FireID today announced the addition of the Apple iPhone to the list of smartphones compatible with its FireID universal personal authenticator, the first one-time password (OTP) generator that authenticates users to any number of information resources from a single mobile device.
Companies, banks and others can deploy FireID to allow users to generate OTPs from any smartphone, enabling secure computer access to corporate VPNs, online accounts and other applications without requiring users to carry one or more hardware tokens.
This latest expansion of the FireID ecosystem addresses increasing enterprise adoption of the iPhone in the wake of growing user preference for the iPhone experience, recent analyst endorsement of enterprise iPhone usage, and new enterprise-friendly features in the just-released iPhone 3.0 software. FireID is also compatible with virtually all Java, Windows Mobile 6 and recent-generation Symbian devices, enabling organisations to offer the FireID option to employees regardless of which smartphone they own.
“One of the advantages of FireID is that we support virtually all mobile devices with a single application that has been tailored to each smartphone model for an easier user experience,” said Jenny Dugmore, CEO of FireID. “Adding iPhone support ensures that businesses can bring our OTP strategy to an important segment of their user base.”
Convenient, low-cost OTP security
The FireID authentication system turns the smartphone into a mobile token that generates random OTPs on demand, even when no cellphone service is available. The user types the OTP generated by FireID into the application or Web site when prompted by their computer. The software then authenticates the OTP against the FireID authentication server, the user logs in, and the OTP immediately expires to prevent future access.
FireID's technology provides all of the usual OTP advantages - including significantly reducing the security risks and management problems associated with requiring end-users to manage and remember conventional passwords - from the convenience of the always-at-hand mobile phone.
In addition, FireID allows businesses to:
* Avoid the cost, logistics and loss risk of distributing hardware tokens to each user.
* Equip users with a single device for accessing multiple resources via token-based strong authentication - including corporate VPNs, intranets and extranets as well as Webmail accounts, online bank accounts, e-commerce sites and more.
* Eliminate security risks related to transmitting OTPs via SMS, a common practice particularly in banks that raises the danger of OTP interception.
* Add FireID to an existing authentication environment, enabling organisations to leverage their previous investment in authentication technology. FireID can also be used on a standalone basis with the free FireID authentication server.
* Brand the FireID interface with their own corporate identity.
* Support a single mobile OTP application instead of purchasing specific apps for specific devices, minimising software and compatibility issues as well as giving users unlimited choice of mobile equipment.
FireID is also both OATH and FIPS-compliant, providing the necessary security assurances for end-users as well as government regulators. The system integrates with any VPN, Web application or other resource using SOAP or RADIUS APIs, and leverages existing user databases such as Active Directory for rapid implementation. Deployment typically requires only a few hours. End-users download the FireID mobile application simply by clicking a link sent to their mobile phones.
Pricing and availability:
FireID is priced at a fixed annual cost per user with no server, maintenance or per-message fees. Businesses can download a 30-day trial application with 50 tokens at http://www.fireid.com.
Share