SanDisk launches TrustedSignins authentication system

Online banking, shopping and other transactions will soon have added security with a new dual-factor authentication product called TrustedSignins, which was introduced by SanDisk. The announcement was made at the RSA Conference, where SanDisk is giving demonstrations.

The TrustedSignins authentication system provides highly secure protection against online fraud because it uses dual-factor authentication, which requires the combination of something such as a password or user name, with such as a SanDisk USB flash drive or mobile card.

In addition to entering a static user name and password, a consumer connects the SanDisk flash drive containing TrustedSignins technology to a PC and a one-time password (OTP) is generated and supplied to the website for an extra level of security. The one-time password can be routed seamlessly to an identity protection network for validation, allowing the user to access multiple accounts such as those from a bank, auction house or brokerage.

RSA, The Security Division of EMC, and Verisign are each working with SanDisk to enable and provide consumer-friendly, two-factor authentication for end-users who purchase SanDisk mass-storage devices at retail outlets and then use them at either an RSA SecurID enabled webite or a VeriSign-enabled website. The generic term for a device with this functionality is called a token. TrustedSignins supports multiple virtual tokens and multiple algorithms, so the technology is versatile and expandable.

The TrustedSignins platform is built upon SanDisk's 32-bit memory controller driving an embedded high-performance cryptographic engine. This provides real-time encryption and tamper-resistant security to keep stored data highly secure. As a secure platform that is transparent to the consumer, it is ideal for supporting one-time passwords and other secure value-added applications.

The main advantage for enterprises over existing token-based authentication solutions is that the institution does not need to bear the expense of stocking and supplying tokens to its user base but can simply advise customers to buy a TrustedSignins compatible SanDisk memory device in whatever capacity they like. As an incentive, the institution can offer a rebate to customers who use a memory device as their authentication method.

For consumers, the benefit is in having an authentication system on a device that they would normally carry with them, as opposed to a dedicated device that can only generate one-time passwords. SanDisk provides an automatic OTP fill-in browser plug-in with simple, clickable icons that makes the system easy to use and adopt.

Under the partnership with VeriSign, SanDisk is embedding the capability to access the VeriSign Identity Protection (VIP) Service based on Open Authentication (OATH) compliant One-Time Password algorithms.

As announced in February at RSA Conference 2006, RSA and SanDisk are working together so that SanDisk will be embedding the industry-leading RSA SecurID one-time-password (OTP) algorithm into the flash drives.