Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/22/2009
03:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

VASCO Unveils DIGIPASS 855 Smart Card Reader

Solution comprises multiple authentication functionalities, connected and unconnected user modes and "what you see is what you sign" in one card reader

OAKBROOK TERRACE, Ill., and ZURICH, Switzerland, January 21st 2009 - VASCO Data Security International, Inc. (Nasdaq: VDSI) (www.vasco.com), a leading software security company specialising in authentication products, launches DIGIPASS(r) 855, a smart card reader offering multiple authentication functions combined with "What you see is what you sign" functionality. DIGIPASS 855 is the upgraded version of DIGIPASS 850. DIGIPASS 855 can be used for PKI-based authentication, digital signature, and access to corporate networks. It offers strong authentication for internet banking, telephone banking and e-commerce environments.

DIGIPASS 855 can be used both in a connected and unconnected mode. In unconnected mode it is an EMV-CAP reader and offers DIGIPASS One-Time password and e-signature capability, which can be used for any type of customized e-banking or e-commerce application. In USB connected mode, it offers DIGIPASS and EMV-CAP functionality with PIN entry, PIN change and signature capability. Next to that, applications can securely be downloaded onto the reader in connected mode.

For PKI-based authentication, secrets and keys are stored on a smart card. DIGIPASS 855 uses the chip card for cryptographic calculation. DIGIPASS 855 offers high speed communication between the card and the reader thanks to its high performance processor.

The combined use of a card reader and a smart card eliminates a number of security risks in case of loss or theft, since no secrets are stored inside the reader. The reader does not require any personalization per user as the reader is initialised on insertion of the smart card and made unique through the PIN code of the smart card. This makes DIGIPASS 855 extremely suitable for large-scale roll-outs to a vast group of end-users.

DIGIPASS 855 offers increased protection against online attacks. Information, such as the PIN-code is directly typed onto the reader's keyboard, as a result the PIN-code is not being used on the PC, which makes it more secure to perform transactions online. Next to that, the "what you see is what you sign" functionality ensures that transaction data are shown onto the reader's screen for confirmation prior to transaction signature. This prevents man-in-the-browser types of fraude.

DIGIPASS 855 is CCID compliant and can as a result be used with all popular operating systems, including Windows, Linux and Mac OS. It supports multiple languages and the behaviour of the function and controls keys can be customized to support a specific e-banking or e-commerce application.

"With DIGIPASS 855, VASCO again gives an answer to the ever increasing vulnerability of PC platforms in Internet environments. Static passwords no longer offer sufficient protection. By entering the PIN code on the pin pad of the DIGIPASS 855 and not on the computer keyboard increased security measures are in place to protect computer users against fraudulent abuse.", says Jan Valcke, President and COO at VASCO Data Security.

For more information, please visit: http://www.vasco.com/products/product.html?product=62 About VASCO VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security serving a customer base of approximately 8,000 companies in more than 100 countries, including more than 1,200 international financial institutions. VASCO's prime markets are the financial sector, enterprise security, e-commerce and e-government.

Forward Looking Statements Statements made in this news release that relate to future plans, events or performances are forward-looking statements. Any statement containing words such as "believes," "anticipates," "plans," "expects," "intended/meant," and similar words, is forward-looking, and these statements involve risks and uncertainties and are based on current expectations. Consequently, actual results could differ materially from the expectations expressed in these forward-looking statements.

Reference is made to the Company's public filings with the US Securities and Exchange Commission for further information regarding the Company and its operations.

This document may contain trademarks of VASCO Data Security International, Inc. and its subsidiaries, which include VASCO, the VASCO "V" design, DIGIPASS, VACMAN, aXs GUARD and IDENTIKEY.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-18629
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow an attacker to execute an unwanted binary during a exploited clone install. This requires creating a clone file and signing that file with a com...
CVE-2019-18628
PUBLISHED: 2021-03-04
Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200 allow a user with administrative privileges to turn off data encryption on the device, thus leaving it open to potential cryptographic information dis...
CVE-2021-21331
PUBLISHED: 2021-03-03
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive info...
CVE-2021-27940
PUBLISHED: 2021-03-03
resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.
CVE-2021-21312
PUBLISHED: 2021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/documen...