On APICTA (finale)

We have finished our presentation. One last question of the Vietnam judge really bugs me off. He asked us about the security right after the bell ringing. I surely didn't get the point. Which part of security?

The webservice? Yeah, we have answered it using SSL.
The applet application? Yeah, we have answered it using PIN on the Card.

But, I think at the last moment he conclude that we have no security over the communication. Hmm.. WTF? Ow, he means the communication between the card and the terminal.

Sh*t! We forgot to mention about the External Authentication, which GP 2.1.1 standard can do. Anyone on the smart card industry would know that. Each smart card has its own mechanism to do authentication and our product is by far using the newest Javacard solution using CPG 2.04 key derivation. Hopefully, he see the last slide of the note.

I'm very confused, because whenever Adin, Dimas, and I try to rehearse, I am the one that falling to too many technical terms. I guess that what made me hesitated to talk and let the moment goes by.

Oh, well, whatever the result, I must go home with a proud. Our product by far is the finest solution that tries to combine all the needed solution to provide services integration.

Arrrgh... still having this regret, though....


Post a Comment

Popular Posts