As you may be aware, security professionals are abuzz over the March 17, 2011 announcement from RSA that a severe security breach had occurred on their servers.  Although details were not disclosed, it is clear that a compromise of secret server-stored “seed” codes represents a serious and far-reaching weakness of solutions relying on one-time passcode (OTP)-generating tokens.  For standard security tokens that display a changing series of digits, these secret seed files are stored on both the server and hard-coded into the fob.  A compromise of the seed file on the server means that a new fob must be created and distributed to clients; furthermore, security is defeated before such compromises are detected and each time new hardware is being deployed.

The IdentityX solution is not vulnerable to this type of attack, as it employs a multi-layered security approach that does not rely on a simple shared secret.  IdentityX technology combines multiple authentication techniques: something you have (a smart phone), something you know (a PIN/passphrase), something you are (multi-modal biometrics such as face, voice, and palm) and even somewhere you are (GPS). 

IdentityX is designed to protect against the type of attack being discussed.  Consider:

• IdentityX does not rely on a shared secret that can simply be stolen.
• To even begin an attack attempt, a hacker would have to have physical ownership of an IdentityX user’s phone.  This initial layer of security requires possession of a physical object, unlike the OTP tokens that simply require you to know the OTP’s secret.  In this case, that object is your phone, something that you are already accustomed to carrying and protecting.
• A second layer of security is an IdentityX PIN.  To be fair, it is possible that a breach in a security system’s server could result in a compromised PIN.  However, because IdentityX requires possession of the user’s phone in order to enter the PIN, this would be a very weak attack.  Furthermore, subsequent layers of security described below mitigate the risk of a compromised PIN with additional security factors, such as biometrics.  Finally, the interconnected nature of IdentityX ensures that a user can easily update their PIN while using the other security layers to secure the update process.
• IdentityX provides the ability to add additional layers of security based on a transaction’s risk.  While low risk activities might only require a user’s PIN, high risk transactions can be configured to ask for biometrics such as voice, face, and palm image matching.  IdentityX can combine more than one biometric to synergistically increase confidence in the user’s identity.  It also employs sophisticated software to ensure that it is dealing with a live person, rather than a recorded voice or picture of a user.  Overall, biometrics provide assurance that users really are who they say they are.
• Finally, GPS can be used to ensure that transactions are only authorized in appropriate locations.  Whether you want to restrict transactions to within a fraction of a mile of your corporate headquarters, or just ensure that they do not occur in a foreign country, the GPS coordinates of the user’s phone provide yet another defense against remote hacking.

IdentityX is highly configurable, allowing the security policy for a transaction to be tailored to the risk associated with that particular transaction.  A bonus of this risk-based approach is that it provides the flexibility to change security policies on the fly in response to future threats.  For example, as noted above, if a security breach were to compromise user PINs, an attacker would still need to possess the user’s phone.  Nevertheless, the affected company could immediately turn on the added security of voice matching, even while the process of having users change their PIN was begun.

As a backup option, IdentityX does offer an OTP-generating capability similar to the solutions discussed above as an alternative for lower risk transactions.  However, even this option is superior to the security token solutions that were recently hacked.  Because IdentityX uses the phone as the physical authentication device (rather than a separate fob), it can easily be updated with new “seed” files without the need to issue new devices.  If the OTP secret were to be compromised, even customers that were using this back-up functionality could simply connect and get their secrets replaced, immediately invaliding the attack attempt.

IdentityX, with its multi-layered, configurable security policies, is clearly the answer to the evolving security threats that are so pervasive today.  Daon’s IdentityX solution brings the ingenuity of the world’s leading identity assurance provider to the defense of the 21^st century’s digital lifestyle, and its timing couldn’t be better.