Worldwide Locations
White Papers
Get the latest insight into market trends in the strong authentication and credential management industry.
Leveraging Strong Credentials and Government Standards to Secure the Mobility CloudActivIdentity Nov 2011
Given the proliferation of non-enterprise-owned, mobile-based devices, sensitive resources that reside on an organization’s networks are increasingly vulnerable. Even if an organization deploys strong credentials, mobile access to enterprise resources and email is often a security exception. But strongly securing messaging and access to resources from the mobility cloud is imperative to maintaining a high level of security. As a result, enterprises can provide government strength standard PIV-C security in the mobility cloud via the issuance of an enterprise-controlled smart MicroSD or alternately by leveraging NFC service delivery capability to embedded Secure Elements, and or SIM.
Smart Card Survey-Slashdot
ActivIdentity Oct 2011
Enterprise IT: Ready for Smarter Security?
Organizations monitoring global network security have recently noted a rapid increase in the number, variety, subtlety, and persistence of attacks against enterprise, small business, government, and institutional targets around the world.
Today's threats increasingly manifest as highly-organized and well-resourced campaigns on many levels, beginning with widespread automated probing of defenses, quiet testing of exploits, careful selection among breakable targets, and professionally-executed penetrations with the goal of compromising target security undetectably.
The goal, in many cases, is profit – through resale of payment-card or other data, large-scale identity theft, theft of trade secrets or strategy, market manipulation, disruption of business, or even forms of information warfare aimed at crippling vital infrastructure and services.
Securing the Enterprise Against APTs – CSO Market Pulse
ActivIdentity Oct 2011
Recent high-profile security breaches have highlighted the dangers of targeted advanced persistent threats (APTs)—systematic, well-researched and organized efforts by attackers to obtain or change company information, using means that are difficult to discover, counteract and attribute. APTs use an “attack doctrine” relying on a variety of highly sophisticated tools and personalized techniques.
This white paper explores why APTs represent a growing enterprise risk, analyzes the state of organizational preparedness and discusses appropriate strategies and solutions.
The Case for Smart Cards - Analyst Insight
Aberdeen Group Jul 2011
Increased awareness of the risks related to the erosion of the traditional network perimeter, the weakness of traditional username / password for end-user authentication, and the potential compromise of privileged systems and accounts are among the reasons that many companies are currently re-evaluating their strategy for end-user authentication. Combined with the highly publicized attack on a leading Security Data Company, who offers the market-leading solution for one-time passwords, these market trends are discernable in Aberdeens’ research as sharp drop in near-term deployments and current evaluations for OTP tokens, and a corresponding increase in interest for smart cards.
Deploying Strong Authentication: The Threats Are Changing . . . Are You?
ActivIdentity Jun 2011
Feeling outsmarted by hackers? Most enterprises are feeling some level of insecurity. If they’re not, they should be. A rash of recent attacks, perhaps most notoriously on a leading Data Security Company itself, highlight today’s information security reality. At the same time, the industry breach has caused organizations to question the ability of their current strong authentication solution to adequately protect their organization.
The motivation for change is clear. The question is what’s next? ActivIdentity is in the unique position to offer a choice of solutions to meet today’s strong authentication requirements, and a path forward to newer, stronger, and more effective approaches.
For organizations looking to change one-time-password vendors, ActivIdentity offers a more secure alternative to other solutions on the market.
OTP and Challenge-Response Algorithms for Financial and e-Government Identity Assurance
Philip Hoyer, ActivIdentity Jun 2011
This paper will analyse the current landscape of One Time Password (OTP) and Challenge-Response algorithms. It will detail the technical and security differences between algorithms such as the OATH algorithms (HOTP, OCRA, HOTP time based), EMV CAP and the proprietary algorithms from ActivIdentity.
The paper describes the most common use cases and applicability as important tools for identity assurance in the financial and e-government industry sectors. It also outlines observed trends in current usage and future trends providing the audience with the valuable information to make a more informed choice in their identity assurance challenges.
How CSOs Combat Today’s Top Threats with Strong Authentication
ActivIdentity May 2011
Current computing trends such as Web 2.0, mobility and cloud computing offer many benefits, including greater flexibility, reduced costs, and improved collaboration. But for many organizations, these trends also amplify security threats and challenge already constrained security resources. To ensure the highest level of protection, along with all the advantages, you must find a cost-effective security solution that addresses multiple threats.
The answer is a single, secure credential in the form of a smart card or smart USB key for network, application and physical access. When used for both logical and physical access, strong authentication technology is a robust countermeasure for the top threats that plague networks. Advances in the technology have made it accessible to a much broader range of organizations.
Distributed Certificate Validation
ActivIdentity Apr 2011
This paper investigates the performance and availability issues associated with current validation architectures and presents a distributed validation approach that scales to 100s millions of certificates while reducing deployment costs by 60-80%.
