Posted by Kerry Loftus, Vice President of Consumer Authentication
I am constantly evaluating our offerings and other technology solutions, asking: will this really play in my hometown of Erie, PA? The challenge for security vendors has always been there but have we delivered solutions that provide a broad spectrum of security for our customers depending on their needs, risks and users? Two years ago, when the FFIEC guidance around multifactor authentication came out, our customers told us we hadn't. Companies like VeriSign quickly innovated to find that right balance between security, usability, and convenience. Device IDs, images, networked authentication and a whole host of convenient 2-factor credentials emerged and the race is on to find that next game- changing security solution.
We at VeriSign believe there are two critical pieces to this moving forward:
1. Open standards. In other words: two-factor authentication solutions from multiple vendors allowing customers to mix and match and price shop depending on their risks and user profiles. Meet OATH, openauthentication.org. Created in 2003, OATH came together to publish specifications that a whole host of vendors can innovate around.
2. Convenience and lower costs. 75 members in OATH later, we have SMS OTP, flash drives with OTP capability, mobile phone applications that can generate authentication credentials, credit card sized devices, etc.
No one can dispute that consumers spend more money at places they trust. Convenient, low-cost security solutions will play in Erie, PA. If your security vendor can't show you that they comply with open standards and deliver cost effective, convenient solutions its probably time to move on.