Video Screencast Help
Authentication (User) Blog
Showing posts in English
chalcon | 17 Jan 2011 | 0 comments

A Sacramento area man was recently arrested and pled guilty to hacking into numerous email accounts of women the U.S. and U.K. The man gained access to the email accounts by using information found on their Facebook profiles to help determine possible email passwords. After gaining access to their email accounts he would scan their email folders for personal information and then share that information with the entire contact list in the hacked email account. The full story can be found here.

In the video below the Bay Area ABC affiliate interviews Atri Chatterjee, vice president of Symantec's User Authentication group, to provide commentary on this story and the security vulnerabilities that come with simple "username and password" type authentication.

chalcon | 12 Jan 2011 | 0 comments

The increasing adoption and use of all things SaaS and mobile device related has created a bevy of new security challenges for today's enterprise IT departments. According to a recent report by Forrester Consulting, commissioned by Symantec, enterprises are unnecessarily leaving their organizations vulnerable to unauthorized access by cybercriminals. The press release announcing the report can be found here.

The Forrester commissioned report is part of a new Symantec initiative called Strong Authentication for Enterprises (SAFE), developed to provide enterprises with third party research that looks at the activities "open" enterprises do every day by allowing access to company resources.

The Forrester report titled...

chalcon | 17 Dec 2010 | 0 comments


The recent Gawker database breach is yet another reminder of the weakness of the traditional "username and password" form of security. Previous database breaches, like this one, have shown that users do not realize how vulnerable they are making themselves and potentially their employers to identity and data theft by using weak passwords.

Steve Ragan of the Tech Herald wrote a story that includes a list of the top 250 passwords used by the Conficker Worm that you can read here. The list of passwords is truly impressive and includes many of the classics such as, "12345," "qwerty" and of course "password." It is surprising and concerning that these passwords continue to be used time and time again.

With the exposure of all of these passwords, we can't...

chalcon | 15 Nov 2010 | 0 comments

There's been recent news discussing the vulnerabilities of wireless apps for the banking industry and how they could impact users. As the number of Americans regularly using mobile banking services continues to grow, security concerns will grow along with them.

The challenges for banks to consider are all of the potential vulnerabilities in their implementation to better mitigate risks effectively while managing the delicate balance between extra layers of security vs. user experience.

Here are a few recommendations we suggest bank and financial institutions may want to consider:

- Deploy strong or two-factor authentication that goes beyond the traditional username and password. If username and password are compromised, the fraudster still needs the second factor to gain access to an account. With our VIP mobile SDK, banks can enable a silent user experience for a second factor of authentication allowing greater security without negative...

chalcon | 03 Nov 2010 | 0 comments

SC Mag finalist_logo 2.gif

The finalists for the SC Magazine Awards 2011 were announced this week and we were pleased to see that the VeriSign Identity Protection (VIP) Authentication Service made the list for the "Best Multifactor Product" category. This is the second year in a row that VIP has been named a finalist within the multi-factor product category.

The SC Magazine Awards will be announced on February 15, 2011 in San Francisco during the week of the RSA Conference. A full list of categories and finalists can be found here.

chalcon | 18 Oct 2010 | 0 comments

Window Phone.jpg

The launch of Microsoft's Windows Phone 7 took place to a lot of positive buzz. The long awaited new mobile OS from Microsoft offers some great new features on new handsets from Dell, Samsung, LG and HTC just to name a few. New phones with a new Windows OS just in time for Christmas (only 2 months a few days of shopping time left incase you were wondering).

With the launch of Windows Phone 7, the VIP Team is very excited to make available the VIP Mobile SDK for Windows Phone 7. We have been working hard to support just about every mobile platform available including Android, iPhone and Java 2 Micro Edition (J2ME). The availability of our Windows Phone 7 SDK is great news for developers that want to add strong authentication to their mobile applications.

Whether it's for consumers or the enterprise, mobile application developers can now leverage...

chalcon | 15 Oct 2010 | 4 comments

facebook logo.jpg

This week Facebook announced that they have begun rolling out one-time passwords (OTP) to their users as an added layer of security. Facebook is providing OTPs to help protect its users while on public computers like those at coffee shops, libraries, hotels and airports. For Facebook users looking to take advantage of this, they'll need to have a mobile phone number in their Facebook account and by texting "otp" to 32665 they will receive a one-time use password that last for 20 minutes.

For quite some time VeriSign, now part of Symantec, has been educating consumers and enterprises on the need and value of OTP. Our cloud-based VIP Authentication...

chalcon | 15 Oct 2010 | 0 comments

Qualys logo 3.jpg

At this week's RSA Conference in Europe, Qualys announced that it will now offer its customers strong authentication protection with our VIP Authentication Service. VIP will provide users of QualysGuard® a safer and more secure way to access and manage their accounts.

Qualys is the latest VIP customer to implement our leading cloud-based authentication service that allows enterprises to secure online access and transactions to obtain compliance and reduce fraud risk. As with VIP, QualysGuard is a SaaS service that requires no on-premises...

nicolas_popp | 06 Sep 2010 | 1 comment

It is clear that high assurance identity on the internet is going to require identity proofing. With more than 1 Billion Web users, and 3 Billion mobile users increasingly connected to the Internet, scalability is going to be essential. If high assurance identities become the norm, digital identify verification services that do not require in-person proofing could therefore turn into a significant market opportunity

Most folks in the industry would tell you that credit bureaux, and financial institutions ought to be primary beneficiaries as the new business emerges. However, the convergence of Internet, mobile and telecommunication driven by iPhone and Android could attract new market players. Mobile network operators (MNOs) have a wealth of identifiable data about us. They are also uniquely positioned to bring to market multi-channel solution. In fact, an MNO-operated ID proofing service could easily support voice and web, for brick and mortar as well as online service...

vipmobile | 01 Jul 2010 | 0 comments

Congratulations to Addison Avenue Federal Credit Union and the U.S. District Court in the District of Columbia, both of which were designated as Laureates by the Computerworld Honors Program. In addition to this honor, Addison Avenue Federal Credit Union was also named as a finalist for the Computerworld 21st Century Achievement Award, an award that honors and documents the extraordinary innovations of individuals and organizations that are leading the global IT revolution.

Addison Avenue Federal Credit Union
Addison Avenue offers its customers the...