Database - eWeek


Battery 500 Project Charged Up over All-Electric Cars
Charting the Final Frontier--Google Maps for Indoors
Get Smarter Technology on Your Mobile!
  Database


Two-Factor Authentication Could Stem Rising Tide of Identity Theft



 By: Lisa Vaas
2005-04-15
Article Rating:starstarstarstarstar / 1


There are 0 user comments on this Database story.


Rate This Article:
Poor Best
Washington panelists tout the value of the small, digital token devices that provide users with a random, six-digit code that changes every 60 seconds.

Two-factor authentication may well be the key to stemming the onslaught of identity theft now plaguing businesses and consumers—if you can talk customers into using it, that is.

"Its easy to apply two-factor authentication when you have employees [or a government mandate]," said John Carlson, senior director of BITS, a nonprofit organization of financial institutions that focuses on technology and business issues. "But its a highly different equation when you deal with customers that can choose between different financial institutions."

Carlson was part of a panel of vendor, government and business data security experts who convened Friday in Washington at the Center for Strategic and International Studies.

The panel, "Emerging ID Theft Challenges in Cyber-Space: A Discussion of Possible Technology and Policy Solutions," also included Howard Schmidt, former special adviser to the president for cyber-space security; James Lewis, of the Technology Policy Program at the Center for Strategic and International Studies; Joe Raymond, chief architect of Web optimization at E-Trade Financial Corp.; and Art Coviello, president and CEO of RSA Security Inc.

Resource Library:
The two-factor authentication to which Carlson referred uses a small, digital token device to provide users with a random, six-digit code that changes every 60 seconds. The user employs this unique code, combined with his or her user ID and password, to access sites such as online banking accounts.

Carlson said many representatives of financial institutions are working with regulatory agencies in Washington to assess the effectiveness of identity protection via two-factor authentication, but customer acceptance is the deal-breaker.

E-Trades Raymond told a different tale about the technology, however. E-Trade in March announced an optional two-factor security scheme for its U.S.-based retail customers.

Upon piloting the two-factor authentication, which will be available sometime this quarter, E-Trade found that customers actually welcomed the more-involved scheme, reflecting a perception that their private data was being more carefully shepherded. "We found that, in a lot of ways, digital security identification enforces the perception we like to put out there," Raymond said. "Almost all customers responded that E-Trade has customers interest in mind."

E-Trades program, however, is available only to customers with $50,000 or more in combined E-Trade assets—hardly an all-inclusive solution for the entire population of potential identity-theft victims.

A broader solution must include more law enforcement personnel, as opposed to new laws, said Schmidt, former czar of the presidents Cyber-Space Security initiative. He was one of a number of panelists who decried a "patchwork" of proposed legislation thats being flung out in what they portrayed as a knee-jerk response to recent data breaches, including breaches at data brokers ChoicePoint and LexisNexis.

For example, Sen. Dianne Feinstein (D.-Calif.) on Monday proposed a toughened-up version of her ID Theft Notification bill that would close loopholes in Californias current notification law, SB 1386.

In addition, legislation has been proposed by Sen. Bill Nelson (D-Fla.) and Rep. Edward Markey (D-Mass.) to regulate data brokers.

"For the most part, I think that over the past 10 years, weve done a very good job of defining criminal law with regards to cyber-security," Schmidt said. "But we dont have the resources, its just that simple. We have to do what we can to reduce the number of victims, which then gives law enforcement" the ability to tackle a reduced number of identity-theft incidents, he said.

Two-factor authentication is a potential solution for reducing the number of victims, Schmidt said, pointing to the security device he sports on a keychain. But the crucial question to answer is if we, as a society, need to consider whether we want to have a necklace of security devices for a chain of unfederated services, such as making retail purchases, accessing banking services, etc., or whether we trust government to aggregate our data in order to issue credentials.

Check out eWEEK.coms for the latest database news, reviews and analysis.



