SanDisk Corporation is introducing a new dual-factor authentication token product called TrustedSignins, which was introduced during the RSA Conference.
The TrustedSignins authentication system provides secure protection against online fraud because it uses dual-factor authentication, which requires the combination of something users know, such as a password or user name, with something users have, such as a SanDisk USB flash drive or mobile card.
In addition to entering a static user name and password, a consumer connects the SanDisk flash drive containing TrustedSignins technology to a PC and a one-time password (OTP) is generated and supplied to the website for an extra level of security. The one-time password can be routed seamlessly to an identity protection network for validation, allowing the user to access multiple accounts such as those from a bank, auction house or brokerage.
RSA and Verisign are each working with SanDisk to enable and provide two-factor authentication for end-users who purchase SanDisk mass-storage devices at retail outlets and then use them at either an RSA SecurID enabled webite or a VeriSign-enabled website.
SanDisk says the TrustedSignins platform supports multiple virtual tokens and multiple algorithms, so the technology is versatile and expandable.
TrustedSignins is built upon SanDisk’s 32-bit memory controller driving an embedded high-performance cryptographic engine. This provides real-time encryption and tamper-resistant security to keep stored data secure.
Not needing to bear the expense of stocking and supplying tokens to its user base is seen as an advantage for enterprises over existing token-based authentication solutions. Organisations such as banks can simply advise customers to buy a TrustedSignins compatible SanDisk memory device in whatever capacity they like. As an example of incentive for this kind of security initiative, SanDisk sees these companies offering a rebate to customers who use a memory device as their authentication method.