Digital ID company VeriSign has put its weight behind Microsoft's InfoCard identity management software in a bid to protect Web users from phishing and pharming scams.
Keynoting at the RSA conference, VeriSign CEO Stratton Sclavos said a combination of Microsoft's InfoCard and IE7 browser with VeriSign's 'Enhanced Validation' SSL certificates would provide clear and un-spoofable visual feedback about Web site authenticity. When a consumer visits such a site, the IE7 address bar turns green and shows the name of the organisation owning the certificate and the identity of the Certificate Authority, such as VeriSign, in the browser's interface.
VeriSign's support is a big boost for Microsoft as it introduces the security strategy for its next generation of kit. As part of the agreement, Microsoft's InfoCard system will also interoperate with VeriSign's Identity Protection (VIP) package to enable financial institutions and other Web merchants to securely authenticate customers transacting over the public network. Personal credentials stored on InfoCard may be downloaded using VIP to any of a range of portable devices such as USB keychains, smart cards, and mobile phones and PDAs.
With VIP, the same authentication device will work across any network member sites. eBay and Yahoo! have already signed up to use the VIP network for e-commerce transacting at their sites and SanDisk and Motorola have committed to embed the technology in their USB devices and mobile phones.