The drawback of this solution is the higher cost of implementation compared to one-time passwords. That’s because a PKI (Public Key Infrastructure) must be set up to generate the digital certificates. But the investment can quickly pay off: On the one hand, authentication using digital certificates offers a very high degree of security, and on the other hand, the PKI is not only the basis for digital certificates, but also plays a central role in the security infrastructure of all companies. The PKI then provides the basis for secure and trustworthy processing of all transactions via internet, also allowing other services such as the digital signature, data encryption, issuance of digital certificates for (web) servers and time stamping.
The security industry has recognised that the simple handling of strong authentication by users represents a significant reason for their acceptance and continued success in the market. While the smart card has so far been unable to assert itself as a carrier of digital certificates everywhere, the USB-compatible tokens are becoming increasingly popular.
But which ever technology path customer chose, as an industry we have to ensure we provide our customers with solutions to their problems. We know that one of their key problems is trying to mobilise workforces so our duty is to ensure that all organisations have secure access so they can continue to flourish in the 21st century. Now is the time for us all to act because stronger is most definitely better.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.