Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Authentication (User) Blog
Showing posts in English
vipmobile | 15 Feb 2008 | 0 comments

We were pleasantly surprised by the positive response to our announcement around VeriSign joining the OpenID Foundation. These articles feature our VP of Innovation, Nico Popp.

OpenID Gets Star Power By Kenneth Corbin of

Tech heavyweights join OpenID Foundation board By Deborah Gage of The San Francisco Chronicle

OpenID gains support for online single sign-on By Shane Schick of...

vipmobile | 08 Feb 2008 | 0 comments

Hi! My name is Kerry Loftus and I have product marketing and management ownership for our consumer authentication product offerings. By day, I'm a dedicated VeriSign employee focusing for the last 8 years on security technologies that are valuable to our customers in helping them better secure their online interactions with customers, business partners and employees. Few would also suspect, outside of my career, I'm a dedicated wife and mother to 4 kids (two boys and two girls, ages 1 - 13 years). Yikes! By keeping my toes in both professional and day-to-day worlds, I hope to bring real-world perspective to a space that is highly technical, potentially complicated, but incredibly essential in our still emerging digital world.

We found an awesome video on YouTube: the "MiniGeek" gets his PayPal security key in the mail, and shows us as he sets it up in less than two minutes. It's child's play! (this video has been removed.)

vipmobile | 07 Feb 2008 | 0 comments

Today's announcement that Google, Microsoft, Yahoo!, IBM, and VeriSign are joining the OpenID Foundation's board is great news for the future of online identity. A single portable online identity has long been elusive, and we're excited to see it come one step closer to reality. I certainly won't miss my ever growing list of usernames and passwords!

But what happens when your entire online identity is consolidated into a single entity? It becomes a prime target for attack. In the pre-OpenID world, attackers need to steal your individual credentials for each and every site you visit; but if they're all replaced with a single OpenID, hacking just one account gives you the keys to the castle.

The need for strong account protection has never been greater, which is why we've integrated our...

vipmobile | 05 Feb 2008 | 0 comments

Hi, I'm Jeff Burstein, a product manager on the VIP team.

Today is Super Tuesday, and as a California resident, I went to vote this morning in the primary election. Since this is a blog about identity and trust, let's examine what I needed today to prove my identity to vote: nothing. Do I really look that trustworthy?

I walked into my polling place, went up to the table and told the poll worker my name, which she dutifully looked up in the voter roll and crossed out. No identity check needed, no need to show my ID, check a signature, or any other form of authentication -- just the honor system. (And of course the threat of going to jail for voter fraud!)

For those of us who live and breathe identity and authentication every day this is just unnatural! Of course, there are all sorts of reasons for the lack of strong authentication for voting today, most having to do with budgets, voter turnout, the 24th amendment, and the potential for discrimination. So...

vipblog | 29 Jan 2008 | 0 comments

Welcome to the Online Identity and Trust blog here at VeriSign. Here we hope to share some interesting news about the VeriSign Identity Protection team as well as in the world of identity protection. Since we are all about identity protection, I might as well give a blurb of who I truly am so that my identity and role is clear within this team. I am the new product marketing manager for VIP and I focus on outbound marketing for our solutions.

Reading the developments in the area of identity protection, we see a lot of interesting news these days. Some of us may think that it is only to protect our online financial transactions but with the growth in Internet and the flat world, we must increasingly adapt to newer threats posed to identity theft and fraud. For example, there has...

Tim Callan | 06 Feb 2007 | 0 comments

This week should be an exciting week for the OpenID community, with lots of things happening at the RSA conference going on in San Francisco. Here's an announcement between VeriSign and some of its partners in the OpenID effort announcing plans to work with Microsoft on making OpenID and CardSpace interoperable:

Microsoft to Work With the OpenID Community, Collaborating With JanRain, Sxip, and VeriSign

JanRain, Microsoft, Sxip, and VeriSign will collaborate on interoperability between OpenID and Windows CardSpace(TM) to make the Internet safer and easier to use. Specifically:
  • As part of OpenID's security architecture, OpenID will be extended to allow relying parties to explicitly request and be informed of the use of phishing-resistant credentials.
  • Microsoft recognizes the growth of the OpenID community and believes OpenID plays a significant role in the Internet identity infrastructure. Kim Cameron, Chief...

Tim Callan | 19 Jun 2006 | 0 comments

I'm happy to welcome my VeriSign colleage Kiran Dandekar to the Infrablog. Kiran's working with me on the team here that is building infrastructure and tools around open identity. He's become increasingly central on our team and visible in the community in building technical consensus and business momemtum around OpenID and our Personal Information Provider. We'll be adding a handful of team members to the Infrablog in the next few weeks.


Kiran's just your run-of-the-mill-MIT-PhD Boston Red Sox fan and family man. He previously did some cool stuff over at MicroStrategy before coming to VeriSign a couple years ago to help build our supply chain business.


Welcome Kiran!



Tim Callan | 16 May 2006 | 2 comments

You're invited to visit and try out a beta version of an identity service we've provided. It's called the VeriSign Personal Identity Provider (“PIP” for short), and you can find it at The VeriSign PIP is designed to provide a “home base” for users who want use OpenID applications. Users who register with the VeriSign PIP get an OpenID – a URL they can use to login and authenticate at sites that accept OpenID. In addition, the VeriSign PIP lets you store profile information, and control how, when and with whom that information can be shared.

What Can I Do With The VeriSign PIP?

When you register at the VeriSign PIP, your user name is used to generate a unique URL for your profile. My username is “mgraves”, so my OpenID is “http://mgraves.pip...

Tim Callan | 12 May 2006 | 0 comments

I was at Internet Identity Workshop 2006 last week, and because it is a conference focused solely on the subject of identity, it served as a good opportunity to take stock of the situation. To be sure, a lot of progress has been made in the last year; if I have my facts right, YADIS – the lightweight discovery protocol for specifying capabilities for URLs – was conceived at last years IIW and has made it all the way to a 1.0 specification this spring. The ecosystem has come a long way towards the issue of identity in the past year too.


At Esther Dyson’s PCForum in Carlsbad, CA last month, the theme for the conference was “Erosion of Power: Users in Charge”. As with all forward-looking conferences there’s always an element of wishful thinking and projection in the conference themes. From the myriad conversations I’ve had at PCForum...

Tim Callan | 31 Mar 2006 | 0 comments

ActiveRecord gets a significant upgrade (polymorphic joins and bottomless eager loading for example) in the 1.1 release of Ruby On Rails. What's really impressive in this release though, is RJS -- the ability to write your JavaScript functions in Ruby. Rails was already a superior platform for writing Ajaxian web apps. With this release, the Ajax model stays the same, but you now have an elegant process for writing your JavaScript in Ruby.

I've only had the opportunity to get 1.1 installed and running on my personal machine, but it's clear from just a little exercise that 1.1 is going make a lot of teams that are humming along productively with 1.0 take a look to see when and how they can get 1.1 into their production...