|SanDisk authentication system against online fraud|
Mark Peters : October 23th 2006 - 16:22 CET
SanDisk TrustedSignins authentication system : Online banking, shopping and other transactions will soon have added security with a new dual-factor authentication product called TrustedSignins, which was introduced by SanDisk Corporation, the world’s largest supplier of flash memory cards. The announcement was made at the RSA Conference, where SanDisk is giving demonstrations at Stand 38 in the Nice Acropolis. The TrustedSignins authentication system provides highly secure protection against online fraud because it uses dual-factor authentication, which requires the combination of something you know, such as a password or user name, with something you have, such as a SanDisk USB flash drive or mobile memory card. |
SanDisk TrustedSignins solution|
The TrustedSignins solution is based on the same SanDisk USB flash drives and mobile card formats sold at many of the more than 187,000 stores worldwide that carry SanDisk products. “TrustedSignins technology will be available to financial and other institutions for pilot programs before becoming a standard feature on select SanDisk USB flash drives in 2007,” said Ron LaPedis, product marketing manager for SanDisk. “TrustedSignins software is stored and launched directly from the USB flash drive and requires no installation on a host computer, thus making it consumer-friendly.”
SanDisk Authentication system
In addition to entering a static user name and password, a consumer connects the SanDisk flash drive containing TrustedSignins technology to a PC and a one-time password (OTP) is generated and supplied to the website for an extra level of security. The one-time password can be routed seamlessly to an identity protection network for validation, allowing the user to access multiple accounts such as those from a bank, auction house or brokerage.
Two-factor authentication for end-users
RSA, The Security Division of EMC, and Verisign are each working with SanDisk to enable and provide consumer-friendly, two-factor authentication for end-users who purchase SanDisk mass-storage devices at retail outlets and then use them at either an RSA SecurID enabled webite or a VeriSign-enabled website. The generic term for a device with this functionality is called a token. TrustedSignins supports multiple virtual tokens and multiple algorithms, so the technology is versatile and expandable.
RSA SecurID technology
“As the public grows increasingly aware of the risks associated with transacting online, consumers are looking to their banks and other institutions to deliver more effective means of protecting their identities,” said Jim Melvin, vice president of marketing at RSA, The Security Division of EMC. “Delivering SanDisk flash drives with embedded RSA SecurID technology will provide consumers with access to market-leading technology and the ability to strongly authenticate using a device they already carry. We are excited to see this initiative move forward and pleased that SanDisk has chosen to support RSA’s efforts to provide more flexible options for stronger user authentication.”
VeriSign Identitiy Protection
”The VeriSign Identitiy Protection (VIP) Shared Authentication Network provides an integrated network intelligence platform that allows consumers to utilize their two-factor credentials across the internet,” said Nico Popp, vice president, Authentication Services for VeriSign. ”Combined with SanDisk’s USB and mobile cards, consumers now have the benefit of a device that offers strong online security experience while preserving the convenience of their current web lifestyle.”
SanDisk 32-bit memory controller
The TrustedSignins platform is built upon SanDisk’s 32-bit memory controller driving an embedded high-performance cryptographic engine. This provides real-time encryption and tamper-resistant security to keep stored data highly secure. As a secure platform that is transparent to the consumer, it is ideal for supporting one-time passwords and other secure value-added applications.
TrustedSignins compatible SanDisk memory device
The main advantage for enterprises over existing token-based authentication solutions is that the institution does not need to bear the expense of stocking and supplying tokens to its user base but can simply advise customers to buy a TrustedSignins compatible SanDisk memory device in whatever capacity they like. As an incentive, the institution can offer a rebate to customers who use a memory device as their authentication method. For consumers, the benefit is in having an authentication system on a device that they would normally carry with them, as opposed to a dedicated device that can only generate one-time passwords. SanDisk provides an automatic OTP fill-in browser plug-in with simple, clickable icons that makes the system easy to use and adopt.
Open Authentication - VeriSign Identity Protection
Under the partnership with VeriSign, SanDisk is embedding the capability to access the VeriSign Identity Protection (VIP) Service based on Open Authentication (OATH) compliant One-Time Password algorithms. “OATH is very pleased that San Disk is introducing the TrustedSignin One Time Password solution that uses the OATH algorithm,” said Donald Malloy, director of business development at OATH. “By promoting the use of Open Authentication solutions, member company San Disk is providing a device that offers strong authentication and is compatible with other OATH complaint systems.” As announced in February at RSA Conference 2006, RSA and SanDisk are working together so that SanDisk will be embedding the industry-leading RSA SecurID one-time-password (OTP) algorithm into the flash drives.
SanDisk is the original inventor of flash storage cards and is the world’s largest supplier of flash data storage card products, using its patented, high-density flash memory and controller technology. SanDisk is headquartered in Milpitas, California, and has operations worldwide, with more than half its sales outside the United States.