|
|
16 June 2008
SSMS Release 8 provides a range of new features aimed at extending the breadth of authentication device support available within SSMS with support now available for the personalisation and lifecycle management of Thales PSM,s Vasco tokens, RSA SecureID tokens, EMV and a range of PKI enabled smart cards incorporating both contact and contactless interfaces.
Release 8 also provides more powerful integration with Thales SafeSign Authentication Server, making SSMS the logical choice for existing Authentication Server customers who are seeking to streamline their token, device and credential issuing and management processes.
Thales, a leading supplier of IT security products and solutions for all critical infrastructures, today announced the launch of a packaged pilot version of its market-leading identity management and authentication solution, SafeSign, for mobile authentication. The pilot package is aimed at enterprises, banks and corporates, which need to implement strong authentication systems quickly and cost-effectively. The solution allows customers and employees to securely access services, such as online banking or work stations, using a mobile phone as the security token, removing the need to carry a dedicated hardware token.
As the worldwide mobile subscriber base is expected to increase from 2.6 billion at year-end 2006 to approximately 4.9 billion by year-end 2012* , the mobile phone is increasingly becoming a ubiquitous and cost-effective platform for authentication.
Thales' SafeSign mobile authentication pilot allows companies to quickly implement stronger security solutions in response to industry regulation or security breaches. By using the SafeSign pilot package, a strong authentication environment can be set up in under 20 minutes, revolutionising the pilot phase of a project, saving valuable time and enabling companies to react more quickly to changing security requirements.
As companies recognise the security weaknesses inherent in user ID and password log-ins, there is a growing need for two-factor authentication solutions to enhance security. Using a mobile phone for two-factor authentication is particularly attractive as there is no requirement for end users to carry a hardware token and organisations do not have to set up a new token infrastructure. Organisations can leverage the sophisticated support and distribution network that trusted mobile operators have already developed to reliably deliver services and mobile devices to millions of users.
Paul Meadowcroft, head of transaction security for the e-Security activities of Thales, commented, “Our SafeSign solution supports a range of security tokens, but the mobile phone is gaining traction as an authentication device as many of us carry our phones with us all the time. By offering this service in a pilot package, we are enabling our customers to save the time, money and resource that is often ploughed into traditional pilot projects. Such considerations are crucial at a time when many of our customers are under pressure to respond quickly to a constantly evolving security environment. The ability to easily run a proof-of-concept programme before committing to full-scale deployment also provides customers with the confidence that they are investing in a solution which will meet their business and security needs.”
Thales' SafeSign mobile authentication pilot package offers three different levels of authentication depending on customers' needs in terms of exposure to risk and the level of security required. One-off security details can be delivered to the user through an SMS or the handset can be configured to generate a one-time password or, for the strongest level of security, a challenge-response.
* Mobile Factbook 2007, Portio Research Ltd.
Salt Group today announced the availability of a Software Developers’ Kit for its mobile authentication technology.
Salt’s mobile authentication tokens are already supported within the Thales’ SafeSign and ActivIdentity 4TRESS authentication server products. The introduction of an SDK further enhances the richness of the product and will enable systems integrators and product developers to quickly implement the full range of Salt tokens into their environment, providing provisioning, activation, support and authentication functionality.
The SDK has been designed to minimise the integration effort and fully abstracts the internal intricacies of the product from the developer.
It is expected that SDK users will be able to fully integrate Salt’s tokens into their environment in a matter of days using the SDK.
Enquiries regarding functionality, availability and pricing of the SDK should be made to sales@saltgroup.com.au
Salt Group and ActivIdentity have completed the integration of Salt Group’s Mobile Authentication Tokens with ActivIdentity’s 4TRESS Authentication Server. Through this initiative, Salt tokens are now fully supported within 4TRESS, enabling provisioning and activation of the tokens using standard 4TRESS administrative processes.
Salt’s MCode tokens support OATH OTP with support for OATH Challenge Response operations in development.
ActivIdentity offers a complete Strong Authentication platform including the 4TRESS™ family of authentication servers for enterprise and consumer authentication. Adding support for Salt’s MCode software tokens bolsters the Actividentity suite of personal security devices that includes one-time password tokens, smart cards, ActivKey™ USB tokens, and DisplayCards™.
Salt Group's work in the identity management and authentication space was recently acknowledged by Thales eSecurity through its award to Salt Group of Premier SafeSign Reseller in the Asia Pacific region. This award follows on from Salt’s successful SafeSign implementations at major banks in Australia and recognizes our deep understanding of the SafeSign product set.
Salt's mobile authentication products are also supported within SafeSign, thereby enabling SafeSign customers globally to rapidly deploy Salt Mobile Tokens, and enjoy the real cost and usability benefits, at minimal implementation cost and low operational impact.
Salt Group has demonstrated interoperability of its MCode Mobile Authentication Token with both Thales SafeSign and ActivIdentity 4TRESS™ authentication middleware.
The ease with which these interoperability tests proceeded highlights the future power of the OATH philosophy and standards which will in the future enable large issuers of tokens to offer a variety of tokens and token form factors to their online customers.
Issuers will be able to align their token issuance models to support customer preferences and the issuer’s operational and channel strategies without changes to their underlying core authentication systems infrastructure.
OATH - Open Authentication
OATH is a collaboration comprising of industry leaders to develop an open reference architecture by leveraging existing open standards for the universal adoption of strong authentication.
Salt Group is committed to the ongoing support of oath compliant mobile authentication products through its MCode PIN Protected One Time Password product line.
Mobile Phone-Based Two Factor Authentication Partnership between Salt Group and Thales eSecurity.
Thales today announced the launch of its SafeSign mobile authentication solution in the Middle East. SafeSign, the award-winning multi-channel, multi-credential authentication platform, now enables organisations in the region to offer their customers a convenient and cost-effective way of authenticating their identity via a mobile phone helping to improve online security.
Two Factor Audio Tokens for the Sight Impaired
Salt Group has announced the release of the most convenient audio based strong authentication token available to sight impaired users.
Support is available for MSign and MCode tokens enabling sight impaired users to access authentication codes directly from their mobile phone based token using standard handset audio speech features whilst leveraging the high authentication assurance properties of the standard MSign and MCode tokens.
This development enables issuers to provide convenient authentication mechanisms to their sight impaired customers using a familiar form factor, whilst preserving the assurance level and systems interfaces and infrastructure used for existing tokens.
| |
