Project “OffPAD” - Optimizing balance between high security and usability. An innovative approach to endpoint security.

Last year has been a productive year for the Research Council Project. We were able to deliver a finalized OFFPAD device. This major step is a great achievement for Pone Biometrics as, at the same time, the embedded FIDO2.1 applet has been tested, approved, and certified by the FIDO alliance. Similarly, we were able to finalize the production line by implementing a dedicated personalization process to create a genuine OFFPAD device. Thanks to this process we can now have a better control and security level for the OFFPAD device. One of our partners (Fraunhofer) involved in two work packages has terminated their activities. As a result, Fraunhofer delivered reports and source code accordingly. One of the deliveries is a framework to create a firmware update over the air (OTA) by leveraging the DICE approach. The other delivery is an analysis of the available PQC methods available and the evaluation of these different solutions. The R&D team of Pone Biometrics did research and a gap analysis to identify the different actions needed to implement to our existing OFFPAD device an additional Hybrid authentication solution by using both FIDO and PQC methods. Another partner (NTNU) is working on the biometrics sensor and published two reports last year with results from analysis and test done regarding ways to fake the fingerprint biometric authentication and countermeasures to be put in place.

OFFPAD AS is a Norwegian start-up company founded in 2017 by Inven2, Petter Taugbøl and Jan-Erik Skaug to commercialize a Norwegian patented an innovative endpoint security product which ambition is to develop the OFFPAD device as an Identity Access Management (IAM) device – A pioneer in wireless, biometric authentication by delivering a high-end smart card with state of the art cryptographic and biometric algorithms protecting users against data breach when accessing their most sensitive data. This R&D project is based on scientific research on the core technology elements encompassed in the OFFPAD device from leading European scientists in Applied Cryptology, Biometrics authentication, Firmware platforms and eventually Post Quantum Algorithms. The project packages will be executed separately with a vision to incorporate the results in a future innovative wireless personal security device with highest level security combined with ease of use to corporate and institutional users. This proposed R&D project will create an innovative way to perform biometric authentication by strengthening the existing cryptographic functionalities. By scientific research and validation of post-quantum cryptographics, OFFPAD can potentially be an early adopter and prevent first cyber quantum attacks. This initiative may optimize the existing biometric process and facilitate presentation attack detection (PAD) following international standards relating to robustness against attacks for all non-supervised or semi-supervised applications. With the need to strengthen the cryptography mechanisms due to the raise of Quantum Computing risks, the OFFPAD device will embed a hybrid solution including FIDO standard and PQC (Post Quantum Cryptography). This will give OFFPAD an opportunity to become a game changer with the perfect mix between high-end biometrics and authentications mechanisms coupled with innovative post-quantum cryptographic features.