TriCipher recently introduced ID Tool ToGo™–a portable, low-cost solution for protecting sensitive information online, that can be delivered on any multi-use device, using a USB smart drive. ID Tool ToGo is designed to protects bank, retail and healthcare organizations’ customers from online identity theft and fraud. ID Tool ToGo eliminates attacks by preventing hackers from accessing the credential, or “following” users into a legitimate session. One part of the user’s credential is generated from ID Tool ToGo, and the other portion is stored on the USB device. When a user connects ID Tool ToGo, it automatically launches a Web browser and TriCipher’s ID Tool from the USB smart drive. The user enters a username and password, and is securely logged into the Web application.
TriCipher Takes Identity Theft Prevention Mobile With Affordable, Portable Man-In-the-Middle Protection
ID Tool ToGo Combines Convenience with Multifactor Authentication Superior to Tokens, Smartcards and Biometrics
LOS GATOS, Calif., June 14–TriCipher, the leading provider of multifactor authentication solutions that protect online users against fraud and identity theft, today introduced ID Tool ToGo™–the first portable, low-cost solution for protecting sensitive information online, that can be delivered on a multi-use device.
ID Tool ToGo protects bank, retail and healthcare organizations’ customers from online identity theft, fraud and emerging threats like man-in-the-middle (MI™) phishing and man-in-the-browser (MITB) attacks. Available today for USB smart drives, ID Tool ToGo provides consumers a branded, portable, convenient, multi-use device, overcoming cost, technology and familiarity concerns common to smartcards, biometrics and tokens.
TriCipher’s ID Tool ToGo, combined with its patented public-key infrastructure (PKI) technology, gives companies a far more affordable and secure alternative to expensive one-time password (OTP) tokens, smartcards, or biometric devices, which can cost $50 or more per user each year–and are vulnerable to MI™ and MITB attacks. In addition, ID Tool ToGo delivered on a USB smart drive provides value beyond securing personal information online; it allows users to store and transport music, photos and data.
TriCipher will offer companies “customer self-provisioning” so customers can download the ID Tool ToGo onto their own devices. TriCipher is working to bring ID Tool ToGo to other multi-use devices.
“To move more business online, banks, retailers and healthcare organizations must increase the strength of identity protection, while attacking cost and user convenience barriers,” said John De Santis, TriCipher’s CEO. “ID Tool ToGo is the first low-cost, convenient solution to give customers new freedom and unprecedented security, eliminating exposure to sophisticated man-in-the-middle attacks designed to con ever more online users.”
The Evolution of Fraud and Identity Theft Attacks
Cyber criminals have evolved their elementary phishing tactics to integrate MI™ attacks, which circumvent virtually every customer authentication method.
According to Gartner’s September 2006 report Transaction Verification Complements Fraud Detection and Stronger Authentication, by Gartner Research VPs Avivah Litan and Ant Allan, “They usurp or ‘piggyback’ on legitimate user access to the bank’s Web site and will succeed no matter how strong the authentication method. While the incidence of such attacks remains low, we expect that this will increase significantly within the next two to three years. To protect against more-sophisticated attacks, additional safeguards are required.”(1)
For more information on MI™ attacks, download the whitepaper, The Perfect Storm: Man in the Middle Phishing Kits, Weak Authentication and Organized Criminals.
ID Tool ToGo in a USB Smart Drive
ID Tool ToGo thwarts MI™ attacks by preventing hackers from accessing the credential, or “following” users into a legitimate session. One part of the user’s credential is generated from ID Tool ToGo, and the other portion is stored on TriCipher’s appliance. When a user connects ID Tool ToGo, it automatically launches a Web browser and TriCipher’s ID Tool from the USB smart drive. The user enters a username and password, and is securely logged into the Web application.
According to a recent Gartner Dataquest report, 142.75 million USB devices will be sold worldwide in 2007(2). Banks, retailers and healthcare organizations can offer custom branded ID Tool ToGo USB smart drives to their customers or a software download for use with any off-the-shelf USB smart drive. This helps avoid costly, single-purpose tokens, biometric devices and smart cards–increasing security and improving customer loyalty while lowering multifactor authentication costs by 80 percent or more.
ID Tool ToGo can also integrate with higher levels of authentication on the TriCipher Authentication Ladder™. The technology can also combine with forthcoming transaction authentication technology, enabling users to guarantee that their online activities are safe from the next generation of hacker attacks.
Banks Reap Biggest Rewards
ID Tool ToGo enables stronger security, and gives banks in particular significant competitive advantages. According to the TriCipher Consumer Online Banking Study, the banking industry could increase profitability by $8.3 billion through increased online banking adoption and customer loyalty. If offered identity protection software, 62%–or 102 million–U.S. online consumers would download and use identity protection software from their financial institution. Banks offering identity protection software would open the door to 31 million new customers who do not currently bank online, and another 39 million online users would likely increase their online banking activity.
ID Tool ToGo is available immediately.
TriCipher, Inc. provides a unified authentication infrastructure to protect the B2B and B2C online channel against fraud and identity theft. The TriCipher Armored Credential System™ (TACS) is the first authentication system that enables companies to deploy and manage multiple types of credentials from a single infrastructure. Through this flexible “Authentication Ladder,” TriCipher protects customer investment by adjusting authentication strength to defeat new threats and to meet regulatory changes without the need to implement a new infrastructure. Founded in 2000, TriCipher is headquartered in Los Gatos, Calif. The company is funded by ArrowPath Venture Capital, Intel Capital, RBC Technology Ventures, Trident Capital, and Wasatch Venture Fund. For more information, visit TriCipher on the web at http://www.tricipher.com.
(1)Gartner, Inc., Transaction Verification Complements Fraud Detection and Stronger Authentication, by Avivah Litan and Ant Allan, 12 September 2006
(2)Gartner, Inc., Semiconductor Forecast Database: 2Q07 Update, by Joseph Unsworth, 30 May 2007