RSA Delivers Integrated, Strong and Invisible Authentication for Mobile
Applications
New Capabilities Help Make Mobile Devices More Trusted for Business and
e-Commerce
News Summary:
* RSA announces the release of software developer kits (SDKs) designed
for mobile application developers to seamlessly integrate strong
one-time password (OTP) or risk-based authentication into mobile
applications without the need for a separate authentication device
* Developers can leverage world-class security of RSA SecurID®
technology or RSA® Adaptive Authentication within mobile applications
for leading device platforms including Android™ devices, Blackberry®
devices and Apple® iOS
* Built-in security helps provide higher assurance for mobile business
applications, simple user experience and reduced costs to deploy
authentication
* Organizations adopting mobile applications can reduce risk of
unauthorized access from mobile devices by implementing RSA strong
authentication solutions
RSA Conference Europe 2011 – London – Oct. 11, 2011 – Software
developers now have the ability to build additional layers of security
and access control into mobile applications for leading mobile device
platforms including Android devices, Blackberry devices and Apple iOS
through the integration of RSA’s award-winning RSA SecurID and RSA
Adaptive Authentication solutions. Developers of mobile applications for
business, banking, e-commerce and data access can now help increase
security and confidence by integrating strong one-time password (OTP)
and risk-based authentication in their mobile products.
“Mobile device shipments are now outpacing PCs, yet concerns over
security persist, especially for enterprises, because of their use on
networks that are usually outside of the control of IT departments,”
said Dan Schiappa, RSA Senior Vice President & Group GM, Identity and
Data Protection. “RSA believes the implementation of strong OTP and
risk-based authentication within mobile applications – in a manner
that doesn’t diminish the user experience – can help address some of
those concerns and help advance development of secure mobile
applications across the industry.”
New Implementation of RSA SecurID Technology Combines OTP Strength with
Simple User Experience
Mobile applications developers can embed RSA SecurID technology to
provide strong one-time password authentication without impacting the
familiar experience of entering a username and password. RSA has
developed an API that is designed to enable end users to seamlessly
authenticate through mobile applications with the RSA SecurID software
token. However, instead of prompting the user to manually enter the
one-time token code, the mobile application integrated with the RSA
SecurID solution does this automatically. The same software token can
still be outside the mobile application for traditional authentication
tasks, for instance, if the user also needs a one-time password to
access an online application from a personal computer such as a VPN or
web portal.
“This is one of our most innovative implementations of the RSA
SecurID software token because it is optimized to run in mobile apps in
a manner that makes the strong authentication completely hidden from the
user,” said Sam Curry, CTO, Identity and Data Protection at RSA.
“Users can securely access a mobile app with their familiar
username and PIN while the strong authentication happens in the
background. It’s a great example of providing stronger security
without sacrificing the simple user experience required in good mobile
apps.”
Existing customers can leverage their current investment in RSA SecurID
technology to protect mobile applications. The RSA SecurID mobile SDK is
engineered to allow IT organizations to seamlessly and securely
provision software tokens to mobile devices with minimal user
interaction to enable
interoperability with internally developed
enterprise applications as well as with popular mobile VPN and virtual
desktop clients.
RSA is partnering with leading mobile VPN and virtual desktop solution
providers to deliver strong OTP authentication on mobile applications
through the use of the SDK. RSA Secured® Partners such as Citrix,
Juniper and VMware are using the SDK to enable interoperability with
popular enterprise applications such as Citrix Receiver® technology,
Juniper JUNOS® Pulse technology and VMware View® technology.
The use of RSA SecurID software tokens helps decrease total cost of
ownership for organizations as they don’t require any physical
shipping, can be revoked and automatically redeployed, eliminating the
need for replacement tokens. Additionally, having the software
authenticator embedded in the mobile device to be used for secure access
to multiple applications can help reduce the number of costly technical
support calls for misplaced tokens.
RSA Adaptive Authentication Delivers Risk-based Security for Mobile
RSA Adaptive Authentication is a risk-based authentication and fraud
detection platform used by more than 10,000 organizations worldwide for
authentication of more than 300 million users through risk indicators
powered by the RSA® Risk Engine, such as device identification,
geo-location, behavioral profiling, and fraud data from the RSA
eFraudNetworkSM (
http://www.rsa.com/node.aspx?id=3071) community.
The RSA Adaptive Authentication mobile SDK has been designed to enable
a seamless mobile application user experience with nothing additional to
deploy on user mobile devices and no change to familiar login processes.
RSA Adaptive Authentication is engineered to be embedded into mobile
applications to help protect both login and post-login user activities
by measuring risk indicators to identify high-risk and suspicious
activities. Popular use cases include protecting mobile access to online
banking, e-commerce, private portals and VPNs.
