Retail Technology
| Log in | Subscribe
Subscribe | Log in
Retail Technology
Subscribe

Internet software giant takes security into the cloud with extra authentication measures

Internet software giant takes security into the cloud with extra authentication measures

 

Google Apps this week launched two-factor authentication to verify a person's identity with a code sent to their mobile device.

 

The verification code is sent after entering a password via SMS, voice calls, or generated on an application installed on Android, BlackBerry or iPhone devices.

 

The step is designed to move beyond traditional security systems of web-based services that require people to sign in to their accounts with just a username and a password.

 

Referencing the secure socket layer (SSL) and security assertion markup language (SAML) integration required to enable its service, Eran Feigenbaum, Google Apps director of security, said the service would strengthen internet security as more transactions are carried out in the cloud.

 

Harnessing the power of mobile

 

“Two-step verification is built on an open standard designed to allow integration with other vendors’ authentication technologies in the future. We are also open sourcing our mobile authentication app so that companies can customize it as they see fit,” wrote Feigenbaum in a blog posting.

 

Marcus Ranum, chief security officer of Tenable Network Security, commented: "Two factor authentication is and always has been a crucial capability; what Google has done is wonderful because it isn't merely 'something you know + something you have' it's 'something you know + something you VALUE A LOT'.

 

“We've seen in the past that people are willing to give away an authentication credential in return for a chocolate bar, but most people are strongly acculturated to hang onto their phones. Even more importantly, a mobile phone is a high-value item, so a spammer would have to buy a new phone each time one of their accounts got shut down and the associated mobile phone got blacklisted. What that does is brings a high external cost into the equation. It's a very good move."