Interoperable authentication credentials

August 9, 2007 at 9:33 pm 2 comments

It’s hardly surprising that 61% of the 102 IRS employees tested improperly disclosed their usernames and passwords. I suspect they are people after all and therefore prone to social engineering. Sadly, it seems they didn’t even get a chocolate in exchange.

Passwords of course continue to have a role to play in online authentication. But, they need to be limited to transactions where the identity-related risk is truly low.

It would be so much easier if two-factor authentication was ubiquitous. One way to get there quicker is to have interoperable authentication credentials.

It was therefore good to see news coming out of Australia that ANZ Bank has struck a deal with a government department to pilot a way for bank-issued smartcards to also be used as authentication credentials with the government.

This is part of the VANguard program which “will provide validation, authentication and notary services to facilitate online business with government agencies.”

A downside of using smartcards online and yet making use of the digital certificate is the need for a smartcard reader of some sort. That doesn’t however seem to be a problem for ANZ’s business customers as they are already using them for a range of Internet-based banking services.

This is great- one interoperable authentication credential for banks and government, one step closer to ubiquitous two-factor authentication.

Entry filed under: 2FA, Aus, authentication, data_breach, fraud, government, identity, interop, security, strategy, USA.

A solution for Web 2.0 identity IdenTrust and PKI

2 Comments Add your own

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Trackback this post  |  Subscribe to the comments via RSS Feed

This blog is no longer updated. See the About page for more info. I'm currently active on Twitter.

Follow me on twitter


%d bloggers like this: