Video Screencast Help
Authentication (User) Blog
Showing posts tagged with Risk-based Authentication Services
Showing posts in English
chalcon | 22 Apr 2011 | 1 comment

facebook logo.jpg

This week Facebook announced the availability of new security features for its users. Two significant features of note are the always-on "HTTPS" secure sessions, as well as the availability of two-factor authentication (aka strong authentication).

The use of "HTTPS" by websites enables secure information transmission, which helps protect users when sharing or sending personal information online. Many popular websites have added the HTTPS (where the "S" at the end of HTTP stands for "secure") this year due in part to the availability of interception tools like Firesheep. The presence of an SSL...

chalcon | 15 Feb 2011 | 0 comments

RSA 2011.jpeg

The RSA Conference 2011 at the Moscone Center in San Francisco has officially kicked off and the VIP team is starting the week off strong. Our VeriSign Identity Protection (VIP) Authentication Service is part of several exciting announcements this week and below is a brief look at what's in the news.

Ping Identity Integrates VIP to Deliver Cloud-Based Authentication with Single Sign-On
Ping Identity announced that it has integrated VIP into its PingFederate identity federate suite. The PingFederate Integration kit for VIP creates a solution that enables enterprises to secure remote workers with strong authentication, while providing them a single online identity with single sign-on across both internal applications and almost every leading cloud application. The complete press release can be found...

chalcon | 09 Feb 2011 | 0 comments

intel.jpeg

Today Symantec announced that it has been selected by Intel to integrate our VeriSign Identity Protection (VIP) credential into the Intel Identity Protection Technology (IPT) platform, found in select 2nd generation Intel Core processors. You can find the complete press release here for full details.

The combination of VIP and Intel IPT creates a new class of strong authentication credential for PC users that is embedded into the Intel chipset. Now VIP and Intel IPT can help prevent...

chalcon | 02 Feb 2011 | 0 comments

Carbon image.jpeg

According to a recent story in SearchSecurity.com UK, the EU Emissions Trading System was recently suspended by the European Union following what was described as "recurring security breaches in national registries over the last two months." The thefts involved $38 million worth of carbon credits.

Bloomberg reported that the latest breach occurred at Prague-based Electricity Market Operator (OTE), a government owned energy trading platform where over $7 million worth of carbon credits had been stolen and sold in the open market.

The Bloomberg story also reported that the OTE was due to introduce...

chalcon | 17 Jan 2011 | 0 comments

A Sacramento area man was recently arrested and pled guilty to hacking into numerous email accounts of women the U.S. and U.K. The man gained access to the email accounts by using information found on their Facebook profiles to help determine possible email passwords. After gaining access to their email accounts he would scan their email folders for personal information and then share that information with the entire contact list in the hacked email account. The full story can be found here.

In the video below the Bay Area ABC affiliate interviews Atri Chatterjee, vice president of Symantec's User Authentication group, to provide commentary on this story and the security vulnerabilities that come with simple "username and password" type authentication.

chalcon | 12 Jan 2011 | 0 comments

The increasing adoption and use of all things SaaS and mobile device related has created a bevy of new security challenges for today's enterprise IT departments. According to a recent report by Forrester Consulting, commissioned by Symantec, enterprises are unnecessarily leaving their organizations vulnerable to unauthorized access by cybercriminals. The press release announcing the report can be found here.

The Forrester commissioned report is part of a new Symantec initiative called Strong Authentication for Enterprises (SAFE), developed to provide enterprises with third party research that looks at the activities "open" enterprises do every day by allowing access to company resources.

The Forrester report titled...

chalcon | 17 Dec 2010 | 0 comments

password.jpeg

The recent Gawker database breach is yet another reminder of the weakness of the traditional "username and password" form of security. Previous database breaches, like this one, have shown that users do not realize how vulnerable they are making themselves and potentially their employers to identity and data theft by using weak passwords.

Steve Ragan of the Tech Herald wrote a story that includes a list of the top 250 passwords used by the Conficker Worm that you can read here. The list of passwords is truly impressive and includes many of the classics such as, "12345," "qwerty" and of course "password." It is surprising and concerning that these passwords continue to be used time and time again.

With the exposure of all of these passwords, we can't...

chalcon | 15 Nov 2010 | 0 comments

There's been recent news discussing the vulnerabilities of wireless apps for the banking industry and how they could impact users. As the number of Americans regularly using mobile banking services continues to grow, security concerns will grow along with them.

The challenges for banks to consider are all of the potential vulnerabilities in their implementation to better mitigate risks effectively while managing the delicate balance between extra layers of security vs. user experience.

Here are a few recommendations we suggest bank and financial institutions may want to consider:

- Deploy strong or two-factor authentication that goes beyond the traditional username and password. If username and password are compromised, the fraudster still needs the second factor to gain access to an account. With our VIP mobile SDK, banks can enable a silent user experience for a second factor of authentication allowing greater security without negative...

chalcon | 03 Nov 2010 | 0 comments

SC Mag finalist_logo 2.gif

The finalists for the SC Magazine Awards 2011 were announced this week and we were pleased to see that the VeriSign Identity Protection (VIP) Authentication Service made the list for the "Best Multifactor Product" category. This is the second year in a row that VIP has been named a finalist within the multi-factor product category.

The SC Magazine Awards will be announced on February 15, 2011 in San Francisco during the week of the RSA Conference. A full list of categories and finalists can be found here.

chalcon | 18 Oct 2010 | 0 comments

Window Phone.jpg

The launch of Microsoft's Windows Phone 7 took place to a lot of positive buzz. The long awaited new mobile OS from Microsoft offers some great new features on new handsets from Dell, Samsung, LG and HTC just to name a few. New phones with a new Windows OS just in time for Christmas (only 2 months a few days of shopping time left incase you were wondering).

With the launch of Windows Phone 7, the VIP Team is very excited to make available the VIP Mobile SDK for Windows Phone 7. We have been working hard to support just about every mobile platform available including Android, iPhone and Java 2 Micro Edition (J2ME). The availability of our Windows Phone 7 SDK is great news for developers that want to add strong authentication to their mobile applications.

Whether it's for consumers or the enterprise, mobile application developers can now leverage...