Authentication (User) Blog

User Authentication solutions provide two-factor authentication, public key infrastructure (PKI) services, and risk-based authentication to protect interactions between consumers, business partners, and employees. User Authentication solutions are delivered as cloud-based solutions, enabling enterprises to add strong authentication to applications, networks, and devices without the capital cost of hardware and software associated with traditional strong authentication solutions.

Follow Us on Twitter
  • 1
    Updated: chalcon 08 Aug 2012

    Facebook to offer more security for the social world

    This week Facebook announced the availability of new security features for its users. Two significant features of note are the always-on "HTTPS" secure sessions, as well as the availability of two-factor authentication (aka strong authentication). The use of "HTTPS" by websites enables secure information transmission, which helps protect users when sharing or sending personal information online. Many popular websites have added the HTTPS (where the "S" at the end of HTTP stands for "secure") this year due in part to the availability of interception tools like Firesheep. The presence of an...
  • 0
    Updated: nicolas_popp 08 Aug 2012

    Top 10 Security "Predictions" for 2010

    As one of the world's leading security vendors, VeriSign has been asked to discuss the top 10 most important security areas for 2010. So, ahead of my new year's resolution, I decided to indulge (after a year working heads down on a single product, it is a fun exercise to think of all the things that you have been missing out on). Although the list is far from complete, it is clear to me that there is no recession for the bad guys. In fact, it has probably never been a more interesting time to be in the security business. Security Prediction #1: Cloud Security (Securing the Next IT Infrastructure) Call it cloudmania or software as a service (SaaS) hype, data, applications, or networks: The whole IT infrastructure is shifting to the cloud. With it, a large chunk of today's IT budgets will be redistributed to the next Google of the cloud. In 2010, SaaS security will be in the forefront as chief information officers ponder their increasing...
  • 0
    Updated: vipmobile 08 Aug 2012

    Layered Security Strategy, the Key to Trust

    Han Dong, Senior Product Marketing Manager, User Authentication Some thoughts on a couple of recent articles, one from Gartner Research: Where Strong Authentication Fails and What You Can Do About It, by Avivah Litan and a similar article by Jaikumar Vijayan in Computerworld, which also references Ms. Litan's article. The basic idea presented in these two articles is that "one-time passwords...are no longer enough to protect online banking transactions against fraud." These one-time password (OTP) token-based two-factor authentication methods may be compromised by man-in-the-browser malware that overwrites the user transactions to steal their assets. So the general recommendation from Avivah Litan is "A...
  • 0
    Updated: vipmobile 08 Aug 2012

    Meditations in an Analyst Summit

    Han Dong, Sr. Product Marketing Manager, User Authentication Greetings VIP Blog fans, I'm here at the 2009 Gartner Identity & Access Management (IAM) Summit. The day started off with a keynote presented by Earl Perkins, one of the lead Gartner analysts who explained how much IAM has evolved over the years - highlighting the fact that there are several IAM lifecycle elements (Planning, Process, and Problems) to consider and several key business drivers (improving security, reducing risk, and meeting regulatory requirements) in deploying an IAM solution. And at the end of the day, four of the analysts presented as a panel and reviewed the 2009 "Magic...
  • 0
    Updated: chalcon 08 Aug 2012

    RSA and VeriSign team up on Cloud-based, Two-Factor Authentication offering

    Today, we are pleased to announce that our customers' options have been broadened by our technical and sales partnership with RSA, another "Best-in-Class" Authentication Provider. The agreement will provide organizations with the mutual benefit of an expanded VIP Authentication Service through the availability of RSA SecurID® two-factor authentication technology for more choice in one-time password (OTP) authentication. Organizations in search of strong authentication solutions will benefit from being able to use VIP in combination with RSA SecurID hardware tokens and the convenience of a single platform. This technical and sales partnership between RSA and VeriSign signals a new chapter in the longstanding relationship between RSA and VeriSign, both of whom were recently rated Best-in-Class for Multi-Channel Authentication Technology...
  • 1
    Updated: vipmobile 08 Aug 2012

