fulfilling the International Mobile Telecommunications-2000 (IMT-2000) specifications by the International Telecommunication Union. Application services include wide-area wireless voice telephone, mobile Internet access, video calls and mobile TV, all in a mobile environment. To meet the IMT-2000 standards, a system is required to provide peak data rates of at least 200 kbit/s. Recent 3G releases, often denoted 3.5G and 3.75G, also provide mobile broadband access of several Mbit/s to smartphones and mobile modems in laptop computers.
Fourth generation of cellular wireless standards; often used to describe operators’ network offerings
3G (Third Generation)
The broadband telecommunications systems that combine high speed voice, data and multimedia.
3GPP (3G Partnership Project)
A industry group that aims to produce specifications for a 3G system based on GSM Networks.
Method of verifying the accuracy and legitimacy of the credentials provided to the SensorLogic Service Delivery Platform
Automatic Border Control
The use of an Automated gate in lieu of a one-to-one meeting between the Traveller and an Immigration Officer.
The objective of deploying Automatic Border Control is to automate the process for a large percentage of the Traveler’s flow and to allow the Immigration Officers personnel to perform face-to-face control on identified targets.
Techniques and solutions to grant or deny access to a given user for a given digital service.
Consumers are very familiar with Username/Password as a basic access control technique for popular web services such as web mails or eMerchants web sites.
Security sensitive services such as Payment or eGov are often deploying more robust access control techniques, usually relying on Secure Elements, Smart Cards being one example.
On a technical level it is a configurable network identifier used by a mobile device when connecting to a GSM carrier. The carrier will then examine this identifier to determine what type of network connection should be created, for example: what IP addresses should be assigned to the wireless device, what security methods should be used, and how/or if, it should be connected to some private customer network.
A collection of data set so large and complex that they are difficult to process with traditional applications.
The term “big data” is commonly used to present new analytical applications leveraging on the power of very large amounts of data sets.
A typical example is CRM (Customer Relationship Management) whereby the analysis of large amounts of past data can provide tools to improve sales forecasts, stocks management, marketing trends and customer behaviors.
Data Analysis is foreseen as an opportunity to monetize such “big data” by improving business intelligence.
Human attributes that are unique to one given individual and can be digitalize to then be compared with a stored reference.
The use of biometrics data such as finger prints can be used for security services such as access control, data encryption or digital signature The challenge of Biometry is to enroll then securely store the reference data for each individual.
Smart Card solutions offer match-on-card applications, removing the need for an online verification via a central database.
A short range wireless technology that simplifies communication and synchronization between the internet, devices and other computers.
Bluetooth is commonly used for consumers electronics devices such as, for example, headsets for cell phones or MP3 players.
Bluetooth requires first the user to establish a pairing between two devices. Once this pairing is establish, a fast wireless data exchange between the two devices can happen.
Everything about the standard at http://www.bluetooth.com/
Bot (Internet bot)
A type of computer program designed to do automated tasks.
The act of controlling Travelers identities and visas when entering a given country (Airports, Sea-ports or roads)
Common Access Card: a US Department of Defense smart card issued as standard physical and network identification for military and other personnel.
Learn more about the DoD Common Access Card
CDMA (code Division Multiple Access)
A wireless communications technology that uses the spread spectrum communication to provide increased bandwidth.
Computing by using servers, storage and applications that are accessed via the internet.
Cloud Computing is the architecture of choice for popular applications such as Web Mail, Social Networks, collaborative applications such as Microsoft office 365 or Google Docs.
The promises of Cloud Computing are no data losses, no backup needed, no software license updates needed. Applications are executed from a web browser or an apps. The application itself and the user data are hosted in a Data Center.
Cloud Computing is often seen as the alternative to client software where a license of a given software is installed and executed on the user’s device.
A card that communicates by means of a radio frequency signal, eliminating the need for physical contact with a reader.
Contactless communications includes several technologies aiming at performing short range data transfer between two communicating devices. Operational ranges can vary from 2cm to 10 to 15 meters.
Contactless Cards used for Payment or Transport use very short range technology. Such card’s silicon chip are powered by the proximity of the reader to establish the contactless communication in a secure manner.
Customer Relationship Management (CRM)
A set of tools and techniques using data to enhance sales forecast, supply strategy, pricing strategy and all aspects of products&services strategy.
