Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Identity and Authentication Services
Showing posts in English
vipmobile | 03 Dec 2009 | 0 comments

Han Dong, Senior Product Marketing Manager, User Authentication

I just read an article in CNET, by Jonathan Eunice, Character limitations in passwords considered harmful. And immediately after reading the story I thought to myself, Jonathan (may I call you Jonathan), we have the answer to your troubles. It's called VeriSign Identity Protection (VIP) Authentication Service and it's precisely what you need to address your goal to have strong authentication for your "4,000 web services."

Jonathan's article described the issue of how various websites will frequently restrict your ability to create 'stronger' passwords that use symbols (i.e. !@#$%^&), and thus relegate the user to simple (and easy to steal) phrase or nickname...

vipmobile | 01 Dec 2009 | 0 comments

Han Dong, 'Blogger of Light'

Did you catch it on the tube last night?
Did you see the VeriSign Identity Protection Access for Mobile credential in action?

At_t_VIP screenshot-SM.jpg

In case you missed it, check out the link on YouTube (0:21)

As for how this relates to you, me and your everyday secret agent, I think this fun video demonstrates the need for leveraging One-Time Passwords for strong authentication of your mobile applications. Yes, we have an "app" for that.

Kudos to our esteemed Product Manager, Erica Huang, and her efforts to have VeriSign included in the AT&T commercial.

nicolas_popp | 26 Nov 2009 | 0 comments

Concerns for the security of application run in the cloud are running high. The perceived lack of security of cloud platforms is often cited as the primary obstacle to adoption. Whether "cloud" is defined as infrastructure as a service (storage and compute services ala Amazon), platform as a service (application deployment environment ala Google App Engine), or simply as application outsourcing (SAAS ala SuccessFactor), almost everyone is lamenting at the security inadequacies of these new computing platforms.

This raises the question whether cloud providers should envision becoming security companies. After all, why would CIOs ever shift their entire IT infrastructure to the cloud unless the cloud came with strong security, compliance assurance and operational risk management? Conversely, should security companies rapidly transform themselves into cloud providers? After all, why would an enterprise that has crossed the Rubicon of moving the IT infrastructure to the cloud...

vipmobile | 17 Nov 2009 | 0 comments

Han Dong, Sr. Product Marketing Manager, User Authentication

Getting noticed is a hard thing. But when you do get recognized by adoring fans, it's like living the life of a beauty queen.

And just look at who noticed us: and BlackBerry Cool


So you ask, what's the news?
We all know that VeriSign Identity Protection (VIP) Access for mobile has already been available for free on Blackberry® smartphones and downloadable from...

vipmobile | 10 Nov 2009 | 0 comments

Han Dong, Sr. Product Marketing Manager, User Authentication

Greetings VIP Blog fans,

I'm here at the 2009 Gartner Identity & Access Management (IAM) Summit. The day started off with a keynote presented by Earl Perkins, one of the lead Gartner analysts who explained how much IAM has evolved over the years - highlighting the fact that there are several IAM lifecycle elements (Planning, Process, and Problems) to consider and several key business drivers (improving security, reducing risk, and meeting regulatory requirements) in deploying an IAM solution. And at the end of the day, four of the analysts presented as a panel and reviewed the 2009 "...

nicolas_popp | 03 Nov 2009 | 0 comments

One of key challenges in federated authentication network is the establishment of trust between an identity provider (IDP or OP) and relying party websites (RP). In the real world, contractual agreements provide a simple out-of-band mechanism to effectively bind two parties into a trust relationship. When it comes to federated identity networks, peer to peer contracts between many identity providers and a myriad of relying party websites do not provide for a scalable process. Therefore, open federated networks need a trust assurance framework to bootstrap trust between the three parties (the user, the OP and the RP).

The basic idea is that if an OP can be certified to comply with a set of industry best practices, the RP should be able to enter into open identity exchange where both the websites and the consumers are reasonably protected. Of course, a pragmatic trust assurance...

chalcon | 08 Oct 2009 | 0 comments

Today, we are pleased to announce that our customers' options have been broadened by our technical and sales partnership with RSA, another "Best-in-Class" Authentication Provider. The agreement will provide organizations with the mutual benefit of an expanded VIP Authentication Service through the availability of RSA SecurID® two-factor authentication technology for more choice in one-time password (OTP) authentication.

Organizations in search of strong authentication solutions will benefit from being able to use VIP in combination with RSA SecurID hardware tokens and the convenience of a single platform.

This technical and sales partnership between RSA and VeriSign signals a new chapter in the longstanding relationship between RSA and VeriSign, both of whom were recently rated Best-in-Class for Multi-Channel...

vipmobile | 06 Oct 2009 | 0 comments

CNET reported this morning that fraudsters phished thousands of email account passwords from multiple email providers.

You don't have to be a government official, political figure or celebrity to be the target of the phishing and password-reset hack. This latest incident demonstrates that hackers have moved beyond just the high and flighty to target ordinary people. With each security breach, the shortcomings of weak passwords and the need for stronger authentication solutions become more and more evident. One-time passwords via two factor authentication provides a critical layer of security to counter such threats. If you're an organization that has been on the fence on rolling out two-factor authentication, you're in luck. VeriSign is offering a 90 Day free trial of the VeriSign Identity Protection Service -- see more details at...

nicolas_popp | 22 Sep 2009 | 0 comments

Two weeks ago, I had the privilege to join the OpenID foundation and Information Card boards for a meeting with CIO, Vivek Kundra and his staff at the Whitehouse. The goal was to discuss the forthcoming OpenID pilot and better understand the government commitment to enabling distributed identity on the Web. Undeniably, this was a very interesting and spirited discussion.


A key take home for me was the recognition of identity as the lynchpin to new citizen-centric services, governmental IT cost reduction, and stronger cyber security. For key Obama initiatives such as citizen participation or electronic health records, identity management was described as foundational. Equally impressive was the sense of a holistic and consensual approach towards the broad deployment of trusted digital services across federal, state and local Web sites.

In particular, there is a clear...

yeinav | 15 Sep 2009 | 0 comments

It's about time Hollywood produces a blockbuster about identity management.

No, I'm kidding. No producer would never even read a script which includes the term "identity management" in its title (except, perhaps, "Harry Potter and the Identity Management Prince"). But there is a new Bruce Willis movie that deals with the issue of identities, among other things, and, well, that's a start.

The movie is called "Surrogates" (watch trailer), and it tells the story of a futuristic world in which humans live in isolation while only communicating with their fellow man through robots that serve as social surrogates and are better-looking versions of their human counterparts.

Now isn't that kind of what happens today in our own world? When we go to the web we have a virtual identity through which we communicate with our fellow man, fellow banks, fellow stores: we send our virtual...