RSA's token gesture.In October 2005, Lloyds TSB Lloyds TSB Group plc (LSE: LLOY) is a banking and insurance group in the United Kingdom. It was formed in 1995 by the merger of Lloyds Bank and the Trustee Savings Bank (TSB). The Group's head office is at 25 Gresham Street, London. became the first UK bank to undertake a large-scale trial of security tokens to its online banking customers. For many familiar with the technology, strong second-factor authentication systems are synonymous with synonymous with adjective equivalent to, the same as, identical to, similar to, identified with, equal to, tantamount to, interchangeable with, one and the same as RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. Security's SecurID, which generates "one-time passwords" (OTPs) on a keyring-sized device. But Lloyds gave the contract to Vasco, a company a tenth RSA's size but with a strong presence in the banking industry. Chris Young Chris Young may refer to: Sports
Analysts from research house Forrester Research Forrester Research is an independent technology and market research company that provides its clients with advice about technology's impact on business and consumers. Corporate facts
While RSA does have a smartcard business, it has never pushed the technology as hard as the various forms of SecurID. Here it has focused on the technologies' perceived problems with usability: it has shipped a USB-enabled device, so users do not have to type in the one-time password manually, and as software embedded in BlackBerry mobile devices. While internal deployments remain RSA's main line of business, at 2004's RSA Conference The RSA Conference is a Cryptography-related conference held annually in the San Francisco Bay Area. The RSA Conference started in 1991 as a forum for cryptographers to gather and share the latest knowledge and advancements in the area of Internet security. in Europe the company was promoting strong authentication for consumers and communities of federated identity In information technology, federated identity has two general meanings:
But the consumer and federation markets have failed to gain the momentum RSA had hoped for - as is reflected in its lacklustre lacklustre or US lackluster Adjective lacking brilliance, force, or vitality Adj. 1. lacklustre - lacking brilliance or vitality; "a dull lackluster life"; "a lusterless performance" financial results. The first and second quarters of 2005 have seen year-on-year increases in revenue of just 5% and 6% respectively and RSA is expecting third quarter sales of $76.0 million, a small drop on the same period in 2004, when turnover grew 18% on 2003. Tacitly acknowledging this, the company's momentum at this year's RSA Conference in Vienna returned to existing customers, with announcements around Windows desktop integration and simplifying deployment of back-end systems. RSA hopes to encourage more use of SecurID for employees within the firewall, as well as the traditional remote user. This in turn might increase adoption of single sign-on An identification system that lets users log into multiple Web sites on the Internet with one username and password. Single sign-on systems are also used within an enterprise, enabling users to access all authorized resources in the local network using the same username and password. systems, which replaces multiple passwords for multiple applications with one secure login, and so build a stronger presence in the corporate access management market on top of its strong installed base of SecurID. Oracle, Computer Associates and BMC (BMC Software, Inc., Houston, TX, www.bmc.com) A leading supplier of software that supports and improves the availability, performance, and recovery of applications in complex computing environments. have all bought into this market over the last year, and RSA remains a potential acquisition target itself with stock at half its value a year ago. Forrester analyst Jonathan Penn notes that while these larger vendors tend to focus on horizontal applications of identity services, such as helpdesk, asset management and security information management, RSA concentrates on partnering or building to offer a top-to-bottom identity management stack, with strong authentication at its core. But along with high prices, Penn says the lack of extra digital credentials beyond tokens is one of RSA's biggest inhibitors. "Many companies also want to adopt physical signatures or move towards some degree of convergence between physical and logical security," he says. "Smart cards are far more appealing to those types of organisations. I believe tokens are a short-term solution and firms will move off them to other methods in a few years." Ongoing trends of remote working, identity theft and regulatory compliance will bolster SecurID sales for some time yet but Burt Kaliski, head of RSA's research labs, acknowledges the need to develop new authentication factors: "It's part of the theme for our research to look at as many ways as possible for users to authenticate themselves to the system and the system to themselves. SecurID has worked well for a particular set of applications and user community, but for other applications, the prevailing approach is some kind of password and those cases may not be as well served by a token that the user has to carry." Kaliski says RSA will investigate combinations of mobile devices, biometrics and device characteristics, as well as more off-the-wall ideas like signal-emitting belly-button rings. Some of these ideas, at least, need translating into products sooner rather than later, lest RSA miss more contracts like Lloyds TSB. |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion