Operations

9/18/2015
01:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SecureKey, US Bank And Future Of Digital IDs

Company Launches Proven SecureKey Concierge Service in the U.S.; Provides Federated Authentication and ID Verification for Online Applications

BOSTON, Mass. – September 15, 2015SecureKey Technologies, a leading provider of identity and authentication solutions for simplifying consumer access to online applications, today announced the launch of its SecureKey Concierge  service in the United States. The industry-proven solution is being offered to online service providers in state and local government, healthcare, financial services and other markets where consumer privacy, high assurance authentication and ID verification are required.

By allowing consumers to choose a trusted credential they already have and use frequently, SecureKey Concierge eliminates the need for additional usernames and passwords. The service builds on the company’s white-label FedRAMP certified Connect.Gov service sponsored by GSA, USPS and NIST, and on its SecureKey Concierge Service in Canada, which has experienced a doubling of user credentials in each of the past two years. The service operates on SecureKey’s industry-leading briidge.net Exchange™ Platform, the market leading multi-tenant federated authentication and identity platform.

“SecureKey’s consumer-oriented ID network enables stronger digital identities, eliminating many of the challenges currently associated with accessing online services,” said Dominic Venturo, EVP and Chief Innovation Officer at U.S. Bank. “We look forward to collaborating with SecureKey to grow this ecosystem of trusted credentials for the benefit of our customers nationwide.”

"The providers of online credentials of all security levels, and their respective customers, benefit from the service SecureKey brings to its customers,” said Mark DiFraia, Senior Director of Market Development at MorphoTrust USA, and Board Member of IDESG and UT’s Center for Identity. “Their solution provides a pathway for acceptance that would ordinarily be difficult to achieve. A consolidated means for any online players to accept the trusted credentials that individuals already have makes the adoption of NSTIC principles and the promise of a more secure online experience a reality.”

SecureKey is engaging with U.S. identity partners and technology partners to increase the breadth of its SecureKey Concierge Service, leveraging secure, in-market credentials issued and managed by banks, telecommunications companies, government agencies and other organizations. Coupled with user-centric privacy protection to prevent tracking of consumer data and online activities, the SecureKey Concierge service promotes increased use of web-based services by allowing consumers to securely and confidently conduct transactions online.

“As online fraud and security breaches increase, SecureKey Concierge is driving a new era of convenience, security and privacy, translating into peace of mind for consumers using the web for critical applications and services,” said Charles Walton, CEO of SecureKey. “The U.S. launch is part of SecureKey’s commitment to expanding our ecosystem of trusted partnerships and online service provider communities to dramatically simplify the account opening process for increased customer acquisition, while facilitating greater efficiency in credential management.”

SecureKey Concierge Services for the U.S. Market:

·  Federated Authentication Service: Enables consumers to use their choice of credential from an Identity Partner in the SecureKey Concierge network to log into online service provider sites.  For enhanced privacy, the service includes a privacy guard that ensures consumer online activity is not visible to the Identity Partners, and personal attributes (name, address, date of birth and more) are never shared without explicit consent. The service offers tiered levels of assurance to support a range of low assurance social ID credentials to high assurance, smart card-based digital IDs, based on the specific online application requirements.

·  Identity Verification Service:  Allows online service providers to verify user identity data, such as social security number, date of birth, age, zip code and other information bound to a user’s credential. A “tokenization” process maintains the privacy of the consumer’s data, and consumer consent is always required at initiation of the identity verification process.

“The SecureKey Concierge service is a natural extension of BMO’s offering with SecureKey in Canada to provide customers with a secure and trusted way to access application services online, and we applaud SecureKey in their efforts to bring this industry-proven online authentication solution to the U.S. market,” said Marlene Lenarduzzi, Vice President Fraud Management and Enterprise Authentication, BMO Financial Group.

“SecureKey extending its Concierge service into the U.S. market will have a positive impact on the identity ecosystem by establishing a practical and proven benchmark for federated identity and authentication solutions,” said Don Thibeau, Chairman of the Open Identity Exchange.  “SecureKey joins other industry leaders in leveraging OIXnet, a technology agnostic, general purpose registry, by registering its Concierge trust framework to ensure interoperability and trust among counter-parties.”

“The Kantara Initiative is excited to see Kantara Board Member SecureKey launch a privacy-enhancing consumer ID network service in the U.S., following its successful deployment in Canada,” said Joni Brennan, Executive Director at Kantara Initiative. “The need for private and secure consumer transactions based on a federated authentication model is critical to address for trust and innovation market growth in healthcare and other regulated markets.”

Availability

The SecureKey Concierge service is available now for customer proof-of-concept operations and identity partner integration in the U.S. For more information, visit www.skconcierge.us

About SecureKey Technologies 

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.  The privacy-enhancing SecureKey Concierge Service™ is a next generation identity and authentication network for conveniently connecting people to critical online services using a digital credential they already have and trust.  SecureKey is headquartered in Toronto, with offices in Boston, Washington D.C., and San Francisco. The company is backed by a world-class group of venture and corporate investors that include strategic investments from Visa, MasterCard, Discover, Rogers Venture Partners, and Intel Capital.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
Dark Reading Live EVENTS
INsecurity - For the Defenders of Enterprise Security
A Dark Reading Conference
While red team conferences focus primarily on new vulnerabilities and security researchers, INsecurity puts security execution, protection, and operations center stage. The primary speakers will be CISOs and leaders in security defense; the blue team will be the focus.
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Look Betty, Petya now has a 3d screen saver 
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.