Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

1/22/2009
03:19 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

VASCO Unveils DIGIPASS 855 Smart Card Reader

Solution comprises multiple authentication functionalities, connected and unconnected user modes and "what you see is what you sign" in one card reader

OAKBROOK TERRACE, Ill., and ZURICH, Switzerland, January 21st 2009 - VASCO Data Security International, Inc. (Nasdaq: VDSI) (www.vasco.com), a leading software security company specialising in authentication products, launches DIGIPASS(r) 855, a smart card reader offering multiple authentication functions combined with "What you see is what you sign" functionality. DIGIPASS 855 is the upgraded version of DIGIPASS 850. DIGIPASS 855 can be used for PKI-based authentication, digital signature, and access to corporate networks. It offers strong authentication for internet banking, telephone banking and e-commerce environments.

DIGIPASS 855 can be used both in a connected and unconnected mode. In unconnected mode it is an EMV-CAP reader and offers DIGIPASS One-Time password and e-signature capability, which can be used for any type of customized e-banking or e-commerce application. In USB connected mode, it offers DIGIPASS and EMV-CAP functionality with PIN entry, PIN change and signature capability. Next to that, applications can securely be downloaded onto the reader in connected mode.

For PKI-based authentication, secrets and keys are stored on a smart card. DIGIPASS 855 uses the chip card for cryptographic calculation. DIGIPASS 855 offers high speed communication between the card and the reader thanks to its high performance processor.

The combined use of a card reader and a smart card eliminates a number of security risks in case of loss or theft, since no secrets are stored inside the reader. The reader does not require any personalization per user as the reader is initialised on insertion of the smart card and made unique through the PIN code of the smart card. This makes DIGIPASS 855 extremely suitable for large-scale roll-outs to a vast group of end-users.

DIGIPASS 855 offers increased protection against online attacks. Information, such as the PIN-code is directly typed onto the reader's keyboard, as a result the PIN-code is not being used on the PC, which makes it more secure to perform transactions online. Next to that, the "what you see is what you sign" functionality ensures that transaction data are shown onto the reader's screen for confirmation prior to transaction signature. This prevents man-in-the-browser types of fraude.

DIGIPASS 855 is CCID compliant and can as a result be used with all popular operating systems, including Windows, Linux and Mac OS. It supports multiple languages and the behaviour of the function and controls keys can be customized to support a specific e-banking or e-commerce application.

"With DIGIPASS 855, VASCO again gives an answer to the ever increasing vulnerability of PC platforms in Internet environments. Static passwords no longer offer sufficient protection. By entering the PIN code on the pin pad of the DIGIPASS 855 and not on the computer keyboard increased security measures are in place to protect computer users against fraudulent abuse.", says Jan Valcke, President and COO at VASCO Data Security.

For more information, please visit: http://www.vasco.com/products/product.html?product=62 About VASCO VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security serving a customer base of approximately 8,000 companies in more than 100 countries, including more than 1,200 international financial institutions. VASCO's prime markets are the financial sector, enterprise security, e-commerce and e-government.

Forward Looking Statements Statements made in this news release that relate to future plans, events or performances are forward-looking statements. Any statement containing words such as "believes," "anticipates," "plans," "expects," "intended/meant," and similar words, is forward-looking, and these statements involve risks and uncertainties and are based on current expectations. Consequently, actual results could differ materially from the expectations expressed in these forward-looking statements.

Reference is made to the Company's public filings with the US Securities and Exchange Commission for further information regarding the Company and its operations.

This document may contain trademarks of VASCO Data Security International, Inc. and its subsidiaries, which include VASCO, the VASCO "V" design, DIGIPASS, VACMAN, aXs GUARD and IDENTIKEY.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 10/23/2020
Russian Military Officers Unmasked, Indicted for High-Profile Cyberattack Campaigns
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/19/2020
Modern Day Insider Threat: Network Bugs That Are Stealing Your Data
David Pearson, Principal Threat Researcher,  10/21/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27187
PUBLISHED: 2020-10-26
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related command...
CVE-2020-7752
PUBLISHED: 2020-10-26
This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl's parameters to overwrite Javascript files and then execute any OS commands.
CVE-2020-7127
PUBLISHED: 2020-10-26
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
CVE-2020-7196
PUBLISHED: 2020-10-26
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the ur...
CVE-2020-7197
PUBLISHED: 2020-10-26
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* U...