    VeriSign Shares Strong Authentication Development Tools with Mobile Developers in the Fast Lane

    We announced our new "Mobile Developer Test Drive" program today at the 2009 RSA Conference. By leveraging the VIP Access for Mobile SDKs, developers can easily and quickly create a pilot version to transform personal mobile devices into two-factor authentication credentials. The pilot allows developers to test the functionality of the mobile application to see how simply they can integrate strong authentication with any J2ME and iPhone applications. Developers of mobile payment, mobile banking, m-Commerce and mobile social networking can also easily incorporate VIP open standards two-factor authentication into their applications and protect their users with extra layer security that goes beyond standard secure log-ins. To find out more about our new VIP mobile developer test drive, please visit...
  • 0
    Updated: vipmobile 08 Aug 2012

    VeriSign Identity Protection for Mobile Expanded to Leading Mobile Phones

    With the success of VIP Access for iPhone, we are adding many leading phone models into our mobile credential family. In addition to iPhone, VIP Access for Mobile now supports more than 90 popular mobile phone models including all the popular BlackBerry models as well as the Motorola, Nokia and Sony Ericsson. VIP Access for Mobile is an easy-to-install application that transforms leading mobile phones into strong authentication credentials. To discover the benefits of the easy-to-use and cost-effective VIP Access for Mobile, download VIP Access for Mobile from m.verisign.com. We continue adding popular feature phones into our phone family each month. If there is a popular phone model you do not see on our current official supported phone list that you would like to be considered, please let us know! ...
  • 0
    Updated: chalcon 08 Aug 2012

    Watch out for the "Evil Twin" - Coming to a Hot Spot Near You

    Imagine this scenario. You have a couple of hours to kill, so you log onto the free wireless access at an Internet cafe and check your personal email, maybe even make sure your latest check won't bounce by logging on to your banking site. (Whoops, that's just me). What if a fraudster had set up that free WiFi you just logged into? How much of your personal information was just compromised? Well, this nightmare scenario is coming true. It's so widespread that it has even earned its own nickname: The "Evil Twin." Fraudsters can easily set up a fake hub and even name it to look legitimate, by using the name of a nearby store or cafe. Some people have noticed this in airports. But don't lose hope: the "good guys" at the WiMAX Forum have defined a security model using two-way mutual authentication and they are creating...
  • 0
    Updated: yohai 08 Aug 2012

    Putting order into things (Part I)

    By Yohai Einav, Senior Fraud Analyst A deserted street, night, a frightened old lady hops towards a policeman who just left the bar. Old lady: "Please officer, this e-mail is trying to phish me!" She shows a laptop to the Policeman. Old lady: "My grandson gave it to me for my birthday, and he warned me of such things. Now it is trying to phish me!" Policeman: "Let me see this". The Policeman looks at the screen. He sees a phishing email. Policeman: "Lady, do you have any idea what this is? This is identity theft! Wait a second; I must report this to my superiors right away!" The policeman talks into his walkie-talkie: Policeman: "Jim, I want to report an identity theft on 8th and Houston.... Yes, an old lady again.... Yes, her grandson... no, I didn't get the IP..." The policeman leans toward the old lady. Policeman: "You are lucky to still have your...
  • 0
    Updated: vipblog 08 Aug 2012

    PayPal: New "Key" on the Block

    Today PayPal launched mobile access for its Security Key. This means that along with the traditional token and credit card form factor, PayPal Security Key users can now get their one time password (OTP) texted to their mobile phone. This is very cool, especially if you're one of those people who use your cell phone for everything--phone, email, text, Internet, GPS, camera...and now you can use it to protect your accounts online. The new SMS OTP for the PayPal Security Key is available to customers in the U.S., Australia, Austria, Canada and Germany. PayPal does not charge for the OTPs texted to mobile devices. To use the service, customers need a mobile device and wireless service set up to receive SMS text messages. It's that simple. The PayPal Security Key is part of the VeriSign Identity Protection (VIP) Network. As part of this network, consumers can use the OTPs to protect their accounts on a variety of financial services and e-commerce Web sites like eBay,...