Two-factor authentication with a Flash

(31/07/2007)

Arcot Systems, Inc. has announced the ArcotID Flash client, which makes strong two-factor authentication as easy for online consumers as watching a Flash movie.

The software security solution takes advantage of Adobe Flash to give consumers the highest level of online security with simplicity. ArcotID Flash client is part of WebFort™, the company’s two-factor authentication system for large enterprises in financial services, healthcare and other industries facing increasing regulatory pressure to protect and verify end-users’ identities.

With the ArcotID Flash client no user interaction is required. There are no pop-up browser messages, no security warnings and no calls to the help desk. Users log in as they always have with their user name and password, but behind the scenes the highest levels of security will now protect them. And since Adobe Flash is virtually ubiquitous—installed on over 97% of Internet connected desktops around the world—the new Arcot solution makes two-factor authentication convenient and cost effective enough for mass deployment.

In addition to Adobe Flash Player support, Arcot will be supporting two-factor authentication in Adobe Integrated Runtime (AIR™), the new cross-operating system application runtime announced by Adobe, for extending rich Internet applications on the desktop.

“Businesses want better online security, but they don’t want the risk of changing customer behavior,” said Ram Varadarajan, co-founder and CEO of Arcot Systems. “We’ve solved that problem by using Adobe Flash to make strong online authentication invisible.”

“This is a major milestone in preventing identity fraud—combining the strong authentication and ease-of-use of Arcot with the ubiquity of the Adobe Flash Player,” said John Landwehr, director of security solutions at Adobe. “By combining both of our innovative technologies, we have made it significantly easier for organizations to more effectively protect their users’ identities by adding stronger and more user-friendly authentication.”

The ArcotID Flash client is highly secure. Arcot combines its own security technology, including its patented Cryptographic Camouflage for protecting information in software, with Internet standards like Secure Flash and SSL to automatically prevent man-in-the-middle, phishing and other threats that can enable identity fraud.

The result is two-factor authentication strong enough to satisfy security sensitive enterprises and comply with privacy and identity regulations such as those from the Federal Financial Institutions Examination Council (FFIEC) and the Health Insurance Portability and Accountability Act (HIPAA).

“Our research shows that consumers want security that is both visible and seamless, and while they are increasingly more accepting of strong authentication, the delicate balance between customer convenience and robust security must be attained,” said Rachel Kim, research associate for Javelin Strategy and Research. “Products like ArcotID Flash client that do both—increase security behind the scenes with no consumer action required and give banks the option of a visible security cue—should appeal to both banks and consumers.”

ArcotIDs and the WebFort system enable online user identification and authentication, digital signing, and secure eStatement delivery. Since WebFort integrates with existing Identity Management/Single Sign On platforms, enterprises can quickly and easily upgrade security for employees, vendors, contractors or customers. Finally, the software form factor means that WebFort is cost effective to purchase, deploy and manage, giving WebFort the lowest total cost of ownership of any strong authentication solution.

"It is important to Dorado that our products provide high levels of security, while being easy to use,” said David Hultquist, vice president marketing, Dorado Corporation. “Arcot's new Flash client helps us do both. We're pleased to be working with Arcot on this exciting technology."

Dorado provides network solutions that streamline the loan process for leading financial institutions including Chase, Capital One, Countrywide, Washington Mutual and many others.

Related topics:  Authentication and identity management 

Print version | Email to a friend | Related articles

Data breaches: Trends, costs and best practices gives you all the latest information on securing personal and corporate data, key recommendations for immediate action to improve data security, and how to respond to data breaches.

Other Security news and resources