Risk
12/3/2013
03:27 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

ValidSoft Joins FIDO Alliance To Support The Creation And Adoption Of Simpler, Stronger Authentication Methodologies

FIDO's goal is to develop industry standards that increase compatibility and reduce reliance on usernames and passwords to authenticate online users

LONDON and OKLAHOMA CITY, Dec. 3, 2013 /PRNewswire/ -- ValidSoft (www.validsoft.com), a global supplier of advanced telecommunications-based fraud prevention, authentication and transaction verification solutions, and a wholly owned subsidiary of Elephant Talk Communications Corp. (NYSE MKT: ETAK), has joined the FIDO (Fast Identity Online) Alliance (www.fidoalliance.org), which is dedicated to creating standards for simple, open, scalable and widely compatible strong authentication systems.

ValidSoft joins many of the largest and most progressive brands in the payments industry in supporting the FIDO Alliance, which already includes global leaders PayPal, Lenovo, Mastercard and Google as members. FIDO's shared goal is to develop industry standards that increase compatibility and reduce reliance on usernames and passwords to authenticate online users, approaches that are both easily compromised and notoriously difficult to remember. Passwords would instead be replaced by 'low-friction' authentication methods embedded in device hardware, a philosophy already reflected in ValidSoft's multi-factor mutual authentication, identity and transaction verification solutions which also in corporate features such as voice biometrics and location proximity.

Pat Carroll, Chairman of ValidSoft, says: "We're pleased to support FIDO Alliance's efforts to create and implement simpler and higher authentication standards that will help protect people from ever more sophisticated fraud.

Thanks to our unique security 'by design' approach and our ability to leverage advanced telecommunications capabilities and real-time invisible checks that do not involve the customer, we are allowing payment processors to provide stronger verification and authentication, without negatively impacting the consumers'

experience."

Michael Barrett, FIDO Alliance President and Chief Information Security Officer of PayPal, an eBay company says: "We are excited to welcome ValidSoft as our newest member. The FIDO vision of universal strong authentication promises better security, enhanced privacy, more commerce and expansion of services throughout digital industries. ValidSoft's contribution to our Alliance supports our industry goal to make user authentication easier and safer for all parties."

About ValidSoft:

ValidSoft provides advanced mobile- and cloud-security solutions. ValidSoft has developed a custom-built sophisticated multi-factor authentication platform

(SMART(TM)) for the mobile world, which takes full advantage of mobile telecommunication channels and devices and includes a leading proprietary voice biometric engine. These solutions combat electronic fraud and safeguard consumer privacy across internet and mobile banking, credit/debit-card and (mobile and fixed line) telephony channels. ValidSoft's solutions are used to verify the authenticity of both parties to a transaction (Mutual Authentication), ensure the fidelity of telecommunication channels (Secure Communications), and confirm the integrity of transactions themselves (Transaction Verification) - in each case in a manner which is scalable for the mass market, cost-effective, secure and easy to use and deploy. The company counts some of the world's largest financial institutions among its customers. ValidSoft is the only security software company in the world that has been granted three European Privacy Seals. Visit: www.validsoft.com.

About the FIDO Alliance

The FIDO (Fast IDentity Online) Alliance is a 501(c)6 non-profit organization nominally formed in July 2012 to address the lack of interoperability among strong authentication devices as well as the problems users face with creating and remembering multiple usernames and passwords. The FIDO Alliance plans to change the nature of authentication by developing specifications that define an open, scalable, interoperable set of mechanisms that supplant reliance on passwords to securely authenticate users of online services. Visit:

www.fidoalliance.org.

About Elephant Talk:

Elephant Talk Communications Corp. (NYSE MKT: ETAK), is a leading international provider of mobile proprietary Software Defined Network Architecture (Software

DNA(TM)) platforms for the telecommunications industry that empower Mobile Network Operators (MNOs) and Mobile Virtual Network Operators (MVNOs), Enablers

(MVNEs) and Aggregators (MVNAs) with a full suite of applications, Full OSS/BSS Systems, Delivery Platforms, Support and Managed Services, on-site, cloud, hybrid and S/PaaS solutions, including Network, Mobile Internet ID Solutions, Secure Remote Access Management, Loyalty Management and Transaction Processing Services, superior Industry Expertise and high quality Customer Service without substantial upfront investment. Elephant Talk counts several of the world's leading Mobile Operators amongst its customers, including Vodafone, T-Mobile, Zain and Iusacell. Visit: www.elephanttalk.com.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web