Introduction to Validation for Federated PKI
ActivIdentity Apr 2011
This paper investigates the security, performance and availability issues associated with establishing trusted identities for large populations spanning many different trust domains. A trusted path building approach is presented that scales to 100s millions of users with transaction response times of a few hundred milliseconds.
Interoperability for Emergency Response Officials
David Belchick, Senior Product Marketing Manager, ActivIdentity Mar 2011
Over the last decade, numerous incidents have proven that the current practice of visual inspection and confirmation of locally issued credentials for incident site access to Emergency Response Officials is flawed. This white paper will discuss the opportunity for a better strategy and system provided by a national First Responder Authentication Credential (FRAC) framework that arose from the Homeland Security Presidential Directive (HSPD)-12 and its resulting technology standards. This white paper also describes the migration path towards this interoperable local, state and national identity and qualification system, with real world examples from established programs in Hawaii and Colorado.
Achieving a FIPS 201 PACS Solution
ActivIdentity Mar 2011
HSPD-12 mandates that all government agencies use PIV identity cards for physical access control. PIV enabling a PACS requires some changes but can be accomplished without the need for wholesale rip and replacement of existing equipment. This white paper will show that the required changes are limited to four areas. It concludes that choosing to augment the functionality of existing panels and door controllers yields the most secure and cost effective approach to providing strong PKI based validation at the time-of-access.
Customer-Managed Security: Increasing Retention Through Choice, Trust, and Convenience
Julian Lovelock, Director, Commerce Markets Worldwide, ActivIdentity November 2010 Nov 2010
The ActivIdentity User Authentication Solution for consumer and business banking enables a secure and convenient online banking experience across multiple channels.
Online banking customers want the convenience to bank securely from anywhere at anytime, using the various devices that they’ve come to depend on. This flexibility increases satisfaction, retention, and profitability and has been the proven driver of customer engagement.
What if, instead of pushing inflexible security options that don’t match the customer’s needs and lifestyle, customers could choose from a range of options to manage their own security account settings and profiles? Rather than forcing customers to use an inflexible one-size-fits-all security policy, you can offer the convenience and flexible security settings that customers need to become fully engaged, while still achieving compliance.
Customer-managed security gives customers the ability to tailor identity and security preferences according to their needs: travel frequently, laptop user, mobile phone banking, bank online at home or while traveling abroad.
Establishing Trust in Remote Access Transactions The Security Landscape
Christopher Harget, Director; Enterprise Markets Worldwide at ActivIdentity Oct 2010
As of October, 2010, modern networks are getting more mobile, and attacks are increasing. Stolen credentials are the most common method of breaking into networks. Strong authentication reduces risk, and is getting easier to afford and own. Open standards for hard and soft OTP tokens meet a broad range of business needs. While some legacy tokens automatically expire after 3 years, ActivIdentity tokens last 2 to 3 times as long, dramatically reducing administrative and replacement costs.
Identity Assurance Comes of Age for Government, Business, and Consumer Security
Sally Hudson, IDC Aug 2009
The ability to securely and confidently establish the identity of an individual or organization is critical to national security programs, commercial businesses, and individual citizens all over the world.
Understanding Versatile Authentication and Its Benefits
Torsten George, Vice President Worldwide Marketing, ActivIdentity Aug 2009
This white paper answers key questions about an emerging class of identity and access management technologies that many industry analysts describe as "versatile authentication." Versatile authentication is becoming increasingly important as enterprises implement a greater variety of risk-appropriate authentication methods to meet the needs of different use cases.
Homeland Security Presidential Directive 12
Apr 2009
This white paper describes the Homeland Security Presidential Directive (HSPD) 12 and explores how the directive influences your technology and deployment considerations.
Why Leading Organizations Integrate Building and IT Access Control / Security Systems
Apr 2009
This white paper investigates how companies address the increasing demands to secure their facilities and at the same time respond to the emerging threats to their logical systems, including internal security breaches, hackers, phishers and other external attacks.
Secure E-Banking Solution - Capitalize on your EMV Migration
Apr 2009
This white paper explores a suitable solution for secure remote banking as well as for the promotion of e-commerce in the context of EMV migration.
A new look at the ROI for enterprise smart cards
Datamonitor, Dec 2007
This Datamonitor white paper, sponsored by ActivIdentity, illustrates the return on investment (ROI) argument for investment in smart cards in the enterprise. The paper focuses on the ROI benefits of smart cards for both logical access (authenticating users to IT networks and systems) and physical access (controlling access to facilities), with a further assessment of converged solutions that combine the two. Datamonitor’s analysis is grounded in a survey of over 200 IT decision makers, as well as an outline of ROI in three identifiable areas where smart cards may be operated.
