US-based computer security outfit Safewww is targetting Internet merchants and banks for a new business-to-consumer authentication device, IDshield.
The company says the solution lowers the risk of online fraud by providing users with a low-cost, easy to-implement software product that protects from hacking and identity theft when banking or executing financial transactions online. The application interfaces with existing online transaction systems and requires no additional hardware for the consumer the company says.
To implement, the technology requires the installation of an "authentication agent" from the IDsafe server onto the customer's computer and the creation and storage of a hardware signature on both systems explains Safewww Inc. The authentication agent checks to ensure that the hardware signature on the customer's machine matches the signature on the IDsafe server each time the customer carries out a transaction. As an additional security measure, the customer is also required to enter a personal password during log in.
IDshield provides an audit log of all access attempts - both authorised and unauthorised - as well as all system usage.
The company says the system has passed technical analysis by independent organisations including Israeli security consultancy Comsec Group. Nissim Bar-El, president and CEO of Comsec Group says: "Compared to popular PKI solutions, the overall authentication mechanism of Safewww's system provides no less security, while being less cumbersome and cheaper to integrate."