Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services
Showing posts in English
chalcon | 15 Oct 2010 | 4 comments

facebook logo.jpg

This week Facebook announced that they have begun rolling out one-time passwords (OTP) to their users as an added layer of security. Facebook is providing OTPs to help protect its users while on public computers like those at coffee shops, libraries, hotels and airports. For Facebook users looking to take advantage of this, they'll need to have a mobile phone number in their Facebook account and by texting "otp" to 32665 they will receive a one-time use password that last for 20 minutes.

For quite some time VeriSign, now part of Symantec, has been educating consumers and enterprises on the need and value of OTP. Our cloud-based VIP Authentication...

chalcon | 15 Oct 2010 | 0 comments

Qualys logo 3.jpg

At this week's RSA Conference in Europe, Qualys announced that it will now offer its customers strong authentication protection with our VIP Authentication Service. VIP will provide users of QualysGuard® a safer and more secure way to access and manage their accounts.

Qualys is the latest VIP customer to implement our leading cloud-based authentication service that allows enterprises to secure online access and transactions to obtain compliance and reduce fraud risk. As with VIP, QualysGuard is a SaaS service that requires no on-premises...

nicolas_popp | 06 Sep 2010 | 1 comment

It is clear that high assurance identity on the internet is going to require identity proofing. With more than 1 Billion Web users, and 3 Billion mobile users increasingly connected to the Internet, scalability is going to be essential. If high assurance identities become the norm, digital identify verification services that do not require in-person proofing could therefore turn into a significant market opportunity

Most folks in the industry would tell you that credit bureaux, and financial institutions ought to be primary beneficiaries as the new business emerges. However, the convergence of Internet, mobile and telecommunication driven by iPhone and Android could attract new market players. Mobile network operators (MNOs) have a wealth of identifiable data about us. They are also uniquely positioned to bring to market multi-channel solution. In fact, an MNO-operated ID proofing service could easily support voice and web, for brick and mortar as well as online service...

vipmobile | 01 Jul 2010 | 0 comments

be412fec1398f6848b66ff82fb034031_2011_website.jpg
Congratulations to Addison Avenue Federal Credit Union and the U.S. District Court in the District of Columbia, both of which were designated as Laureates by the Computerworld Honors Program. In addition to this honor, Addison Avenue Federal Credit Union was also named as a finalist for the Computerworld 21st Century Achievement Award, an award that honors and documents the extraordinary innovations of individuals and organizations that are leading the global IT revolution.

Addison Avenue Federal Credit Union
Addison Avenue offers its customers the...

nicolas_popp | 02 Jun 2010 | 0 comments

I have been involved with a couple similar initiatives around certification for identity and thought it would be interesting to explain the logic behind these efforts. The first initiative is led by the Open Identity Exchange and is based on the Open Identity stack. The second is more enterprise cloud focused; it is driven by the Cloud Security Alliance (CSA). The CSA is developing a more SAML-oriented technology blueprint within OASIS. The technology protocols are different but the risk controls are similar. Therefore, I am hopeful that both trust frameworks will converge (I will certainly try to help them converge).

But let us re-hash the motivation of the industry that sponsors these efforts. A trust framework is necessary to enable policy...

nicolas_popp | 10 May 2010 | 0 comments

When Achilles was a baby, the oracle predicted that he would die in battle from an arrow. Thetis, Achilles' mother who did not want her son to die decided to dip Achilles' body into the water of a river that would make him immortal. Unfortunately, Thetis had held Achilles by the heel which was not washed over by the magic water. Achilles grew up to be a Great War hero, whose apparent invincibility had turned him into a legend. But one day, an arrow shot at him was lodged in his heel, killing him instantly.

When it comes to consumer identity, Facebook looks more and more like the Achilles' of identity. Every day, it is growing more powerful and invincible. Yet, a growing stream of concerns is gradually exposing the social warrior's vulnerability to security and privacy. Nevertheless, as a website, Facebook...

vipmobile | 04 May 2010 | 0 comments

Han Dong, Senior Manager - Product Marketing, User Authentication

cloud_apps2.jpg

Thinking of moving your productivity apps to the cloud? Several tech-savvy folk like you have already deployed or are in various states of making the move to leverage an increasing number of enterprise productivity apps that live in the cloud. Just consider the benefits of cloud-apps:

  • Zero infrastructure investment / capital expenditure (for typical server & software installation, on-going care and feeding, etc.)
  • Quick-and-easy deployment and provisioning of applications (no need to install software on redundant servers or on every desktop), including multi-tenant (disparate organizations) sharing of pooled resources (of host CPUs, system failover,...
nicolas_popp | 20 Apr 2010 | 0 comments

For most enterprise and security vendors, the cloud is fascinating both as a technology and a business disruptor. In fact, SAAS CEOs such as Successfactor, SalesForce and NetSuite are hot shots in Silicon Valley these days. Yet, most of us are still wondering how much IT budget is actually going to be thrown at the so-called private, hybrid and public clouds in 2010. So what is in the way of the big shift?

We had a good discussion on this topic at AlwaysOn today. At least, it seems that everyone agrees on the main challenges: integration is harsh, security is dicey and compliance seems out of reach. So, where do we start? I am starting to believe that there too, we need to provide a baseline for cloud security and trust. Like PCI for e-commerce, a certification for the cloud will not make the cloud completely secure, but it will at least provide a set of common definitions and best-practices...

nicolas_popp | 05 Apr 2010 | 0 comments

This week is the week of the OpenID summit in Mountain View, California. We are all hoping that 2010 will be another pivotal year for open identity. There seems to be a combination of market forces that are making federated identity more attractive. In fact, we are hearing new compelling use cases for federation. A first example is cloud access and identity management. As enterprises shift their IT infrastructure and information to the cloud (as in IAAS, PAAS and SAAS applications), CIOs need to federate corporate identities with cloud service providers. For cloud resources, the corporate directory becomes the identity providers and the cloud services are the relying parties (and if you don't have a directory or don't want to use it for federation, Google is in the pole position to be your OP). Another interesting vertical ripe for federation is healthcare. Now that the Obama bill for healthcare has passed, one should expect a revival of health information networks (remember the...

vipmobile | 02 Apr 2010 | 0 comments

Han Dong, Senior Product Marketing Manager, User Authentication

I came across a recent Associated Press article by Jordan Robertson, concerning "Smart" utility meters and their security holes. In this article, Robertson talks about the "aggressive roll out of new [Smart] meters" by utility companies in the U.S. Smart meters are a new type of enhanced utility meter, designed to measure natural gas or electricity usage in a more sophisticated manner. smart-meter-300x225.jpgEssentially Smart meters (versus old-fashioned "dumb" meters) can measure not just the volume of utility used...