|
|
|
|
vol. XVII no. 2
A second form of identity theft is directed at corporate espionage where identity thieves (or poachers) look to steal corporate data about product specifications, fiscal data, employee records or business-to-business customer files. While the term phishing is directed primarily at consumers, identity theft is a growing concern among today's governments and enterprises.
Ben Barnes, president and CEO of ActivCard, has a deterrent to those schemes. He heads one of the world's largest software companies focused on providing secure authentication software to enterprises and government agencies.
ActivCard offers fundamental technologies for global enterprises that among other features can close the Internet stream to phishers and corporate identity poachers. In the simplest explanation, its technology enables governments, banks and enterprises to authenticate the users of their networks, accounts and facilities to ensure that people are who they claim to be. "We mitigate risks to businesses, who in return mitigate risks to their employees and customers," Barnes says.
At the core, ActivCard's software manages enterprise access cards that consolidate employee credentials onto a single, secure smart card (with photo identification and a security device that enables secure access to networks). Network security software pioneered by ActivCard engineers empowers the smart card, which resembles a credit card in size and appearance. But rather than simplistic magnetic stripe technology, smart cards have embedded microprocessors that can securely hold information and perform cryptographic functions. Not only do they authenticate the identity of the cardholder, they also can store medical history, act as a credit or debit card, and allow access to buildings, all based on established credentials.
"Network digital identity management is one portion of what ActivCard provides. A consolidated, credentialed smart card environment offers you both network security inside and outside of the firewall as well as physical access security," says Barnes. "If you can't ensure that the people getting into the building or onto your network are the right people, you may have built a strong security system but left all the doors open."
When used in combination with a PIN, smart cards add a second level of security. The only way to fool the system is to steal the card and know the PIN.
ActivCard offers other enhanced security services as well, including an authentication, authorization and accounting (AAA) server that integrates into a company's existing network. The AAA server combines state-of-the-art wireless LAN (WLAN) security and a range of authentication technology, including static (or one-time) passwords, tokens, USB keys and smart cards. |
|
Robinson College of Business | Contact Robinson | Return to Fall 2004 Index Copyright ©
2004 Robinson College of Business/Georgia State University. |
Phishing ain't what it used to be. Instead of the traditional pole with hook and bait, these phishers use technology, and their pond is the World Wide Web. Their lures attract Internet users to phony web sites that look real. As consumers enter confidential information, scam artists use a keyboard sniffer to record keystrokes and gain access to personal accounts. In other words, they cast their line twice - first to steal a company's identity, then to steal consumers' credit identities. Phishers have successfully targeted some of America's largest corporations in recent schemes, including AOL, eBay, Yahoo, Amazon and PayPal.