CRM is foreseen has a key application of Big Data, where large amounts of past data can really enhance current and future business steering and decision making.
DDA (Dynamic Data Authentication)
Authentication technology that allows banks to approce transactions at the terminal in a highly secure way.
DI (Dual Interface)
A device that is both contact and contactless.
Dual-Interface cards, combining contact and contactless transactions are often used for EMV payment. There are also more an more payment + transport cards where a payment card is also used to access to a mass transit network.
Humans can own one or several Digital Identiti(es) – also called avatars – to be used to access various digital services
For secure services, Digital Identities must be issued by a Certificate Authority (CA) capable to establish a link between the actual user and his/her digital Identities.
There is no limit to how many Digital Identities any given user may have.
An electronic signature created using a public-key algorithm that can be used by the recipient to authenticate the identity of the sender.
DNS Cache poisoning
A technique that tricks a Domain Name Server (DNS server) into believing it has received authentic information when in reality it has not.
Any small piece of hardware that plugs into a computer. Most popular form-factor are USB keys or Smart Cards that can get inserted into card readers. Related offer: mToken and mOTP solutions
EAC (Extended Access Control)
A mechanism enhancing the security of ePassports whereby only authorized inspection systems can read biometric data.
Accessing banking services via the internet
Buying and selling goods via the internet.
a pre-3G digital mobile phone technology allowing improved data transmission rates.
The use of digital technologies (often via the internet) to provide Government services. Second generation eGov 2.0 programs aim to increase efficiency, lower costs and reduce.
Personal identification using a variety of devices secured by microprocessors, biometrics and other means.
An “electronic” passport with high security printing, an inlay including an antenna and a microprocessor, and other security features.
A small portable device that contains “electronic money” and is generally used for low-value transactions.
A diverse family of computer networking technologies for local area networks (LANs).
Electronic systems for issuing, checking and paying for tickets predominantly for public transport.
European Telecommunications Standards Institute: the EU organization in charge of defining European telecommunications standards.
The Federal Communications Commission (FCC) is an independent agency of the United States government and with the majority of its commissioners appointed by the current President. The FCC works towards six goals in the areas of broadband, competition, the spectrum, the media, public safety and homeland security, and modernizingthe FCC
The Federal Information Processing Standard (FIPS) Publication 140-2, (FIPS PUB 140-2), is a U.S. government computer security standard used to accredit cryptographic modules.
FIPS 140-2 defines four levels of security, simply named “Level 1” to “Level 4”.
Read more about: computer security, telecommunication security, cryptography, cryptographic modules, Federal Information Processing Standard (FIPS) at http://csrc.nist.gov/
The Cryptographic Module Validation Program (CMVP) validates cryptographic modules to Federal Information Processing Standard (FIPS) 140-2 and other cryptography based standards.
The CMVP is a joint effort between NIST and the Communications Security Establishment (CSE) of the Government of Canada. Products validated as conforming to FIPS 140-2 are accepted by the Federal agencies of both countries for the protection of sensitive information (United States) or Designated Information (Canada). The goal of the CMVP is to promote the use of validated cryptographic modules and provide Federal agencies with a security metric to use in procuring equipment containing validated cryptographic modules.
FIPS 201 (Federal Information Processing Standard)
A US federal government standard that specifies Personal Identity Verification requirements for employees and contractors.
Firmware Update Management Object, is an Open Mobile Alliance specification for updating the firmware of mobile devices over the air. FUMO allows mobile operators to update mobile devices across network infrastructure without requiring consumers or network engineers to initiate upgrades through direct contact.
It enables operators and device manufacturers to perform updates over-the-air ranging from the simple ones (e.g.:security patch) to the most complex (e.g.: important parts of the operating system).
GSM (Global System for Mobile Communications)
A European standard for digital cellular phones that has now been widely adopted throughout the world.
Find out more about GSM
GSMA (GSM Association)
The global association for Mobile phone operators
Find out more about GSMA
Health Insurance Portability and Accountability Act: the US act that protects health insurance coverage for workers and their families when they change or lose their jobs
HSPD-12 (Homeland Security Presidential Directive 12)
Orders all US Federal Agencies to issue secure and reliable forms of identification to employees and contractors , with a recommendation in favor of smart card technology
Hypertext Transfer Protocol. A networking protocol for distributed, collaborative, hypermedia information systems; is the foundation of data communications on the Web.
