Its been quite a good time since I had started working on online authentication security solutions. I reckon not many companies are dealing in such a vulnerable and sensitive area of internet world even though there are good chances of improvement.

I have talk to many people about the possible threats and attacks right from client machine to channel security compromises. I have found that people want to use internet facility but they don't want to go technical about it. They want companies to deal these problems. At the same time they want technology which is easy to use and understand.

There are so many possible ways to steal users credentials that it becomes very difficult to make something which fits into users requirements with no compromises in security. To tackle every problem, makes the application little complicated to deal with. To make their applications user friendly companies often compromises with the level and range of possible venerabilities.

There is one more thing which I have noticed that its easy to use complicated solutions in Indian market than to US market . The reason is , In US people of different age group uses online transactions very often compare to India where this range is limited mainly to young educated professionals.

ICICI's online authentication system asks for two static passwords in addition of grid numbers for a transcation. ICICI's grid technology is a fine example of one of the complicated solutions working in Indian market. I think this technology for deceiving people as it has same level of security as they were providing earlier with 16 digit CCV numbers.

Its been a quite a long time since have written anything so I thought it would be better if I write something which I am currently doing from last couple of months. The framework I am working on is called BZByte. This framework is based on MVC architecture. May be I am the first person in offshore business to work on it. Its a very old framework but never got famous may be because of its marketing stratagy or complexity. Its a web based framework written in Java. This framework can be nightmare for a social websites but can be a useful for big organizations where reports, analysis and security is a major concern rather than performance.

This framework is a fine example of excellent engineering and programming skills. The Idea behind this whole project is to use benefits of Java swing framework in web applications. In fact this framework has improved upon some of the features in swing. Developer with good knowledge of HTML and Java swing can make a web application very fast using this framework.

Before deciding on this framework its good to know that there is no good documentation and help available on the Internet. ;)