Costa Mesa, Calif., April 28, 2011 - Experian' today announced that it is working with Symantec to provide a comprehensive suite of identity proofing and authentication services that supports the National Institute of Standards and Technology's (NIST) Electronic Authentication Guideline (Special Publication 800-63), which provides technical requirements for each of four authentication levels of assurance that are intended to parallel the levels of transactional risk.
The two companies have created a solution that supports NIST Levels 1 through 3 requirements and is available now for government agencies, health care and financial services organizations. To minimize the risk of fraud when users conduct personal and sensitive transactions online, the solution combines Experian's risk-based identity proofing capabilities with the strong authentication capabilities of Symantec's VeriSign Identity Protection (VIP) Authentication Service.
Utilizing Experian's Precise IDSM platform, risk-based identity proofing encompasses highly predictive risk assessments through a combination of identity element verification, authentication, risk scoring and progressive out-of-wallet questioning to refine decisions about which identities should be allowed to enter a system and which identities should be denied access or further verified via alternate processes.
Symantec's VIP service is the leading cloud-based authentication service that enables enterprises to secure online access and transactions to help obtain compliance and reduce fraud risk. A fully hosted strong authentication Security as a Service (SaaS) solution, VIP offers a cost-effective way to give legitimate users access to business resources, enterprise applications and websites while protecting against cybercriminals. VIP provides an additional layer of protection beyond standard username and password by requiring a dynamic one-time use, six digit security code generated by a user's VIP credential.
"Experian is committed to security, and by working with Symantec we are able to leverage our combined expertise and provide our clients with an additional layer of security that will help them combat cyber security threats such as identity fraud, data breaches and unauthorized access to accounts while at the same time allowing well-intentioned users seamless access to online services," said Kerry Williams, group president of Experian Credit Services and Decision Analytics. "We are excited to be working with an industry leader such as Symantec that has a rich history of protecting its customers through its award-winning products and services."
By combining our authentication capabilities with Experian's identity proofing services, we will provide our customers with a trusted level of online transaction protection," said Atri Chatterjee, vice president of User Authentication at Symantec. "Government agencies, health care and financial services organizations that are looking to reduce costs and improve efficiency by transitioning manual processes online now have a compliant and comprehensive solution that will enable them to securely move sensitive transactions and data to the Web."
Key credentials The Experian and Symantec solution will further protect transactions and work seamlessly with existing business processes through the use of new credentialing capabilities that include the combination of online identity proofing and strong authentication. This feature ensures that the right person with the correct credentials is making a transaction. The solution also provides constituents within the government sector with the ability to self-register for an online account that makes online enrollment part of the credentialing process and ensures that the user's identity is properly validated.
How it works Once their identity is verified, users are able to create a login and password account that will require them to bind a Symantec strong authentication credential to the newly created account. For subsequent logins, users are required to submit their login account, password and VIP credential to gain access to their account. This process ensures that all of the necessary steps have been are taken to protect users' online transactions.
Meeting government needs For government agencies, the joint solution will enable secure access to a variety of online services, including e-government services that incorporate all digital interactions between government agencies and their constituents. In addition to authenticating users, protecting identities and securing transactions, the technology will secure agency data and improve customer satisfaction levels among constituents.
Experian and Symantec also will co-present on identity proofing and NIST 800-63 at the Safeguarding Health Information event that is being hosted by the HHS Office for Civil Rights (OCR) and the NIST at the Ronald Reagan Building and International Trade Center in Washington, D.C., on Tuesday, May 10, at 4:00 p.m. Eastern time. To learn more about the event, go to http://www.nist.gov/itl/csd/upload/HIPAA_Agenda.pdf.
About Experian Experian is the leading global information services company, providing data and analytical tools to clients in more than 65 countries. The company helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score and protect against identity theft.