  Reader Comments: Two-Factor Authentication Could Stem Rising Tide of Identity Theft
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Database Articles          >>> More By Lisa Vaas
 


x}ks㶲*Q3CO#Mɖ<4$UZJ$CR~${rkdrw-Dn4w~ I Ӟc-Jg1ȣw&$]4i-*rdxj9%GFԲ|W軫F]̉]ˍP/W!׫H|Nx H%SjNAM3g{ھl ečz9ޯ3 fE63&IGr!%>֥qȏ} c1 ߷8|}؁䛿S=|e3g71m )*J$!1QcDwsg^/ԡcF4Lߵ#2-rtxW{7v+!6^@^jc\ȁ{4 *YNrDFL$٪؁E$Ӥbf=:#r<r@J53g螩[mɧ9\gԏ` YT`2E%$7 :\ت?ypMϳXc$lǦ"OUm_j| sqDf2Z"'l,R ?q7tJaH9vL=:#Y֍aFY6o@YǚZ*jUE9.TCxxlUm8e2͏QuޅRV5MQ;U? n0th;\CRCNesE4f™EUCdvߔ-~k~:C,[3sAT4 ̠K`W:+19jqsּyi_67=rֽ&i3 a ɗV:['^=:$?,rG=jZ-Jj=2iPE$Y)r$?;۾Bdu#7R(y#0ri4(> 8Zujtk+Uyk쥣 43@_x0ND57jSfMr,eg{0@M)61tGv!fByM)oB* brݢPP3^̧KdoF" eF\B(:pHq> R].9tapq|]7+De., s5-wnx;{R?k5[Mһ^Z0Wb}ƺƻ EhYf7-$M}{Qc1xJ ,VPQ9T*&rO f[Ԗ-Pò˔A >aϨ>s|V궝x>:AG:ڴb{\f&h`C}ҍ& Ѐ w|hx: C 00gwk9LP#wC۠h&r<5$'ʦMf@B9{ǻޚ~(wz7t( u,/{@`\@Z8`$8ʼ }¢PsOpMrA=39nZдc@ť`(mtfй+>q^v.iC@Ӭ{o%<4joZIJۥa]hk%T87Bj^[a׼6F]RZRKHD,Pc/΅ò=cM2&Ioہc#Mܛw\Pepd2lߪ%M*ǚvX>ڹe3%P$wCJ$l%KWw@4-=\OThBJmHǝ:~L&ҧV L Mڊ(zG/ű`a{62rt\X:5u{qaٿXZTZkʮtِүxMVp"fcxF3FԱiQP7uk#RLא~3KJAUc?&i?怚H|A2e &G-cY}6euEm׏$ci.:<~ɯ™9j1|*j0&B$V8l^x}굍dN`'\sW["LJ}#Μi-L,*I-b]Pr)SLZ06Aa5_c)cpI,_ta@C^C)& SZ`\FLs  ZCbP$܌h@.& i?aE"'hG=.C+DÜU^of.$JPVbrxɡUT9.J8+s??2:Ew:9pc~y890N7l40Zpr87u>tȕK-˰)c.Z$ c?`׊ +RUw5 Ř)aSxt( b*䪢-?}+[3]>F]hC\4!<}oS4pf mWq=[JjJwg `Zp[zGc8M" ,r޽e=QeW᧘TVQqi?r;d跸2] Q|ٵ`̌QMS؇٨b_@TrX-5o7kE0kv-fdaD4@w=8bC-ɬB3\ܷ V}uP@&s7875;V`]j#p]g8ýo~Qby6UG3d߉g&zGjz%r zD/h{ ~zUM+%e0&30ʃϣ ek&ws0U3fyr;ݯ`jd WM ۹+76Adm􁯌C-sc dK&.ɹ%wA֮vZPn3i`$ez(lYP;,g|l6S9 hr1m} #حwDN$;QOHG~F85 fS))r*H+UtČerȗG3v8TU{MyU̐,*Cj]K>a51r`֮ȏ4N>2Q&OB8Jh-[r_A~f:T(ȫͦ'0k(j'܉?>nVɵGZV?fIG{EY(..n$UHU(V $ yU;,h2X+(#t+^۹a m.E<9[ 1ķʨTISW".wD<7Ϩ3}Nb 4t^IW:.ky*1a2I4D kni:aF*ݐGOLJZZ$|p`F􀯢e2qyh7(۞jMn@h# &w|}AUR#9w>EM+v@l+J9wwGc3 t@FeѓEO.'