FireID Simplifies Mobile Access to Corporate Networks, Makes Move to the iPhone
South Africa based FireID has developed a mobile authentication system intended to address the limitations of the current approaches. Specifically, the company has developed a mobile application that generates random one-time-passwords instantaneously and completely offline. For instance, a user can enter a password generated by FireID into an application or website, and FireID immediately will verify the password through a separate server. Once the user logs in, the password expires to prevent future access.
Authenticating network access in such a way eliminates the need for cumbersome security tokens, and is much more secure than the SMS-reliant approach. Furthermore, installation and use is quite simple. Channel partners can install the software onto their servers and then deliver the solution to their customers. With just a couple clicks, it’s distributed to users’ mobile phones.
FireID is not the only company in the space to ditch the SMS and token approach. RSA, VeriSign, and several others offer a similar software-based security solution. FireID seeks to differentiate by offering a unique build for each phone make and model. The application is currently compatible with nearly all Java, Windows Mobile 6 and recent-generation Symbian devices, and today the company has announced compatibility with the iPhone.
In the end, security is a front in which organizations have little room to compromise, and in organizations like banks the technology could be hugely advantageous. It will be interesting to see if other companies, in which security breaches are less a continuous threat, will be willing to adopt a new platform.