Online and Digital Identification, Securing Web 2.0, PKI and Digital Certificates

Episode 74: U.S. isn't ready for NSTIC

Friday, April 22, 2011

The National Strategy for Trusted Identities in Cyberspace has been released and there are some differing opinions on whether it’s a good or a bad thing. In the first in a series of podcasts exploring the strategy, Jim Harper, director of Information Policy Studies at the Cato Institute, doesn’t think it’s a good idea. The author of Identity Crisis: How Identification Is Overused and Misunderstood says that any online identity scheme needs to come from the private sector with no government involvement.



iTunes

Aggregator

m4a

mp3

Older podcasts. [end] 

PhoneFactor partners with Proton Bank, fights bank fraud in Europe

Monday, April 18, 2011

PhoneFactor is helping to combat bank fraud in Europe by teaming with Proton Bank. Headquartered in Athens, Greece, Proton Bank will implement the company’s multi-factor authentication service to add a layer of security to Proton’s eBanking application.

The PhoneFactor service works by placing an automated phone call to the user to authenticate online banking account logins and transactions. The user answers the call and enters a memorized PIN on the phone keypad to authenticate. 

Fairfield County Bank selects Trusted Access isolated online banking

Monday, April 18, 2011

Conn.-based Fairfield County Bank is moving to protect its business clients by now offering them the IronKey Trusted Access for Banking. Trusted Access isolates online banking customers from financial malware, including key loggers, man-in-the-middle attacks and DNS attacks.

Trusted Access takes customers directly to Fairfield’s Web site and prevents visiting fake ones introduced by phishing or other scams. Following recommendation of the National Automated Clearinghouse Association and the FBI, Trusted Access separates users and their banking sessions from their potentially compromised desktop and applications. 

Private sector must lead NSTIC

Friday, April 15, 2011

Government will facilitate strategy

The private sector must lead the charge for the National Strategy for Trusted Identities in Cyberspace while the government facilitates the process, government officials say.

The goal of the strategy is to protect privacy, fight identity theft and fraud, drive economic growth by driving business online and create a platform for new Web services, said a White House administration official. User names and passwords are no longer good enough to secure online identities and something more is needed, be it a smart card, USB token, mobile device or something else.

The idea is to have the private sector offer citizens credentials that they could use to verify identity online, the official said. The credentials would be optional and individuals could choose to have one that they use for all accounts or multiple depending on the account they are accessing. There will also be a choice of where to get a credential from. “Our goal is to have a credential that would work anywhere online. If consumers want to have more than one they can,” said the official 

NSTIC online

Friday, April 15, 2011

The National Strategy for Trusted Identities in Cyberspace document is online and can be downloaded here.

Story on the document to be posted later. [end] 

Ceelox creates cloud-based solution

Thursday, April 14, 2011

Ceelox has announced that it has developed a new solution for biometric-based login to cloud-based applications.

The solution, called Ceelox ID Online, utilizes their own fingerprint authentication in conjunction with OpenID protocol to allow for login to any of the accounts that OpenID services such as Facebook, Yahoo!, Google and many others. 

Locke, Schmidt to attend NSTIC release

Thursday, April 14, 2011

U.S. Commerce Sec. Gary Locke will be joined by Chair of the National Economic Council Gene Sperling and White House Cybersecurity Coordinator Howard A. Schmidt to release the administration’s National Strategy for Trusted Identities in Cyberspace (NSTIC).

Hosted by the U.S. Chamber of Commerce, the event will include a panel discussion with industry leaders and privacy advocates, as well as demonstrations of technologies being developed to improve online authentication.