Computerworld
Quick Menu
Search



Ads by TechWords

See your link here


Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Finance
Security
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Computerworld 2007Subscribe to Computerworld
40 years of the most authoritative source of news and information for IT leaders.

U.S. Bancorp, VeriSign team on banking security

The service relies on hardware-token-based authentication
 

Sign up to receive Security Resource Alerts

October 26, 2004 (IDG News Service) -- U.S. Bancorp will use a hardware-token-based authentication service from VeriSign Inc. to secure access to commercial banking services for its customers, and may soon introduce a similar service for consumer banking customers, according to a VeriSign executive.
The bank will use VeriSign's Unified Authentication service to validate and secure interactions with commercial banking customers, providing them with a secure Universal Serial Bus token that they must use when accessing services online. The deal is just the latest evidence of renewed interest in so-called "multifactor" authentication within the banking industry, which is struggling with an epidemic of online identity theft scams, according to Judy Lin, executive vice president for VeriSign's security services.
As part of the program, U.S. Bancorp will make VeriSign security tokens available to more than 10,000 commercial banking customers. Those tokens will hold a digital certificate that identifies the bearer and will need to be inserted into machines before accessing Web-based commercial banking applications, Lin said.
The Unified Authentication service combines VeriSign-branded eToken USB authentication devices from Aladdin Knowledge Systems Inc. in Chicago with a managed validation service that runs on VeriSign's infrastructure. It also includes software modules that plug into a bank's existing back-end infrastructure. Banks can also choose to operate their own validation server as part of the service, Lin said.
At U.S. Bancorp, the authentication service will be integrated with existing user directory and identity management technology, validating interactions between the bank and its customers. A server operated by VeriSign will handle token validation, but no customer information will leave U.S. Bancorp's network in the process, she said.
VeriSign launched the Unified Authentication service in September as an extension of its Intelligence and ControlSM Services, which offer businesses network security information and tools. User log-in and permission information resides in the customer's user directory but is linked to a unique serial number for a secure token or other authentication device stored on a VeriSign server. Log-in requests by users will be passed to the VeriSign server, where a stored algorithm will validate that the serial number of the secure token or the one-time password is valid for the user requesting access, VeriSign said.
The eighth-largest bank in the country, U.S. Bancorp has over $190 billion in assets and 2,344 offices in 24 states. The bank chose VeriSign's new service for its ability to support many users and different types of authentication tokens, Richard Stephenson, U.S. Bancorp director of information security, said in a statement.
"U.S. Bancorp sees a large audience of different types of users, from high net worth individuals down to students and people with bank accounts," Lin said.
The bank is looking into a

Continued...
1 | 2 | NEXT  

Reprinted with permission from

IDG.net
Story copyright 2008 International Data Group. All rights reserved.


Print this Story Send Us Feedback E-mail this Story Digg! Digg this Story Slashdot this Story
"An approaching hurricane fortuitously recalls the famous statement on planning from Eisenhower. We should heed his words...." Read more...
Read more Security posts or See all Blogs
At 10, Google reiterates commitment to CIOs
Microsoft explains Seinfeld-Windows TV ad: just a 'teaser'
Continuing coverage: Google's Chrome browser
More top stories...
iPhone 3G owner sues Apple, AT&T over dropped calls, app crashes
Mozilla: Firefox is faster than Chrome
Upcoming Microsoft patch lineup could be 'massive,' says researcher
Users of Windows XP SP3 who try out IE8 Beta 2 won't be able to uninstall either one under certain circumstances.
Google has gone from innovative upstart to fat-and-happy industry leader in what seems like record time. Preston Gralla explains.
Microsoft's latest beta of IE8 includes better tab management, new services such as Web Slices and Accelerators, and the new 'porn mode.'
These leading-edge graduate schools are moving at the pace of the IT workplace, delivering coursework that's relevant to today's IT professionals.
Reviews, analyses, how-tos, visual tours, hot issues and predictions about Microsoft's new OS.
Four years from now, the IT field will be a vastly different place. Will you be ready?
All Zones
Application Performance Zone
Business Continuity Zone
The File Data Management Zone
Security Management Zone
ITIL Best Practices Zone
The SAS Zone
Business Intelligence and Analytics Zone
Windows Protection Zone
Identity & Security Management Zone

Ads by TechWords

See your link here
From Laggard to Leader: Transforming the Data Center
From Laggard to Leader: Transforming the Data Center
Register for this complimentary live webcast today!
Go to the webcast 
Computerworld Executive Bulletin: Building a Robust Antivirus Defense
Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs.
(Source: MessageLabs) Antivirus software alone isn't enough to prevent today's speedy, sophisticated virus attacks. Security managers should consider multitiered approaches that include behavior scanning, appliances that check e-mail for worms, and restricting user access to dangerous Web sites. Download this Executive Bulletin (a $49.95 value) for free, compliments of MessageLabs, to learn more.
Download this executive briefing download
Online Security Issues in Regulated Industries
Download this research paper, free for a limited time, compliments of Webroot!
(Source: Webroot Software) In June 2008, Computerworld invited IT and business leaders to participate in a survey on online security initiatives at their organizations. The goal of the survey was to better understand Web and e-mail security issues faced today within the regulated education, financial services, government and health care industries. The following report represents top-line results of that survey.
Download this white paper go
White Papers
Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Death to PST: Hidden Cost of Email Mismanagement
Extend, Replace, or Convert; which is the best way forward for COBOL Applications?
The Trend from Unix to Linux in SAP Data Centers
View more whitepapers