Industry consortium the Liberty Alliance Project has set
up an expert group to produce open standards to ensure that “strong
authentication” systems to verify people’s identity are
interoperable.
Strong authentication requires at least two forms of ID
verification for accessing a network or online application.
The need for strong authentication to replace less-secure
password-only systems is increasingly being recognised. Analyst
Gartner has predicted that by 2007, 80% of organisations will reach
“password breaking point” and will need to strengthen user
authentication with other security methods.
The Strong Authentication Expert Group (SAEG), set up by the
Liberty Alliance, aims to build an open framework for strong
authentication solutions – including hardware and software tokens,
smartcards, SMS-based systems and biometrics – that will be
interoperable across organisations, networks and vertical market
segments.
The expert group includes American Express, Hewlett-Packard,
Intel, Oracle, RSA Security, Vodafone, VeriSign and the US
Department of Defense.
Timo Skytta, vice president of the Liberty Alliance, said: “With
increasing industry demand for better protection against online
fraud and identity theft, there can be no question that the time
for universal strong authentication has come."
The group expects to release the first version of its
specifications framework, dubbed ID-SAFE, next year.