Identity and Access Management
ICAO (International Civil Aviation Organization)
The United Nations agency which standardizes machine-readable and biometric passports worldwide.
Using text on a mobile handset to communicate in real time
IP (Internet Protocol)
A protocol for communicating data across a network; hence an IP address is a unique computer address using the IP standard.
The International Mobile Equipment Identity or IMEI ( /aɪˈmiː/) is a number, usually unique, to identify GSM, WCDMA, and iDEN mobile phones, as well as some satellite phones. It is usually found printed inside the battery compartment of the phone. It can also be displayed on the screen of the phone by entering *#06# into the keypad on most phones.
Internet Protocol Security (IPsec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. IPsec also includes protocols for establishing mutual authentication between agents at the beginning of the session and negotiation of cryptographic keys to be used during the session.
Inter-Integrated Circuit; generically referred to as “two-wire interface”) is a multi-master serial single-ended computer bus invented by Philips that is used to attach low-speed peripherals to a motherboard, embedded system, or cellphone or other electronics.
International Organization for Standardization: an international body that produces the worldwide industrial and commercial “ISO” standards.
A network oriented programming language invented by Sun Micro-systems and specifically designed so that programs can be safely downloaded to remote devices.
Java Card helps developers build, test and deploy smart card-based applications quickly and efficiently with an object oriented programming model and off-the-shelf development tools. For smart card issuers, it delivers a secure and interoperable platform that can be used to store and update multiple applications on a single end-user device.
Key (keystroke )logging
A means of capturing a user’s keystrokes on a computer keyboard, sometimes for malicious purposes.
Lock And Wipe Management Object. It is an Open Mobile Alliance specification for locking handsets in case they are lost or stolen or for wiping the handsets’ memory. The handset wipe removes all personal data stored either on the handset memory or on the inserted memory card. As a result, the handset is then totally blank, without any chance to retrieve the data.
LTE (Long Term Evolution)
The standard in advanced mobile network technology, often referred to as 4G.
Malicious software designed to infiltrate or damage a computer system without the owner’s consent.
An attack in which an outsider is able to read, insert and modify messages between two parties without either of them knowing.
Buying and selling goods and services using a mobile device connected to the internet.
MFS (Mobile Financial Services)
Banking services such as money transfer and payment, available via a mobile device.
Microprocessor (smart) card
A ‘smart” card comprising a module embedded with a chip, a computer with its own processor, memory, operating system and application software.
A removable memory card that can also be modified by adding a microprocessor to become a Secure Element, using the SDIO protocol to communicate with the device.
Complementary information about MicroSD Card
MIM (Machine Identification Module)
The equivalent of a SIM with specific features such that it can be used in machines to enable authentification MMS (Multimedia Messaging Service) a standard way of sending messages that include multimedia content (e.g. photographs) to and from mobile phones.
Machine-to-Machine (M2M) refers to technologies that allow both wireless and wired systems to communicate with other devices of the same ability. M2M uses a device (such as a sensor or meter) to capture an event (such as temperature, inventory level, etc.), which is relayed through a network (wireless, wired or hybrid) to an application (software program), that translates the captured event into meaningful information (for example, items need to be restocked). This is accomplished through the use of telemetry, the language machines use when in communication with each other. Such communication was originally accomplished by having a remote network of machines relay information back to a central hub for analysis, which would then be rerouted into a system like a personal computer.
mHealth (also written as m-health or mobile health) is a term used for the practice of medical and public health, supported by mobile devices. The term is most commonly used in reference to using mobile communication devices, such as mobile phones and PDAs, for health services and information. The mHealth field has emerged as a sub-segment of eHealth.
A mobile network operator (MNO), also known as mobile phone operator (or simply mobile operator or mobo ), carrier service provider (CSP), wireless service provider, wireless carrier, or cellular company, is a telephone company that provides services for mobile phone subscribers.
A standard way of sending messages that include multimedia content (e.g. photographs) to and from mobile phones.
MNO (Mobile Network Operator)
A company that provides services for Mobile devices subscribers.
Banking and payment services for unbanked users.
The unit formed of a chip and a contact plate.
Using a mobile handset to pay for goods and services.
