Video Screencast Help
Protect Your POS Environment Against Retail Data Breaches. Learn More.
Authentication (User) Blog
Showing posts tagged with Authentication
Showing posts in English
nicolas_popp | 20 Aug 2009 | 0 comments

In the coming years, many websites will contemplate adding strong authentication to accounts login. So far, early adopters for strong authentication have mostly been financial institutions. Since 2005, banks and brokerage firms have had had little choice than following the FFIEC guidance. This 2005 regulated mandated a move to stronger credentials than just name and passwords. Today, SAAS providers and large consumer Web sites are increasingly suffering brand exposure and public scrutiny following high visibility attacks (here and there). With increasing reliance on the cloud to host mission critical applications and sensitive data for enterprises and consumers, I would expect many large online services to begin offering stronger login...

Tim Callan | 17 Aug 2009 | 0 comments

Posted by Fran Rosch, SVP of User Authentication, VeriSign

This article was also published in SC Magazine.

All too frequently, reports surface of high-profile hacks victimizing individuals using weak password protection. But, unlike the inconsequential account break-ins hitting Britney Spears, Ashton Kutcher or Sarah Palin, the consequences of some compromised accounts raises serious implications for cloud services security.

Your personal and professional security is only as strong as your weakest password. And for IT managers, the security of an organization's cloud-based resources is only as strong as your most careless employee's weakest password.

Personal information can be harvested many ways - and the viability of traditional usernames and passwords are undermined by the "forgot...

vipmobile | 21 Apr 2009 | 1 comment

We announced our new "Mobile Developer Test Drive" program today at the 2009 RSA Conference. By leveraging the VIP Access for Mobile SDKs, developers can easily and quickly create a pilot version to transform personal mobile devices into two-factor authentication credentials.

The pilot allows developers to test the functionality of the mobile application to see how simply they can integrate strong authentication with any J2ME and iPhone applications. Developers of mobile payment, mobile banking, m-Commerce and mobile social networking can also easily incorporate VIP open standards two-factor authentication into their applications and protect their users with extra layer security that goes beyond standard secure log-ins.

To find out more about our new VIP mobile developer test drive, please visit...

vipmobile | 20 Apr 2009 | 0 comments

With the success of VIP Access for iPhone, we are adding many leading phone models into our mobile credential family. In addition to iPhone, VIP Access for Mobile now supports more than 90 popular mobile phone models including all the popular BlackBerry models as well as the Motorola, Nokia and Sony Ericsson.

VIP Access for Mobile is an easy-to-install application that transforms leading mobile phones into strong authentication credentials. To discover the benefits of the easy-to-use and cost-effective VIP Access for Mobile, download VIP Access for Mobile from m.verisign.com.

We continue adding popular feature phones into our phone family each month. If there is a popular phone model you do not see on our current official supported phone list that you would like to be considered, please let us know!

...

vipmobile | 16 Apr 2009 | 0 comments

We are very excited to share that our VIP Access for iPhone downloads has reached a record high. Downloads grew three times more than our previous record high this week.

We appreciated all the constructive feedback from our VIP users. Many users also wish more online banks, gaming and social network sites would sign up with VIP Network, so they can use one VIP Access credential anytime anywhere to secure their online accounts and online identity.

 
We also have had many iPod touch users ask to be notified when we include support for the iPod Touch. Although in our first release, we leverage SMS as part of activation process, we are reviewing other alternatives to enable iPod Touch users in the near future. Stay tuned.

If you have any suggestions, please email to vipmobile@verisign.com. We love to hear from our users.

vipmobile | 14 Apr 2009 | 1 comment

What are the hottest applications you can get for your iPhone this week?

Check out Apple's App Store "What's HOT" category. You will see "VIP Access" for iPhone recommended for iPhone users. This is the only security application to receive the coveted endorsement from the App Store - What's HOT category this week.

This great mobile application turns your iPhone into your personal security device and adds an extra layer security for your online accounts at the 40+ members of the VIP Network - including eBay, PayPal, AOL, and ...

vipmobile | 31 Mar 2009 | 6 comments

Starting today, millions of iPhone users can now protect their online identities with VIP Access! A free download from the Apple app store, VIP Access turns your iPhone into a VIP credential, which adds an extra layer of security to your online accounts at the 40+ members of the VIP Network - including eBay, PayPal, AOL, and GEICO.

+ Read the New York Times Article

+ Read our press release

Download the app using...

nicolas_popp | 08 Mar 2009 | 0 comments

There is no doubt that mashups will be an important construct of the next Internet. The ability to "compose" distributed Web services into one single aggregate service or view is a significant enabler. The lightweightness of HTML and JavaScript speak to the simplicity of a successful programming model. Add to this the emergence of open standards like OAuth, and the need to distribute functionality across screen boundaries (PC, mobile and IP TV), and the picture becomes very clear; mashups and widgets are likely lead the componentization of the Web and become an important distribution mechanism.

For mashups to become ubiquitous, a trust infrastructure is needed. To establish trust between a widget aggregator (a consumer portal, the enterprise portal or your homepage or TV screen), and a widget provider, protocols like OAuth essentially rely on the exchange of shared secrets. This works well when there are only a few big portals serving as aggregators. However, because they...

chalcon | 03 Feb 2009 | 0 comments

Imagine this scenario. You have a couple of hours to kill, so you log onto the free wireless access at an Internet cafe and check your personal email, maybe even make sure your latest check won't bounce by logging on to your banking site. (Whoops, that's just me).

What if a fraudster had set up that free WiFi you just logged into? How much of your personal information was just compromised? Well, this nightmare scenario is coming true. It's so widespread that it has even earned its own nickname: The "Evil Twin." Fraudsters can easily set up a fake hub and even name it to look legitimate, by using the name of a nearby store or cafe. Some people have noticed this in airports.

But don't lose hope: the "good guys" at the WiMAX Forum have defined a security model using two-way mutual authentication...

Vicente | 06 Jan 2009 | 0 comments

I always find it interesting the way old scams are redressed for new and emerging channels.

That was the case during the last few days when Twitter users and employees found themselves under attack by phishers and hackers: follow these links to find a good account of the former and the latter.

Today I'll talk about the phishing attack, which consisted in luring people to give away their twitter passwords to a fake site, the novel aspect is that it used twitter-generated messages (Direct Messages) to propagate to your list of contacts (Followers).

This is all pretty similar to what we have seen with phishing via e-mail, but with two key differences:

- The first one is that e-mail phishing is a "mature product" where phishers are one...