Integrated secure distance bounding and hardware-based security: A case study for the insurance claim verification of farmers during COVID-19

Abstract

Given the rapidly evolving developments in Fintech, Insurtech, Open Banking, and Mobile Money business models in recent years, the capability for ensuring strong authentication remains the most pressing need for the protection of security and privacy of data in this sector as in many other areas. The security-integrity of insurance and financial transactions and workflows is vitally dependent on access control mechanisms to deliver strong multi-factor authentication (MFA) with operationally acceptable latency and throughput to support real-time response, particularly as demanded by the increasing online and mobile financial service models. The Critical-Chains Project was motivated by the above objectives as underpinned by the overarching commitment to accountability engineering as required by the operational logic. This must be crucially supported by real-time hardware-enabled services comprising authentication (including Distance Bounding and Prover’s Proximal Location Presence Verification), hardware security and cryptography (AUTH-as-a-Service, Hardware-Security-as-a-Service, Cryptography-as-a-Service) as delivered through the Critical-Chains main framework. This paper reports on the development and evaluation of the innovative Hardware-enabled authentication and security capabilities of the Critical-Chains framework which is successfully validated in the context of financial services, specifically the insurance claim settlement application domain, and can also be deployed in any other domains where trusted authentication and specific location-time bound prover’s presence verification is required.