RSA Mobile to offer two-factor authentication by phone
With new software to be launched by RSA Security on Sept. 4, users will be able to authenticate their identities with their mobile phones on Web sites and corporate networks that use RSA's SecurID authentication system.
RSA wanted to extend the use of SecurID from the corporate market to authenticating consumers' Web transactions, but "one of the obstacles in the consumer area is deploying hardware," said Sarah Kent, RSA's business development manager for Europe, the Middle East and Africa.
SecurID requires two factors to authenticate an identity: Something that the user has - a token - and something the user knows - a password. One factor is useless without the other. Existing tokens that can be used in the SecurID system include smart cards, electronic key fobs, and software applications running on notebook or handheld computers, but these all involve delivering the token securely to the user before they can access the system.
[ Read more ]