Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services
Showing posts in English
Vicente | 06 Mar 2008 | 0 comments

Hi there! My name is Vicente Silveira and I'm responsible for the VIP Fraud Detection Service , or as we call it, VIP FDS, product at VeriSign.

Our team develops products that help businesses and individuals transact securely on the internet. Needless to say we have a lot of work to do.

I just spent some time in Europe talking to financial institutions and comparing notes on fraud trends here and there. One of the quick conclusions is that online criminals are sharing tools and methods on a global basis and on a scale that we haven't seen before.

One example is a modern variation of an old stock touting technique known as "Pump and Dump" , where fraudsters use e-mail spam to falsely promote a thinly traded instrument (such as a...

vipmobile | 28 Feb 2008 | 0 comments

Posted by Kerry Loftus, Vice President of Consumer Authentication

I am constantly evaluating our offerings and other technology solutions, asking: will this really play in my hometown of Erie, PA? The challenge for security vendors has always been there but have we delivered solutions that provide a broad spectrum of security for our customers depending on their needs, risks and users? Two years ago, when the FFIEC guidance around multifactor authentication came out, our customers told us we hadn't. Companies like VeriSign quickly innovated to find that right balance between security, usability, and convenience. Device IDs, images, networked authentication and a whole host of convenient 2-factor credentials emerged and the race is on to find that next game- changing security solution.

We at VeriSign believe there are two critical pieces to this moving forward:

1. Open standards. In other words: two-factor authentication solutions from...

Tim Callan | 26 Feb 2008 | 0 comments

My name is Jen Gilburg and I am the Director of Business Development for the Identity and Authentication Solutions team here at VeriSign.

Google's announcement of the launch of a new program that allows users to post their medical records online caught my attention. While there are obvious benefits to having a centralized store of historical health information, medications, test results, etc., my first inclination was to be concerned about the security of such personal information.

Naturally I am inclined to believe that everything should have strong authentication. However, not wanting to be overly paranoid, I thought I would investigate just what the exposure is should one gain access to my medical records. I mean -- just how much damage could be done should someone discover that I have hay fever and a rather bizarre allergic reaction to arugula? Is...

Tim Callan | 21 Feb 2008 | 0 comments

My name is Fran Rosch and I manage the group that writes this blog and develops VeriSign's identity and authentication solutions.

I just got back from a 2-week trip to India, Israel and London talking to customers, prospects, and VeriSign team members. I spent much of the time talking about how customers should deploy solutions that are very "risk based." When consumers access lots of critical data or financial assets on their website, a user name and password is probably not enough. But how much is enough? Does one solution fit all? How much should we change user experience? How much should we spend on security and authentication?

As I traveled through the airports in San Francisco, Frankfurt, Bangalore, Delhi, Mumbai, Amman, Tel Aviv and Heathrow, I was struck by the very different security policies and I realized that they also deploy "risk-based" approaches just as we recommend on our customer's Web sites. Here were some different approaches I noticed:

...
vipmobile | 15 Feb 2008 | 0 comments

We were pleasantly surprised by the positive response to our announcement around VeriSign joining the OpenID Foundation. These articles feature our VP of Innovation, Nico Popp.

OpenID Gets Star Power By Kenneth Corbin of InternetNews.com

Tech heavyweights join OpenID Foundation board By Deborah Gage of The San Francisco Chronicle

OpenID gains support for online single sign-on By Shane Schick of...

vipmobile | 08 Feb 2008 | 0 comments

Hi! My name is Kerry Loftus and I have product marketing and management ownership for our consumer authentication product offerings. By day, I'm a dedicated VeriSign employee focusing for the last 8 years on security technologies that are valuable to our customers in helping them better secure their online interactions with customers, business partners and employees. Few would also suspect, outside of my career, I'm a dedicated wife and mother to 4 kids (two boys and two girls, ages 1 - 13 years). Yikes! By keeping my toes in both professional and day-to-day worlds, I hope to bring real-world perspective to a space that is highly technical, potentially complicated, but incredibly essential in our still emerging digital world.

We found an awesome video on YouTube: the "MiniGeek" gets his PayPal security key in the mail, and shows us as he sets it up in less than two minutes. It's child's play! (this video has been removed.)

vipmobile | 07 Feb 2008 | 0 comments

Today's announcement that Google, Microsoft, Yahoo!, IBM, and VeriSign are joining the OpenID Foundation's board is great news for the future of online identity. A single portable online identity has long been elusive, and we're excited to see it come one step closer to reality. I certainly won't miss my ever growing list of usernames and passwords!



But what happens when your entire online identity is consolidated into a single entity? It becomes a prime target for attack. In the pre-OpenID world, attackers need to steal your individual credentials for each and every site you visit; but if they're all replaced with a single OpenID, hacking just one account gives you the keys to the castle.



The need for strong account protection has never been greater, which is why we've integrated our...

vipmobile | 05 Feb 2008 | 0 comments

Hi, I'm Jeff Burstein, a product manager on the VIP team.

Today is Super Tuesday, and as a California resident, I went to vote this morning in the primary election. Since this is a blog about identity and trust, let's examine what I needed today to prove my identity to vote: nothing. Do I really look that trustworthy?

I walked into my polling place, went up to the table and told the poll worker my name, which she dutifully looked up in the voter roll and crossed out. No identity check needed, no need to show my ID, check a signature, or any other form of authentication -- just the honor system. (And of course the threat of going to jail for voter fraud!)

For those of us who live and breathe identity and authentication every day this is just unnatural! Of course, there are all sorts of reasons for the lack of strong authentication for voting today, most having to do with budgets, voter turnout, the 24th amendment, and the potential for discrimination. So...

vipblog | 29 Jan 2008 | 0 comments

Welcome to the Online Identity and Trust blog here at VeriSign. Here we hope to share some interesting news about the VeriSign Identity Protection team as well as in the world of identity protection. Since we are all about identity protection, I might as well give a blurb of who I truly am so that my identity and role is clear within this team. I am the new product marketing manager for VIP and I focus on outbound marketing for our solutions.

Reading the developments in the area of identity protection, we see a lot of interesting news these days. Some of us may think that it is only to protect our online financial transactions but with the growth in Internet and the flat world, we must increasingly adapt to newer threats posed to identity theft and fraud. For example, there has...

Tim Callan | 06 Feb 2007 | 0 comments

This week should be an exciting week for the OpenID community, with lots of things happening at the RSA conference going on in San Francisco. Here's an announcement between VeriSign and some of its partners in the OpenID effort announcing plans to work with Microsoft on making OpenID and CardSpace interoperable:

Microsoft to Work With the OpenID Community, Collaborating With JanRain, Sxip, and VeriSign
JanRain, Microsoft, Sxip, and VeriSign will collaborate on interoperability between OpenID and Windows CardSpace(TM) to make the Internet safer and easier to use. Specifically:

  • As part of OpenID's security architecture, OpenID will be extended to allow relying parties to explicitly request and be informed of the use of phishing-resistant credentials.
  • Microsoft recognizes the growth of the OpenID community and believes OpenID plays a significant role in the Internet identity infrastructure. Kim Cameron, Chief Architect of...