Tuesday, May 01, 2007

Verisign Offering Disposable Passwords

Verisign announced today that a new type of payment card embedded with a One-Time Password (OTP). Until now, most OTPs have been in devices like tokens and key fobs.

The card works just like the tokens. They have a button on the back that can be pushed every time the user wants to make a transaction to display a number. The card generates a new number for every transaction.

The user enters their user ID and password and also the OTP number plus a PIN number. The OTP and PIN combination are one factor and the user ID and password are the second factor in what is considered a two-factor authentication system. The user ID and password are the "what you know" and the OTP value are the "what you have" pieces of a two-factor system.

The story was reported today on Market Watch.

A few days later, Larry Seltzer had some interesting comments in eWeek. He made the same arguments as most businesses about OTPs -- they're a hassle to customers and could potentially drive business away. But, interestingly, he was also cautiously optimistic.


Post a Comment

Links to this post:

Create a Link

<< Home