-JpX8YH/s>P YɷonhC?چ +~7?l)ɡ$>DQkz\12a7B^\όн~>`UljK( -$P) WAhxa{I1}G$%}wnϏHAcg˾t/~9?L8~xk# {L[(E ^-{^j\.0MJf#R:&*);-~l1z˾WM$(XNptc!'q/gz^Dlftކ.Zg0BF@ɎUN~#tڗKE;&˖:^;jdG, YE# B^ǧ5vhR`QQcF#wҝa3+vH[!Br_5g^|% \I\5g0GhMن{+*q֭ Bf/3bB!|JgXkI-jշΫ؉|Ds`*S=SL aʕ#rWiT"61뀴Qt~zv`5g3 \:`Q )cn ~]jrל8JnLcB9f8#ەgaBxYa1~h83ݴn4.kҸj`~%X@RCwGH|9~ÿ§  ;s]3g伉)N[)a4FKp?Koؽ¾"8 0^l"4P$yUZ/"2NIJn/:}L9zd ,FJfz7ki^x̠tg[f1vfo?}Y>]bwPxI=w뻿PŞYiIU/J\-"Pnx {qI9.t}?,J`\Ty^Av`#B"fFc8EE[o\gmef7cŸ@!{ Rb'OƛΑil&s$;grЇ 1? l;oVpN Ϧv_ O%FJMc-ێ!e_к õcV: /!IVܱS,*_1;lV6֊ v™)[ꈧ Wךneb֚KKLBI|pI7̼V&Q~2*kwCOƥG/>qlĨ`jox?ƖGX#Nh<:KBg5Xԟ|X`ˤX''\/_z_A K3X<ƒ Q{?qԟq_VuJY+s1-#wGoj9"M|DtaxGYY6"B3YDKz˘4D:mw}Fm`JS^G:mHkc*# 8A"دXi;Z:D.&1;wmfmȼhXe%_<*+t9:-{Ʉb::`9z'Cq$ܓeQ0X *j)L1Utқ@8NbŔt±9" :K2cܹr Մexs9 NS6|p4ub"P<jGaU{24O~lδK,O3~L2W!SjbX7!% 4)YlvʼnEk1QnA%s`־m3bllk>'\y4MYȎi12A-㱁'C#/Xx<ړ8a25H' SQ"J׊SGND"uûI@vjaI 'Pyb'n765Z(&7|@)"or&GO,*EPoG) ׳W2ھK~/:3nJaT>G)2ᕉ8 ~!" =NS266oubo@hLsu?,üzRH2r0+cGW&y)IZA#hxЃ(6XႰs@xMN[v; @Tz*8߀X8: O:ҕ9`=!]pwT*ՒZٍ`r! &[ JGOWmz}WwCIU%-gU^|aY8sFs_r z3L,?JZY~`yX@m}]+]}v%#XJ4;w;Smcm<<<<=Zٌu+:8q#-pgR#tt`A\jmu[rG2HTj"Oak\soQcB/7rfcv|7ϳɰ9{^-RpfxXx:MT\_}oҖbGE5KES$k^{ L4f¶P]vUb#.-׽K`U$دY^zIz%_^Qm ͏Dr7͉taL{ ۠80#90u] vEk2h)]}lKJZɽ~ B Òӟ`bgntNc H5  e f(yD?^#ܢ`f M$50Y1XXgb]kF /?H@YO`; Xa~s~s~s~s~ssL7{hV7Vń'Eޞesu #V$qӭx g77>hk<8SLm DQy/Non}_#V*ҥW9s_:}qA'V a5~bέQ}]ɗv3&;ӟq\MeHx:@,sxm7k>'ssۼ}vUߪ'"> Dfj*1QIB_?! x}_Etogz1gW=\elzT_W򧹮6qe".IXH'zݑxYi`@,"z_p`D#קȟBO!@ z„A謓An/,OKWK [h_ɟ;7JA+! #$GH&+$AW"Wi]K74?pW?^Kj }=q:ۍ)0//D7Ml߼ ۩LԈm Z1ߦLm_mױևՙxQWtׅdhkkٵgyΜ;mV)K2k>˧4|6`l^Jif-2CbMJ$t86A 3&e< -~-i$R n #-'bA|`߱1 *px@Q}}xi/^xģj,`2Le-Nړ!N`u{#LR3я"t@9Ъ es^7>kE_A- ˴jgs?xJ|fiOC gȷ|bþŝMW@$$ϰ_ug$w=&Lamߣ^]Y?hQCpob䭼-d??