Welcome to the IoT Slam® Internet of Things Conference - The world's most trusted IoT event brand

Wrong Swipe … No Need to Enter Your Pin or Password

Dipto Chakravarty CTO at Exostar
Virtual Only

Wrong Swipe … No Need to Enter Your Pin or Password

Session Abstract: Virtual Only

Swipe your card and a number of things can go wrong. Even if you are a security-savvy user and know not to use debit cards at restaurants, gas stations, stores and online, you can become an easy victim of fraud when you are surrounded by connected smart things.

IoT access will replace mobile access just as mobile access replaced web access. Now swipes are replacing passwords and authentication in terms of user experience. We have started to encounter security challenges at every layer of the stack. The challenge begins with corporations deploying SaaS or cloud infrastructure into their bi-modal IT environments. With user being in- charge and machines freely interacting with one another, the security problem has amplified in magnitude. Every time users request access, almost always they are granted excessive privilege. Not surprisingly, the excess privilege is compromised easily by entry-level novice hackers.

It is the simplest naive practices that lead to the worst threats. One wrong swipe doesn’t have to be about your likes/dislikes of dating app on your phone. The wrong swipe might be about swiping your fit-bit incorrectly or swiping a debit card at the wrong kiosk to inadvertently permit hackers to steal your data.

This session will explain why simple swipes of credit cards can cause serious damage. It will take real examples of threat vectors and show how fraud (from insider threat) is on the rise and has proven to be a greater calamity than advanced persistent threats or outside-in threats.

In this session, attendees will learn:
1. How authentication plays a pivotal role in aiding/deterring IoT security
2. How swiping wrong types of credit cards in wrong places cause damage.
3. Best practices for safe password-less interactions with smart things.


Dipto Chakravarty
CA Technologies

Dipto Chakravarty is the author of three best-selling books on computer architecture and security from McGraw-Hill and Wiley that have been translated in five languages. He has 10 patents to his credit in security, cloud and SaaS, holds a B.S and M.S in CS and EE from U. of Maryland, GMP from Harvard Business School and EMBA from Wharton School, U. Penn.

Currently, he is the SVP and General Manager of Core Security at CA Technologies. In this role, Dipto leads the product strategy, product mgmt and product development, and is focused on building a differentiated product portfolio to help customers solve their most difficult business problems of securing users in their hybrid IT infrastructure with mobility and IoT.

Prior to joining CA, he served as the EVP of Products at ThreatTrack, and earlier as the General Manager for SaaS Cloud Security at Novell. Dipto has been an executive at four public companies (CA, IBM, NOVL, TRI) and four entrepreneurial startups to date. He led the turnaround and exit for e-Security, a SIEM company with its Series C for 7x LTM. Prior to it, he founded Artesia (sold to OpenText) with a management buyout from the Thomson-Reuters using $25M Series A from Warburg Pincus. Earlier, he led corporate venture of starting up a software division with $10M funding building rich media software.

Session Tags

End-User, Government, Enterprise

IoT, mobility, phone, kiosk, SaaS, cloud, authentication, authorization, encryption, BYOD, privilege, VPN, security, privacy, trust

CxO, VP / Director, Middle Management, Business Line Management, Operations

Intermediate, Beginner



Retail, Telecom, Banking, Financial Services, Insurance, Healthcare, Consumer

Join our IoT Community at https://www.linkedin.com/groups/4662022/profile

IoT Slam Internet of Things Conference

IoT Slam Internet of Things Conference