Most Read
- Merrill Lynch Hires Two Citi Tech Leaders
- As iPhone Applications for Capital Markets Emerge, Hedge Funds First to Adopt
- Charles Schwab Launches Virtual Community for Active Traders
- Virtual Sprawl Hits Wall Street
- Hiring Talent Top Priority for Canyon Partners CTO
- Cutting-Edge Mobile Technology Slated at Wachovia
- Cultivating Talent and Change Management in Focus for Capital Group’s CIO
- Online Brokers’ Definitions of Active Traders Vary
RSA Responds to Site-to-User Authentication Study
A couple of weeks ago, we wrote about a study that seemed to prove that site-to-user authentication was a broken practice. Well, not surprisingly, the purveyors of such technologies took exception to the notion that their product was ineffective. What follows is a response written by Louie Gasparini, co-CTO of the consumer division of RSA, the security division of EMC that sells Passmark site-to-user authentication technology.
“Following the RSA team's review of the recent Harvard/MIT report on online banking website security, we thought it prudent to offer a few comments; these should help answer questions related to the effectiveness of site-to-user authentication technology.
When the site-to-user authentication technology referenced was developed, the intent was twofold; first, it was meant to assure consumers that they were at the correct/legitimate site. Further, the technology was designed to better protect these consumers - with both visible and invisible authentication - which would run behind the scenes.
Many of today's authentication solutions, such as RSA's Adaptive Authentication, are based on a layered approach to security. While the site-to-user image feature is one of these layers, it is not sold as a stand-alone solution. Site-to-user is always coupled with additional user authentication and behind-the-scenes risk analysis.
While the study did a good job looking at how users interact with one security component banks use on their websites, it did not address the safety practices of the consumers who bank online - nor did it address a bank's entire security strategy. Similarly, if a police officer were to examine the value of an alarm system on the front entrance of an apartment complex without taking a look at building residents' individual door locks or the general habits of the residents, this would not provide a full security picture.
While data in the Harvard/MIT report undisputedly shows that 60 users in the study logged into their bank account even though they did not see their selected image, a Gartner study of 5,000 US adults in August 2006 found that most Bank of America online banking consumers found Bank of America's site-to-user authentication both convenient to use and reassuring to their sense of security. RSA's own research and surveys show similar results."
Because we’ve already aired our thoughts on the study, we’ll let the vendor’s argument speak for itself. Leave your opinions in our Comments section.
Posted by Cory Levine at 02:28 PM
This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
Greg MacSweeny Columns
Greg MacSweeneyEnigmatec Receives $14 Million in new Funding
Data center automation vendor plans U.S. expansion; establishing center of excellence in S...
As iPhone Applications for Capital Markets Emerge, Hedge Funds First to Adopt
Larry Tabb Columns
Larry TabbClearing and Settlement Top-of-Mind for Front-Office Execs
In addition to the excitement in the U.S., the real focus is occurring in Europe, where th...
Risk Management IT Comes to the Forefront in the Wake of Subprime Credit Crisis
In a Tumultuous Economy, Wall Street Must -- and Will -- Find a New Model
CHECK THIS OUTNovell Real Time Linux Webcast SeriesIn order to succeed, companies must be able to respond quickly, deliver superior value and quality of service, and carefully manage their costs. In this series of brief webcasts, you will learn how SUSE Linux Enterprise Real Time from Novell enables organizations to respond quicker by delivering low latencies, deliver increased value with fast response times, and better manage costs. |
EventsLive Events:Navigating the New World of Risk on the Street October 07, 2008 Buy-Side Trading Summit 2008 November 16-18, 2008 Accelerating Wall Street 2009 March 18, 2009 |
|
Marketplace |
Career CenterReady to take that job and shove it?
|
Most Recent Job Posts:
* Rho Trading Securities seeking Network and Systems Technician in Chicago, IL
* Sibley Memorial Hospital seeking Senior System Analyst in Washington, DC * Lowe's seeking DC Systems Manager in Statesville, NC * Cirrus Design seeking Web Architect in Duluth, MN * Assurant Health seeking Business Analyst III in Milwaukee, WI For more tech jobs in the industry, visit Wall Street & Technology's Career Portal. |










