The NSW Cyber Security Network’s (NSWCSN) cyber voucher program for small and medium sized businesses (SMEs) has attracted a strong response from SMEs eager to engage with NSW universities for R&D projects.
NSW-based cyber security software developer TokenOne, which focuses on the prevention of identity theft, is one of the successful applicants. The company has developed authentication technology that changes the way we all use traditional passwords by utilising one-time pad principles (an encryption technique that combines plaintext with a unique ‘cipher key’). Its research partner is the University of Sydney in a project that aims to deliver a definitive guide to secure SMS authentication practices.
“It is well understood by businesses and governments that SMS is not a secure channel,” said Phil Cuff, CEO and Founder of TokenOne, “but SMS is so convenient that businesses continue to rely on it to communicate ‘one-time codes’ to authenticate their customers. Despite its proven insecurities, current SMS authentication is still by far the most popular form of multi-factor authentication in the world.”
Instead of trying to talk the world out of using SMS completely, TokenOne combines a secret PIN – which is not entered or transmitted – with a one-time cipher key of letters and numbers that is sent to the customer by SMS. Each cipher key is unique, so customers can convert their numeric PIN into different letters, instead of their PIN, each time they need to authenticate. This type of process is known as a ‘Zero Knowledge Password Proof’.
“NSW small and medium businesses have come forward with meaningful research projects that have the potential to build prosperity for NSW,” said Todd Williams, Director, NSW Cyber Security Network. “As well as helping grow NSW businesses, our cyber vouchers program is helping early career researchers connect with industry and gain valuable work experience.”
Each successful project is eligible for up to $15,000, in a similar fashion to the NSW Department of Industry’s existing TechVoucher initiative.
Other successful cyber voucher applications to date have also focused on the issues of trust and identity. For example, Macquarie University and the University of Technology Sydney are collaborating with SMEs on projects including providing machine learning and data analytics expertise and processes to deliver a zero trust framework and a framework for developing an identity and access management module respectively.
Australia’s cyber security industry is expected to triple over the next 10 years with revenues soaring from $2 billion to $6 billion by 2026, creating opportunities for NSW as Australia’s technology leader.
Applications for cyber vouchers remain open, and will be considered on a first come, first served basis. The NSWCSN cyber voucher initiative seeks applicants from a wide set of industry backgrounds and experiences.