Magazine article American Banker

Trustwave Pushes Two-Factor Authentication Via Smartphones

Magazine article American Banker

Trustwave Pushes Two-Factor Authentication Via Smartphones

Article excerpt

Byline: David Heun

As more banks allow smartphones to remotely access sensitive systems, they may need to beef up their security for handhelds.

To this end, Trustwave, a data security and compliance provider based in Chicago, has upgraded its cloud-based MyIdentity software to include a smartphone password-access option for those connecting to a virtual private network from a remote location.

MyIdentity eliminates the need for physical or "hard" tokens because it uses software, which cannot be misplaced or lost, says Brian Trzupek, Trustwave's vice president of managed identity and digital certificate.

Trustwave considers MyIdentity to be two-factor authentication because it combines a company's network-access passwords with any of five different options for a second layer of authentication.

The MyIdentity Mobile option generates a one-time passcode, eliminating the need for users to guard a static password.

Other second-authentication options include a log-in alert confirmation screen sent to a mobile phone for acceptance or denial of an access request; text-message codes sent to a mobile phone; a voice call-back to a landline or cell phone allowing push-button prompts for access; or creation of encrypted digital certificates.

MyIdentity incorporates the "trust on first use" model, meaning the merchant or network administrator would access the company network by first using their own password or authentication method, Trzupek says.

"The authentication method a company is currently using has been 'good enough' to allow access, so why can't Trustwave rely on that method to validate the user so we can then enroll them in additional levels of security?" Trzupek says. "It basically trusts the existing credentials to allow enrollment of new ones."

The software then asks the user to choose a second authentication method from the five options, he says. …

Search by... Author
Show... All Results Primary Sources Peer-reviewed

Oops!

An unknown error has occurred. Please click the button below to reload the page. If the problem persists, please try again in a little while.