ߋ.'!?33${%0&M[kË>Mr~ozc$H| AD<[ƑDèxXVF!֜rc[QtwޖSQ1cM-V%8IuYêPئ88!$9pްBXD?ߋ"d gF%#0ڱ[w6-Rݽ"%&hPjߙc/:OyZܞi/N/Yql[.04%nS#9m6*1Xrt1І]3#ZNHx5JӸiL(ZmB!"SO L%& J!47\CP |+C7OR(?hUeqb+Y75 U@8AnIݴX=/>o[Iׄ^P> :{ᛂrPZ-F/|T0/b-#-񸐤#C o`< wzn̥7f?= .N⸰ CVY aIm{7R[ $y?ZEDW# `xI(zh_M﷮{a/'UB}m"y;fh?E,x~RANxl+Ja 3ɹcMZfBE< ,i  YC) Q?9肩qb1Ř!&"7L{dٌ6\?HS G :2w@>wWLQXj*{3wأ4ϓ/ } ޗHM0χ"\ezX<>swe~rkt6R5KqfldaQ(b8M u?3,ȏbKlݜ(8jq$P!%h$bcx=9aamځdtFkޝ#_F`p3W VjE)OBӁRs] ULfW4oSwe2VqBLz%ruW0`A-'i92fg4t\@%bf`fڟ,\quu 9^9nHI}ow/I{ǣ_QwB{Yuuݾg31F;6/M&Jy22 gN)sC9,jO6"G}ɂw]%}QX\mԙ_?>vb+Q^& F/:ǬLO!~ټnzZ6ⷶv go:ٙ%KN#C)^o-h7Q`1Dj 'MMo )nu:e+WMj^+Q_۸v(3_3ʯz}i8QޅnF9rz}yhleB3Y}>2 ?/?ofnf~ ?Ӿ({@//E|Ꝍ@;N|o'O'>'Nv?;2zP93(@y'2c|/A~.32c7.n~f+ W3eePO_23*}g @MV9M@7d_ryrָ…)IFy)W?REV SV9,.2j9.~QJxdB$h{d < G"X5e8Ntw 1 }),3yk4.? fVt{rU%n zn_~L|œi3Okr>ubxvY몮|;T_;Yo%P/C ZsgeA:^Vl<- 5Q3[ ÈC?s H80!Q,+O7 jlc}pWu}ٸ\5>C{>'K j*85ߜ:I<w} X&@Y$'}p)c5z衈~54]M4pt؉&3O7#ؑɹT.jZQo\)Uʹ俓k$2 (8 "(`DdU*[R0X\/s>P`26UJ` z!OJ1=4c­dK_cwL"УTH bejfⅺdQKCt8cS+x;b(q ?,(nS[\AbkBCVx#31hڼ1i*m `-YkMD :'q$&h;Ì,a܁z3y m=ƾw<A cԙQ/Lu-7:]A/ˇtt7\șPV=wwVp.IDLa\Dm8qhxwj6-R pJI⽳ L&S$CRXD=wmP@EikA/?mwI3軉fKNvޒۍ־( ;><=ضGhFz%#tnP']K7"i½oPm J0wKw , 枫Q@I`S )1|j7K:ZؗƌQYɶz S~n\O(Coݒ\k<>ci xo#fyc< zn% /)i%^]WX*۳i|?e Lt8?n90kn>7Q$L{yw5H_d%\!dW< lԷ3@FC0!ZYm,KE%&(Xp\'AΙim9;.]r"#<[_ڵok3gz Ϸ;7x;n·OWek[$v/-'_ڕ+zYLn2?Jb @J\ D7#Tt %K@ 4zW 78ǩ3bhuq#b ut+e!.1w:xa˟鱺Wqٮ7GѺa#®u4-/*S 9/ߩn^xaW_<FP1Mov$пs<ٰ^|&Ǹ[0tcfw^=Wͳ-I>2epCdkVI{{a0&|iE-㨤t`C v_ <8 cL;acXJ Y2!&ۅ7O80Ux|-h\};}xX˩>S|Y;D5Rb&(G=zLk|FXKc.%Ա`=b^8qe Q3|Jj胋IȽgz`>^}.<ȳ(`,$v"V9rsh{h۟ZsTHهl*~&'Y,{kۺнT~xSmv<Ul_~H_%ȕ/-F#xoUAtMjez'14ɋm2HZ\ɡRvᷮ g۲M*d.%rR_fLN˚ʾ w"6BKFslx6 @`)