Experian and Symantec's two-factor credentialing solution selected by Centers for Medicare & Medicaid Services
Costa Mesa, Calif. and Mountain View, Calif., March 14, 2012 – Experian® and Symantec Corp. (NASDAQ: SYMC) today announced that the two-factor credentialing solution jointly developed by the companies was selected by the Centers for Medicare & Medicaid Services (CMS) to provide Enterprise Remote Identity Proofing (ERIP) and Multi-Factor Authentication (MFA) Credential Services. The Experian and Symantec solution will play a critical role in a $78 million contract that was awarded to Science Applications International Corporation (SAIC) delivering an offering that will support CMS in providing this enterprise service.
As part of CMS' multiple Federated identity proofing methods, the Experian and Symantec solution combines Experian’s identity proofing capabilities with the strong authentication capabilities of Symantec’s Validation and ID Protection (VIP) Service to address the key challenges that arise in identity proofing and authentication requirements of the CMS programs.
In order to ensure CMS alignment with the Federal Identity, Credential and Access Management (FICAM) roadmap, Experian and Symantec have initiated the assessment process through the Kantara Initiative, to be formally assessed for level 3 compliance with NIST SP 800-63-1. The joint offering aims to minimize the risk of fraud while leveraging a secure cloud services model, and enable access to CMS systems using multiple devices including secure mobile access technologies.
“Experian is thrilled that our solution was selected by CMS and believes it will add great value in helping to safeguard individual users’ identities and support federal mandates and regulations.” said Scott Waldron, president of Experian’s Government Services. “Our innovative solution with Symantec continues to gain traction with government agencies and healthcare organizations, and this success is another milestone on our path to becoming the de facto standard in the public sector for identity proofing and authentication.”
The offering will utilize Experian’s Precise IDSM platform, risk-based identity proofing encompassing highly predictive risk assessments through a combination of identity element verification, authentication, risk scoring and progressive out-of-wallet questioning to refine decisions about which identities should be allowed to enter into the CMS system and which identities should be denied access or further verified via alternate processes.
Symantec’s VIP service, the leading cloud-based authentication service, will enable CMS to provide secure online access and transactions to help obtain compliance and reduce fraud risk. A fully hosted strong authentication Security as a Service (SaaS) solution, VIP offers a cost-effective way to give legitimate users access to business resources, enterprise applications and websites while protecting against cybercriminals. VIP provides an additional layer of protection beyond standard username and password by requiring a dynamic one-time-use, six-digit security code generated by a user’s VIP credential.
“Symantec is very excited about the opportunity to work with the SAIC team to provide CMS with an advanced Symantec-Experian multi-factor authentication and identity proofing joint solution,” said Gigi Schumm, vice president and general manager of Symantec's Public Sector organization. “Our solution will provide strong authentication for all existing CMS systems. We are also evolving our solution to become an identity provider in support of CMS plans to accept externally issued identity credentials and the realization of the Administration’s National Strategy for Trusted Identities in Cyberspace.”