Following the security troubles many firms have been having since RSA got hacked, IT professionals are looking for other options to protect their networks. Another two-factor authentication solution is from WiKID Systems which provides secure login for devices from laptops to iPhones. The Wall Street Journal has a story about the jittery clients.
From the article:
“Nick Owen, chief executive of RSA rival Wikid Systems Inc., said Wikid has seen an uptick in business following the RSA breach in March, but wouldn’t provide specific figures. He said Wikid already had seen more business before the March breach as customers looked for less expensive alternatives. RSA’s recent problems have accelerated the demand.
“I’m seeing more and more larger deployments interested in switching,” he said.”
I spoke with NIck about the differences between WiKID Systems and RSA. He provided this insight:
“Our use of asymmetric encryption means we do not keep a copy of the encryption keys. They are only on the server and token. So, an attack on us won’t affect our customers.”
From the WiKID site:
“Fundamentally, WiKID Strong Authentication works this way: A user selects the domain they wish to use and enters the PIN into their WiKID Two-factor client. It is encrypted with the WiKID Server’s public key – assuring that only that server can decrypt it with its private key. If the server can decrypt the PIN and it is correct and the account is active, it generates the one-time passcode (OTP) and encrypts it with the client’s public key. The user then enters their username and the OTP into whatever service they are using, a VPN e.g., which forwards it to the WiKID Server for validation. ”
WiKID also works on mobile devices:
“Only WiKID can guarantee the level of device support required in today’s rapidly advance wireless world. Each client device must be able to generate the public/private key pair and connect to the Internet.
Moreover, the WiKID client itself is very small – 30k for the J2ME version. This small size is incredibly important for small devices such as cell phones. It also minimizes the risk of problems during over-the-air downloads.
The client is also incredibly fast, thanks to Ntru‘s blindingly fast algorithm used in the wireless clients. Key gen times are measured in second and only occur once. Encryption is so fast that network delay is the prohibitive factor, though not noticeable. Each transaction is only 251 bytes of data, minimizing data transfer costs, maximizing speed and assuring scalability for even the largest strong authentication deployment.”