“It’s designed for security and convenience and users typically
don’t even know they are being protected,” adds Sam Curry. “Users
can quickly authenticate through the mobile channel while RSA Adaptive
Authentication helps maintain protection in the background.”
Mobile applications that directly integrate RSA SecurID technology or
RSA Adaptive Authentication can help provide organizations with
assurance that their resources are designed to be protected from
unauthorized access without any usability impact to the end user.
Availability
The SDKs are available free of charge to all RSA Secured partners and
RSA SecurID customers.
RSA SecurID Mobile SDKs are now available for leading mobile platforms
including:
* iPhone and iPad devices, Android devices, Symbian platform, Windows®
Mobile 6.x platform, Java® ME platform
* RSA Adaptive Authentication Mobile SDKs will be available in November
2011 for the following platforms: iPhone and iPad devices, Android
devices, BlackBerry devices
About RSA
RSA, The Security Division of EMC, is the premier provider of security,
risk and compliance management solutions for business acceleration. RSA
helps the world's leading organizations succeed by solving their most
complex and sensitive security challenges. These challenges include
managing organizational risk, safeguarding mobile access and
collaboration, proving compliance, and securing virtual and cloud
environments.
Combining business-critical controls in identity assurance, encryption
& key management
(
http://www.rsasecurity.com/glossary/default.asp?id=1111), SIEM, Data
Loss Prevention and Fraud Protection with industry leading eGRC
capabilities and robust consulting services, RSA brings visibility and
trust to millions of user identities, the transactions that they perform
and the data that is generated. For more information, please visit
www.RSA.com and
www.EMC.com.
About EMC
EMC Corpo
ration is a global leader in enabling businesses and service
providers to transform their operations and deliver IT as a service.
Fundamental to this transformation is cloud computing. Through
innovative products and services, EMC accelerates the journey to cloud
computing, helping IT departments to store, manage, protect and analyze
their most valuable asset – information – in a more agile, trusted
and cost-efficient way. Additional information about EMC can be found at
www.EMC.com.
EMC Canada (
www.EMC2.ca), headquartered in Toronto with nine offices
from coast to coast, is a wholly owned subsidiary of EMC Corporation.
- 30 -
For more information contact:
Mike Martin/Michelle Chang
StrategicAmpersand
416-961-5595 mike@stratamp.com michelle@stratamp.com EMC, RSA, SecurID, Secured and eFraudNetwork are registered trademarks
of EMC Corporation in the United States and other countries. Android is
a trademark of Google Inc. The Trademark Blackberry is owned by Research
In Motion Limited and is registered in the United States and may be
pending or registered in other countries. RSA is not endorsed,
sponsored, affiliated with or otherwise authorized by Research In Motion
Limited. Apple is a registered trademark of Apple Inc. Citrix Receiver
is a trademark of Citrix Systems, Inc. and/or one or more of its
subsidiaries, and may be registered in the United States Patent and
Trademark Office and in other country. Juniper Networks and JUNOS are
registered trademarks of Juniper Networks, Inc. in the United States and
other countries. Windows is either a registered trademark or trademark
of Microsoft Corporation in the United States and/or other countries.
Oracle and Java are registered trademarks of Oracle and/or its
affiliates. All other products and/or services are trademarks of their
respective owners.
This release contains “forward-looking statements” as defined under
the Federal Securities Laws. Actual results could differ materially from
those projected in the forward-looking statements as a result of certain
risk factors, including but not limited to: (i) adverse changes in
general economic or market conditions; (ii) delays or reductions in
information technology spending; (iii) the relative and varying rates of
product price and component cost declines and the volume and mixture of
product and services revenues; (iv) competitive factors, including but
not limited to pricing pressures and new product introductions; (v)
component and product quality and availability; (vi) fluctuations in
VMware, Inc.’s operating results and risks associated with trading of
VMware stock; (vii) the transition to new products, the uncertainty of
customer acceptance of new product offerings and rapid technological and
market change; (viii) risks associated with managing the growth of our
business, including risks associated with acquisitions and investments
and the challenges and costs of integration, restructuring and achieving
anticipated synergies; (ix) the ability to attract and retain highly
qualified employees; (x) insufficient, excess or obsolete inventory;
(xi) fluctuating currency exchange rates; (xii) threats and other
disruptions to our secure data centres or networks; (xiii) our ability
to protect our proprietary technology; (xiv) war or acts of terrorism;
and (xv) other one-time events and other important factors disclosed
previously and from time to time in the filings of EMC Corporation, the
parent company of RSA, with the U.S. Securities and Exchange Commission.
EMC and RSA disclaim any obligation to update any such forward-looking
statements after the date of this release.
If you do not wish to receive news releases from EMC Canada please
reply to this e-mail with "remove" in the subject header.