Online and Digital Identification, Securing Web 2.0, PKI and Digital Certificates

PhoneFactor boosts client roster with four new banks

Wednesday, August 25, 2010

PhoneFactor Inc. continues to grow its financial services roster announcing additions to its most recent clientele: Heartland Financial USA, OceanFirst Bank, Northway Bank, and CUANY Credit Union. The PhoneFactor solutions have been utilized by financial institutions as a way to protect customers using e-banking from online fraud. Additionally the PhoneFactor technology can authenticate bank employees for remote logins.

Multi-factor authentication is one solution banks can try to use to thwart cyber attacks. 

Apple seeking new biometric patents

Tuesday, August 24, 2010

Apple is seeking more patents on embedded biometric authentication technology that would go beyond the standard fingerprint, voice recognition, face recognition and iris recognition modes and bring the potential for behavior or habit-based authentication to their devices, according to a TMCnet article. Some of the new patents Apple is seeking specifically call for authenticating a user via their unique typing patterns and detecting heartbeat patterns of the user through special sensors. 

Entrust hosts conference on security, authentication

Tuesday, August 24, 2010

In an effort to promote and strengthen security solutions among law enforcement agencies in California, Entrust hosted an event in Los Angeles that detailed more specific security strategies these institutions could be implementing. Outlined topics included strong authentication and smart card credentialing.

It has been the concern of law enforcement agencies that employees properly authenticate to networks. The challenge is a law enforcement typically has a large numbers of remote workers because they are always out in the field. Finding a solution that leverages an enterprise authentication solution and offers a range of authenticators such as SMS soft tokens, or display and grid cards is the ideal solution for law enforcement officials. 

VASCO advises schools to secure their online platforms

Tuesday, August 24, 2010

More schools are now using online platforms to distribute and exchange information, such as course documents and online tests. These same online platforms also serve as an administrative tool, containing personal data on students and staff. To prevent identity and data theft, online applications used by schools and universities need to be protected.

VASCO Data Security Inc., a software security and authentication provider, released a statement advising educational institutions to be more careful and aware of security issues when using online platforms for educational purposes. 

Ceelox completes online authentication prototype

Monday, August 23, 2010

Ceelox has announced that it has finished development of a prototype application that would use Ceelox’s fingerprint biometrics to enable biometric authentication in online environments such as corporate intranets, cloud computing networks and commercial applications like online banking and other personal account-based access.

The solution is designed as a two-factor authentication that uses fingerprint biometric in association with other credentials. 

Microsoft patches finally released to address SSL/TLS vulnerability

Thursday, August 19, 2010

PhoneFactor’s SSL/TLS authentication project has been officially released by vendors after just one year in the making. Microsoft began releasing patches for all supported versions of Windows last week and the SSL/TLS vulnerability has been addressed by all major vendors without any known problems taking place.

The major vulnerability in SSL protocol is rooted in the SSL authentication gap. This had allowed attackers to mount a man-in-the-middle attack by inserting data and commands into the authenticated SSL communications path. 

Entrust e-mail certificates enables new encryption capabilities

Wednesday, August 18, 2010

Entrust Inc. released a new addition to its certificate management service for publicly trusted secure e-mail certificates that enable digital signature capability and encryption of e-mails and other secure documents.

The standards-based capabilities in Entrust Secure E-mail Certificates are based on the X.509 certificate standard. The S/MIME capabilities are available for both personal and enterprise levels and designed specifically to provide the appropriate identity verification for both environments. Additionally, the certificates come publicly trusted by the most used Web browsers.