Verizon Enterprise Solutions is expanding availability of its cloud-based identity platform – Verizon Universal Identity Services – to Europe.
Launched in the U.S. in 2010, Verizon Universal Identity Services emanates from Verizon data centers to meet enterprise security, availability and reliability requirements. In addition to expanding its borders, the new platform enhancements will feature new user-friendly features, including an updated mobile app, Quick Response code-enabled access and a simplified end-user interface, making identities easier to manage and use.
SecureIDNews spoke with Tracy Hulver, senior identity strategist for Verizon Enterprise Solutions about the platform expansion, and about the work that Verizon Enterprise Solutions is doing.
The Verizon identity platform is available on the iOS Android, Windows and BlackBerry operating systems and can be used to validate the identities of employees, partners and customers. “Universal Identity Service is a cloud-based identity service that does three things at the highest level: identity proofing, the binding of user to device — Android, iOS, etc. — and the authentication itself,” says Hulver.
The platform also features legally binding digital signature capabilities, such as those required for electronic prescriptions, online tax filing and license renewals. “We’re not just authenticating a user into a service, we can also conduct transactional authentication, for example an e-signature for filling a prescription or signing a loan document,” explains Hulver.
Verizon Universal Identity Services’ multifactor authentication verifies user identity by combining an individual’s username/password with a device, mobile or desktop, which then generates a one-time password or biometric scan, for example fingerprint recognition. Once authenticated, users can securely access a wide range of online resources, including web sites, corporate resources and even electronic medical records from their computer, smartphone or tablet.
Hulver and the folks at Verizon Enterprise Solutions have made convenience a main focus of the new enhancements to Universal Identity Services, enabling authentication at the tap of a finger. “If you have your one-time password up on your mobile app, and you’ve entered your username/password, you simply double tap your device’s screen and that OTP is then sent directly and securely through the network, and binds it to your ID,” explains Hulver.
Also key to the new enhancements is choice. As Hulver explains, organizations and enterprises using Universal Identity Services will have options when it comes to verifying identities. “We’re also using QR codes to as a second factor, or alternatively can have the ability to use QR codes to sign in in lieu of passwords altogether,” says Hulver. “This still meets multi-factor authentication, because we can monitor whether a password/PIN was used to access the phone to begin with — something they know — and the fact they have the phone, something they possess.”
Another option for a second authentication factor that is not available but may be in the future is biometrics. With the next generation of smart phones almost certain to come preloaded with fingerprint sensor hardware, Hulver and Verizon Enterprise Services are certainly aware of the direction that authentication technology is headed, but ultimately it will require customer demand for biometrics to be added to the platform.
“We can support biometrics, but we do not have any biometrics offered today standard in the platform because very few have deployed the technology in any scaled fashion,” says Hulver. “We have several solutions that are in beta form, and it’s fairly easy for us to implement because we’ve done a great deal of testing with it.”
Hulver is certainly aware that biometrics is coming, but is taking a cautiously optimistic approach for the time being. “We’re still investigating what capabilities Apple is opening up with its sensor,” says Hulver. “We would support it from the standpoint that the user could use the fingerprint sensor to access the phone, and we would certainly recognize it as a valid method to get into the device.”
Only time will tell how the implementation of biometrics into smart phones will evolve, but for the time being Verizon’s Universal Identity Services is keen to reduce reliance on a much-maligned authentication stalwart, the password.
According to the “Verizon 2013 Data Breach Investigations Report,” weak or stolen passwords and credentials account for some 76% of data breaches, a staggering statistics that only further supports the call for stronger online identities. In any case, the enhancements to Universal Identity Services is a step in the right direction toward patching the holes that passwords often leave in their wake, offering an outlet for a more secure and reliable online identity ecosystem.