contents | software | |||||||
| Entrust IdentityGuard 8.0 is Released Entrust, Inc. has unveiled Entrust IdentityGuard 8.0, a market first in the delivery of a flexible, strong, risk-based mutual authentication platform. The new capabilities can help allow organizations to bolster their customers' online confidence by helping to reduce the risk of online identity attacks while fitting seamlessly into the user experience at a fraction of the cost of conventional hardware tokens. Entrust IdentityGuard has demonstrated key market momentum in just months since its initial release. In that time period, over 2.1 million licenses have been shipped to a range of organizations including financial services and government. Driving this momentum is the growing realization that for the mass consumer and citizen market, traditional hardware tokens are simply not practical or economical. Building on its current ability to deliver cost-effective strong authentication, Entrust IdentityGuard 8.0 enables organizations to choose from a range of authentication methods, similar to those outlined in the recently released FFIEC report, including Mutual Authentication, Device Authentication, Non-Hardware-Based One-Time-Password Cards and Out-of-Band Authentication -- all from a single solution. Mutual Authentication - with the significant increase in phishing attacks, organizations must restore consumer confidence by demonstrating the authenticity of their websites to users. Entrust IdentityGuard 8.0 allows users to select a personal image or message that is played back to them when they access their online account. By recognizing this image or message, users will immediately know if they are on the legitimate website, or conversely, a phishing website attempting to steal their information. Non-hardware Based Authentication Options - responding to customer requests for solutions that don't require hardware or software, and fit easily into the user experience, Entrust IdentityGuard now offers additional authentication capabilities, including: -- Machine authentication - authentication of the user's machine as one from which transactions may be performed. -- 'Out of band' or Mobile authentication - authentication of the user by sending a one-time password to a device of their choosing (cell phone, mobile device, email, phone). This capability is designed to address 'man in the middle attack' concerns. -- Knowledge-based authentication - authentication of the user by asking them additional questions based upon responses previously provided during registration. -- Scratch Card Authentication - one time password carried by the user where each password is struck off after use. -- Non-Hardware-Based One-Time-Password Cards - this existing capability includes the Entrust IdentityGuard unique grid of characters and numbers that can be used to answer a random challenge. Flexible, Risk-Based Authentication - customers, analysts and the recently released FFIEC report, all call for a range of authentication methods that can be best aligned to the risk of a given transaction or the sensitivity of the information being communicated. Instead of trying to force one solution into meeting all the needs, Entrust is offering a range of authentication capabilities that can be used individually or together based upon the transaction. Entrust IdentityGuard allows organizations to tailor the appropriate authentication for transaction risk, with the ability to use a 'layered' authentication approach based upon the nature of the transaction. For example, a user may initially authenticate based upon their user name and password and the validation of their computer, done automatically behind the scenes. When performing a higher value, higher risk transaction during the same session, the user would be prompted to provide additional authentication, perhaps using a grid authentication card or by receiving a one-time password via their cell phone. write your comments about the article :: © 2006 Computing News :: home page |