Authentify Inc. awarded contract to provide automated provisioning application for Department of Defense PKI project.
Chicago, IL - February 23, 2004 - Authentify, Inc., a leading vendor of automated authentication solutions for conducting business more securely over the Internet has announced that it has been awarded a contract to supply a provisioning application to the National Security Agency. The acquisition is in support of the Department of Defense Public Key Infrastructure (DoD PKI) initiative. The automated application will help online users register for and activate their digital certificates more quickly and at less expense.
The DoD PKI is the technology infrastructure to support critical DOD applications with public key certificates. These applications afford confidentiality and authentication to communications or network transactions, as well as verification of the data integrity and non-repudiation of these transactions. The National Security Agency (NSA) is responsible for the authentication policies and practices used to issue the digital certificates under the DoD PKI program.
Chicago based Authentify, Inc. will provide a custom implementation of its Authentify® authentication platform which tightly binds automated outbound telephone calls to an online users Internet session. The Authentify process provides an interactive, out-of-band mechanism to ensure a certificate has been delivered to the intended party. During the automated telephone call, Authentify also delivers automated audio instructions to coordinate the user’s onscreen installation and activation instructions for their digital certificate.
“The NSA liked the fact that the application adds an authentication layer by employing an existing infrastructure – the telephone network,” according to John Zurawski, Authentify’s Vice President of Sales and Marketing. “It also relieves some of the load on the specialized PKI help desk by “talking” the user through the certificate installation process. The ROI from that element alone was compelling for the NSA.”
Authentify specializes in an authentication technique that works well for large and remote user communities. In successful consumer applications, Authentify has shown that the ability to control a particular computer and a particular telephone at an auditable point in time is a strong deterrent to identity theft. The recipients of certificates issued under the DoD PKI represent another large and often remote user community – a community with needs for connectivity and security that fit well with Authentify’s expertise. The contract is the first DoD contract for Authentify. Authentify has implemented authentication solutions in PKI projects for corporate clients including Hewlett Packard, Verisign, Digital Signature Trust, and GeoTrust.
Authentify Inc, is a closely held private company. Financial terms of the contract have not disclosed.
About Authentify
For companies that rely on the Internet to provide access to and conduct transactions for customers, employees and business partners, Authentify offers a convenient and engaging way to help make certain those companies know who they are dealing with online.
Authentify provides authentication services critical for online enrollment, account activation, e-signature and identity management applications. Authentify ensures undeniable interactive contact, out-of-band, with a specific online user, yet requires no special software or hardware. Authentify's approach, tightly binds a telephone call to an Internet session, utilizes an existing infrastructure that people know how to use. The result, a low cost, but very effective way to strengthen security processes and deter identity theft, account takeover and other fraud.
Authentify first offered its services in March 2001 and today has more than a dozen customers including the likes of Hewlett Packard, Associated Bank, Verisign, PaymentOne, the Department of Defense and others. The Authentify telephony service center often places more than 5,000 calls per day most of which are used to confirm online transactions, or deliver forgotten PIN’s to an account holder, securely, over their telephone.
Authentify is privately held and based in Chicago, Illinois. There efforts to effectively combat identity theft earned them a 2003 Chicago Innovation Award in recognition of their approach. Authentify’s home on the Web is: http://www.authentify.com.
About DoD PKI
The DOD PKI provides the critical underpinning to the Department's Information Assurance (IA) capabilities and is a vital element in achieving a secure IA posture for the Defense Information Infrastructure (DII). A PKI is the mechanism to support critical DOD applications with public key certificates. These applications afford confidentiality and authentication to communications or network transactions, as well as verification of the data integrity and non-repudiation of these transactions. The DOD PKI PMO was formed in response to the Deputy Secretary of Defense DOD Memorandum - DOD Public Key Infrastructure (PKI), 6 May 1999.
Realizing that this infrastructure will require the concerted and coordinated efforts of every organization within the Department, the Assistant Secretary of Defense for Command, Control, Communications and Intelligence (ASD(C3I)) has assigned the National Security Agency (NSA) to be the Program Manager (PM) for the implementation of the DOD PKI, and the Defense Information Systems Agency (DISA) to serve as the Deputy Program Manager. NSA and DISA will jointly take responsibility for coordinating a DOD-wide implementation of the DOD PKI.
Editorial contacts:
John Zurawski
Authentify, Inc.
773.243.0328
john.zurawski@authentify.com
|
