RSA pushes ID tokens
I always take the results of vendor sponsored surveys with a grain of salt. Companies who pay for "independent" research won't likely publish those results unless the researcher's conclusions somehow fit into the vendors' agenda.
So with that in mind, here's a brief look at a survey recently conducted by the security firm RSA that examines consumers' confidence in conducting online transactions. The study, which surveyed 8,000 people, showed that consumers have been shaken by fears of identity theft and fraud. But if banks or brokerage firms use strong authentication systems, consumers said they'd feel better about doing their banking or managing their stock accounts online. According to the results, 45 percent of respondents said they'd be more likely to switch banks or brokerages if they offered a stronger authentication method.
Of course, this is great news for RSA, which has been pushing its digital security ID deviceÂ—a little device that hangs of a key chain that displays a new six-digit code every 60 seconds. The way it works is that you'd go to a web site and still type in your password and user name, but you'd also have to type in another code from the secure ID token.
E-Trade Financial is one of the first major brokerages/banks to sign on to RSA's technology. In March it started giving select customers --those with $50,000 or more in their accounts or those that did five or more trades -- a free security ID device. Customers who don't qualify for the free security ID device can pay a one-time $25 fee to use it.
ID tokens aren't really new. They've been around for at least 15 years. Corporate and high net worth banking customers have had access to these devices for years. And governments and corporations, especially in Europe, have used similar smart card technology for years. But it looks like RSA is really pushing the technology toward average Joe consumers.
As part of this push, the company will test a service later this year that will allow banks, brokerage firms, online auctioneers, and other e-commerce providers to use the same secure ID device. Allowing people to share their ID tokens across multiple institutions should make it easier to use, since people would only have to carry one ID token on their keychain instead of having a whole bunch of these do-hickeys dangling from a keychain.