Video Screencast Help
Scheduled Maintenance: Symantec Connect is scheduled to be down Saturday, April 19 from 10am to 2pm Pacific Standard Time (GMT: 5pm to 9pm) for server migration and upgrades.
Please accept our apologies in advance for any inconvenience this might cause.

Authentication (User) Blog

Showing posts tagged with Identity
Showing posts in English
nicolas_popp | 20 Aug 2008 | 1 comment

Today, we are releasing a brand new version of the Personal Identity Portal (PIP). With support for two-factor authentication, the PIP remains a strong OpenID provider as VeriSign remains committed to the broad deployment of OpenID across the Internet. Beyond OpenID, the new PIP also includes some unique identity management features. As the user-centric identity movement reaches beyond authentication and attribute exchange, we wanted to evolve the PIP into an identity aggregation service that enhances control, convenience and security over personal data even when the data is scattered across non-interoperable Web sites.homepage.jpgThis theme of identity aggregation is going to remain an important product philosophy for us moving forward. Our first implementation focuses on personalization, convenience and security. This post...

vipblog | 06 Aug 2008 | 0 comments

by Perry Tancredi, Senior Product Manager, VeriSign Fraud Detection Service

I'm Perry Tancredi, and I manage the VeriSign VIP Fraud Detection Service product. A lot of times when I explain what I do to my friends and family, especially when I talk about some of the latest attacks we see, the conversation turns to whether or not it's too risky to do anything online at all. People want to know if I think banking and shopping online is safe, what virus program I use at home and what they should be doing to protect themselves.

I had already been writing this post when the news about the largest case of identity theft in America (BBC,...

vipblog | 02 Jul 2008 | 0 comments

We asked people on the streets of San Francisco about what they do online, how many passwords they have, and whether they think their personal information is safe.

"Any bill that I pay, other than my rent, I pay online"
"There's probably a lot of sites out there that have my personal information."
"Sometimes even with secure sites, hackers get through"

"Every time I use a credit card, I hope that's the only place it gets used."

Find out how VeriSign can help keep your online identity safe.

nicolas_popp | 19 May 2008 | 0 comments

The issue of personal data portability is rapidly moving center stage. So, what is the big fuss about and what is really at stake here?

For us, as consumers, it is an important issue because eventually, it will determine how much ownership we will be able to enforce upon our personal data and content, including our social graph, that today, is dispersed across competing social networks and Web portals.

For Google, and FaceBook (FB), the stakes are equally high. Ultimately, the winner could take it all and be the one who really drives revenue from social networking. But to understand, we need to review the controversy first.

It really all started with OpenSocial. OpenSocial was Google's response to the rapid rise towards hegemony of FB APIs. To counter FB, Google...

vijai | 02 Apr 2008 | 1 comment

Posted by Vijai Shankar, Sr. Product Marketing Manager at VeriSign, Inc.

We are seeing more and more articles about the difficulty remembering username and passwords. To add to the list along with our other stuff to remember i.e. household chores, birthdays etc., we now have to remember the new trend of security questions along with username and passwords. I was having a problem logging into one of my student loan accounts, which not only had a username and password but a set of security questions in a PARTICULAR order. Phew, needless to say I was locked out and had to call in, listen to some crazy call center music and after 15 minutes of waiting, spoke to an agent to unlock my account.

I saw this article in The Wall Street Journal about the daunting task of managing passwords, a complicated system she came up with, aggravated by the added task to manage...

vipmobile | 01 Apr 2008 | 0 comments

Posted by Kerry Loftus

I drove my 13-year-old and his friends to one of their activities recently (yes, I have a minivan) and their conversation was really interesting and eye opening. I quickly called my gal pals in Erie, PA to find out if they were hearing the same and got the affirmative so this is not just a 'valley' phenomena. All of our kids are online and many are using various email, IM and social networking applications. Did you know that they all know each other's usernames and passwords? If they don't know the password part, they can very quickly guess (I chimed in at one point and asked them if they knew anything about 'strong passwords'-- most of them replied that they just use 'password'!). They didn't really think protecting the information was important.

It's probably harmless to sign in as your friend on IM and send one of the girls in your class a provocative message, but couldn't that be the tip of the iceberg? What about online...

vipmobile | 07 Feb 2008 | 0 comments

Today's announcement that Google, Microsoft, Yahoo!, IBM, and VeriSign are joining the OpenID Foundation's board is great news for the future of online identity. A single portable online identity has long been elusive, and we're excited to see it come one step closer to reality. I certainly won't miss my ever growing list of usernames and passwords!



But what happens when your entire online identity is consolidated into a single entity? It becomes a prime target for attack. In the pre-OpenID world, attackers need to steal your individual credentials for each and every site you visit; but if they're all replaced with a single OpenID, hacking just one account gives you the keys to the castle.



The need for strong account protection has never been greater, which is why we've integrated our...

vipmobile | 05 Feb 2008 | 0 comments

Hi, I'm Jeff Burstein, a product manager on the VIP team.

Today is Super Tuesday, and as a California resident, I went to vote this morning in the primary election. Since this is a blog about identity and trust, let's examine what I needed today to prove my identity to vote: nothing. Do I really look that trustworthy?

I walked into my polling place, went up to the table and told the poll worker my name, which she dutifully looked up in the voter roll and crossed out. No identity check needed, no need to show my ID, check a signature, or any other form of authentication -- just the honor system. (And of course the threat of going to jail for voter fraud!)

For those of us who live and breathe identity and authentication every day this is just unnatural! Of course, there are all sorts of reasons for the lack of strong authentication for voting today, most having to do with budgets, voter turnout, the 24th amendment, and the potential for discrimination. So...

Tim Callan | 06 Feb 2007 | 0 comments

This week should be an exciting week for the OpenID community, with lots of things happening at the RSA conference going on in San Francisco. Here's an announcement between VeriSign and some of its partners in the OpenID effort announcing plans to work with Microsoft on making OpenID and CardSpace interoperable:

Microsoft to Work With the OpenID Community, Collaborating With JanRain, Sxip, and VeriSign


JanRain, Microsoft, Sxip, and VeriSign will collaborate on interoperability between OpenID and Windows CardSpace(TM) to make the Internet safer and easier to use. Specifically:
  • As part of OpenID's security architecture, OpenID will be extended to allow relying parties to explicitly request and be informed of the use of phishing-resistant credentials.
  • Microsoft recognizes the growth of the OpenID community and believes OpenID plays a significant role in the Internet identity infrastructure. Kim Cameron, Chief...

Tim Callan | 16 May 2006 | 2 comments

You're invited to visit and try out a beta version of an identity service we've provided. It's called the VeriSign Personal Identity Provider (“PIP” for short), and you can find it at http://pip.verisignlabs.com. The VeriSign PIP is designed to provide a “home base” for users who want use OpenID applications. Users who register with the VeriSign PIP get an OpenID – a URL they can use to login and authenticate at sites that accept OpenID. In addition, the VeriSign PIP lets you store profile information, and control how, when and with whom that information can be shared.

What Can I Do With The VeriSign PIP?

When you register at the VeriSign PIP, your user name is used to generate a unique URL for your profile. My username is “mgraves”, so my OpenID is “http://mgraves.pip...