TriCipher, the leading provider of multifactor authentication solutions to protect online users against fraud and identity theft, today introduced ID Tool ToGo™ - the first portable, low-cost solution for protecting sensitive information online, that can be delivered on a multi-use device.
ID Tool ToGo protects bank, retail and healthcare organisations' customers from online identity theft, fraud and emerging threats such as man-in-the-middle (MITM) phishing and man-in-the-browser (MITB) attacks. Available today for USB smart drives, ID Tool ToGo provides consumers with a branded, portable, convenient, multi-use device, overcoming cost, technology and familiarity concerns common to smartcards, biometrics and tokens.
TriCipher's ID Tool ToGo, combined with its patented public-key infrastructure (PKI) technology, gives companies a far more affordable and secure alternative to expensive one-time password (OTP) tokens, smartcards, or biometric devices, which can cost £25 or more per user each year - and are vulnerable to MITM and MITB attacks. In addition, ID Tool ToGo delivered on a USB smart drive provides value beyond securing personal information online; it allows users to store and transport music, photos and data.
TriCipher will offer companies "customer self-provisioning" so customers can download the ID Tool ToGo onto their own devices. TriCipher is working to bring ID Tool ToGo to other multi-use devices.
"To move more business online, banks, retailers and healthcare organisations must increase the strength of identity protection, while attacking cost and user convenience barriers," said David Franklin, VP EMEA for TriCipher. "ID Tool ToGo is the first low-cost, convenient solution to give customers new freedom and unprecedented security, eliminating exposure to sophisticated man-in-the-middle attacks designed to con ever more online users."
The Evolution of Fraud and Identity Theft Attacks
Cyber criminals have evolved their elementary phishing tactics to integrate MITM attacks, which circumvent virtually every customer authentication method.
According to Gartner's September 2006 report Transaction Verification Complements Fraud Detection and Stronger Authentication, by Gartner Research VPs Avivah Litan and Ant Allan, "They usurp or 'piggyback' on legitimate user access to the bank's Web site and will succeed no matter how strong the authentication method. While the incidence of such attacks remains low, we expect that this will increase significantly within the next two to three years. To protect against more-sophisticated attacks, additional safeguards are required."