Portal Home | IS News Menu | Portal Menu | ISB Menu | Main Content
New Version of IdentityGuard
16 Nov 12:35

Entrust has launched IdentityGuard 8.0, a strong, risk-based mutual authentication platform. The new capabilities can help reduce the risk of online identity attacks at a fraction of the cost of conventional hardware tokens.

The new product enables organisations to choose from a range of authentication methods:

  • Mutual Authentication with the significant increase in phishing attacks, organisations must restore consumer confidence by demonstrating the authenticity of their websites to users. IdentityGuard 8.0 allows users to select a personal image or message that is played back to them when they access their online account. By recognising this image or message, users will immediately know if they are on the legitimate website, or conversely, a phishing website attempting to steal their information.
  • Non-hardware Based Authentication Options responding to customer requests for solutions that dont require hardware or software, and fit easily into the user experience, Entrust IdentityGuard now offers additional authentication capabilities, including:
    • Machine authentication authentication of the users machine as one from which transactions may be performed.
    • Out of band or Mobile authentication authentication of the user by sending a one-time password to a device of their choosing (mobile phone or device, email, phone). This capability is designed to address man in the middle attack concerns.
    • Knowledge-based authentication authentication of the user by asking them additional questions based upon responses previously provided during registration.
    • Scratch Card Authentication one time password carried by the user where each password is struck off after use.
    • Non-Hardware-Based One-Time-Password Cards this existing capability includes the Entrust IdentityGuard unique grid of characters and numbers that can be used to answer a random challenge.

  • Flexible, Risk-Based Authentication customers, analysts and the recently released FFIEC report (in the US), all call for a range of authentication methods that can be best aligned to the risk of a given transaction or the sensitivity of the information being communicated. Instead of trying to force one solution into meeting all the needs, Entrust is offering a range of authentication capabilities that can be used individually or together based upon the transaction.

Unlike other point solutions in the market, Entrust IdentityGuard allows organisations to tailor the appropriate authentication for transaction risk, with the ability to use a layered authentication approach based upon the nature of the transaction. For example, a user may initially authenticate based upon their user name and password and the validation of their computer, done automatically behind the scenes. When performing a higher value, higher risk transaction during the same session, the user would be prompted to provide additional authentication, perhaps using a grid authentication card or by receiving a one-time password via their mobile phone.
[If this works smoothly it is probably the best solution I have seen so far. It offers transaction value based authentication strength and that should lead to significant cost saving in comparison with more inflexible methods. --Ed].

Related links: (Open in a new window.)
External link www.entrust.com/identityguard/index.htm

View Printable View printable version (opens in new window)
Back Back