NFC (Near-Field Communication):
A wireless technology that enables communication over short distances (e.g. 4cm), typically between a mobile device and a reader.
The Initiative for Open Authentication
OS (Operating System)
Software that runs on computers and other smart devices and that manages the way they function.
OTA (Over The Air)
A method of distributing applications and new software updates which are already in use.
OTP (One Time Password)
A password that is valid for only one login session or transaction. More info
The process of recovering secret passwords from data in a computer system.
PDA (Personal Digital Assistant)
A mobile device that functions as a personal information manager, often with the ability to connect to the internet.
PDC Personal Digital Cellular
A2G mobile phone standard used in Japan and South Korea.
Sending fraudulent emails requesting someone’s personal and financial details.
PIN (A Personal Identification Number)
A secret code required to confirm a user’s identity.
PKI (Public Key Infrastructure)
Public Key Infrastructure (PKI) is a system that validates a user’s digital identity over a public or private network. It does so by associating a pair of public and private keys with the individual’s identity credentials. These keys are created with a cryptographic algorithm and shared by a certificate authority (CA) that links them to the user’s unique identity. The CA stores this information in a database and issues digital certificates, which include the public key or information about the public keys, in order to verify the user’s identity. Read More
Short to mid-range wireless communication technology typically used for low end services with no security needs (Tags).
Software Component Management Object. It is an Open Mobile Alliance specification that allows a management authority to perform software management on a remote device, including installation, uninstallation, activation and deactivation of software components.
Related offer: Device Management Solutions
SE (Secure Element)
A secure and personalized physical component added to a system to manage users rights and to host secure apps.
SE typically consist of a Silicon Chip, a secure Operating System, application software and a secure protocol to communicate to the device.
It refers to any authentication protocol that requires multiple factors to establish identity and privileges.
This contrasts with traditional password authentication which requires only one authentication factor such as knowledge of a password.
Common implementations of strong authentication use ‘something you know’ (a password) as one of the factors, and ‘something you have’ (a physical device) and/or ‘something you are’ (a biometric such as a fingerprint) as the other factors.
TEE (Trusted Execution Environment)
A software and hardware dedicated environment embedded within the core device microprocessor to host and execute secure applications.
A computer (client) that depends primarily on a central server for processing activities. By contrast, a fat client does as much local processing as possible.
A program that contains or installs a malicious program.
TSM (Trusted Services Manager)
A third party enabling Mobile Operators, Mass Transit Operators, Banks and businesses to offer combined services seamlessly and securely.
UICC (Universal Integrated Circuit Card)
A high capacity smart card used in mobile terminals for GSM, UMTS/3G and now 4G/LTE networks.
Universal Serial Bus (USB) is a specification to establish communication between devices and a host controller (usually a personal computer), which has effectively replaced a variety of earlier interfaces such as serial and parallel ports. USB can connect computer peripherals such as mice, keyboards, digital cameras, printers, personal media players, flash drives, network adapters, and external hard drives. For many of those devices, USB has become the standard connection method.
Universal Mobile Telecommunications System (UMTS) is a third generation mobile cellular technology for networks based on the GSM standard. Developed by the 3GPP (3rd Generation Partnership Project), UMTS is a component of the International Telecommunications Union IMT-2000 standard set and compares with the cdma2000 standard set for networks based on the competing cdmaOne technology. UMTS employs wideband code division multiple access (W-CDMA) radio access technology to offer greater spectral efficiency and bandwidth to mobile network operators. UMTS specifies a complete network system, covering the radio access network (UMTS Terrestrial Radio Access Network, or UTRAN), the core network (Mobile Application Part, or MAP) and the authentication of users via SIM cards (Subscriber Identity Module).
VPN (Virtual Private Network)
A private network often used within a company or group of companies to communicate confidentially over a public network. More info
W-CDMA (Wideband Code Division Multiple Access)
A 3G technology for wireless systems based on CDMA technology.
Extensible Markup Language. A set of rules for encoding documents in machine-readable form.
Contact Us Today
Explore and compare Longmai products in our Online Store, and get a price quote from our Sales representatives who are already standing by to answer your questions.
We’re here to help. Send us your sales inquiry and Longmai Sales Specialist will get back to you within one business/working day.
We may be speaking your language, want to talk? Call us Ω Tel: +8610-62323636-632 and speak with our Sales Specialist now.