The new Vault solves this problem by enabling Web site operators to rapidly implement the PassMark solution, a two-way, two-factor approach to e-commerce security based on PassMarks -- personalized images known only by individual users and the site. Consumers learn not to enter their password until they see their personal PassMark, giving banks an easy way to show customers that a site or an email is legitimate. PassMarks are two-way because they verify the authenticity of a site or an email to the consumer, and they are two-factor because they add a second factor to the user ID/password for authenticating consumers to the site. The PassMark Vault is a hardware device that integrates with the existing systems of a Web site operator; it stores, manages and serves PassMarks and other credentials to provide user and transaction authentication for Web site logins, emails and other purposes. The PassMark Vault performs authentication transactions extremely fast and can scale to perform thousands of authentications per second, far outstripping the throughput capacity of most external systems feeding it. The PassMark Vault is easily implemented through a simple plug-and-play integration with existing Web sites. Derived from a government platform certified to FIPS security standards, the PassMark Vault is designed for maximum security. Inside, a security crypto-chip is used to store keys that protect the hardware, software and data. If the housing is physically opened without authorization, the internal keys self-destruct and the data is rendered unreadable. The appliance runs a specialized version of Linux software that has been modified for increased speed and military-grade security standards. The PassMark systems two-way, two-factor approach to security can be used to authenticate many forms of interaction, including both incoming sessions (such as when a user signs onto a Web site), and outgoing sessions (such as when a site sends an email to the user). It is effective against the leading online system attacks including phishing, stolen passwords, man-in-the-middle and registration fraud. Because it is based on recognizing a customer- selected image and does not require consumers to install any new hardware and software, it is easy and inexpensive to deploy to large customer populations.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now