Portable Device protects sensitive information online.

Press Release Summary:



Available for USB smart drives, ID Tool ToGo(TM) protects customers of banks, retail, and healthcare organizations from online identity theft and fraud as well as man-in-the-middle phishing and man-in-the-browser attacks. Multi-use device also lets users store and transport music, photos, and data. When user connects ID Tool ToGo, it automatically launches Web browser and ID Tool from USB smart drive. User enters username and password, and is securely logged into Web application.



Original Press Release:



TriCipher Takes Identity Theft Prevention Mobile with Affordable, Portable Man-in-the-Middle Protection



ID Tool ToGo Combines Convenience with Multifactor Authentication Superior to Tokens, Smartcards and Biometrics

LOS GATOS, Calif., June 14 /-- TriCipher, the leading provider of multifactor authentication solutions that protect online users against fraud and identity theft, today introduced ID Tool ToGo(TM) -- the first portable, low-cost solution for protecting sensitive information online, that can be delivered on a multi-use device.

ID Tool ToGo protects bank, retail and healthcare organizations' customers from online identity theft, fraud and emerging threats like man-in-the-middle (MITM) phishing and man-in-the-browser (MITB) attacks. Available today for USB smart drives, ID Tool ToGo provides consumers a branded, portable, convenient, multi-use device, overcoming cost, technology and familiarity concerns common to smartcards, biometrics and tokens.

TriCipher's ID Tool ToGo, combined with its patented public-key infrastructure (PKI) technology, gives companies a far more affordable and secure alternative to expensive one-time password (OTP) tokens, smartcards, or biometric devices, which can cost $50 or more per user each year -- and are vulnerable to MITM and MITB attacks. In addition, ID Tool ToGo delivered on a USB smart drive provides value beyond securing personal information online; it allows users to store and transport music, photos and data.

TriCipher will offer companies "customer self-provisioning" so customers can download the ID Tool ToGo onto their own devices. TriCipher is working to bring ID Tool ToGo to other multi-use devices.

"To move more business online, banks, retailers and healthcare organizations must increase the strength of identity protection, while attacking cost and user convenience barriers," said John De Santis, TriCipher's CEO. "ID Tool ToGo is the first low-cost, convenient solution to give customers new freedom and unprecedented security, eliminating exposure to sophisticated man-in-the-middle attacks designed to con ever more online users."

The Evolution of Fraud and Identity Theft Attacks

Cyber criminals have evolved their elementary phishing tactics to integrate MITM attacks, which circumvent virtually every customer authentication method.

According to Gartner's September 2006 report Transaction Verification Complements Fraud Detection and Stronger Authentication, by Gartner Research VPs Avivah Litan and Ant Allan, "They usurp or 'piggyback' on legitimate user access to the bank's Web site and will succeed no matter how strong the authentication method. While the incidence of such attacks remains low, we expect that this will increase significantly within the next two to three years. To protect against more-sophisticated attacks, additional safeguards are required."(1)

For more information on MITM attacks, download the whitepaper, The Perfect Storm: Man in the Middle Phishing Kits, Weak Authentication and Organized Criminals (http://www.tricipher.com/landing_pages/spotlight_offer.html)

ID Tool ToGo in a USB Smart Drive
ID Tool ToGo thwarts MITM attacks by preventing hackers from accessing the credential, or "following" users into a legitimate session. One part of the user's credential is generated from ID Tool ToGo, and the other portion is stored on TriCipher's appliance. When a user connects ID Tool ToGo, it automatically launches a Web browser and TriCipher's ID Tool from the USB smart drive. The user enters a username and password, and is securely logged into the Web application.

According to a recent Gartner Dataquest report, 142.75 million USB devices will be sold worldwide in 2007(2). Banks, retailers and healthcare organizations can offer custom branded ID Tool ToGo USB smart drives to their customers or a software download for use with any off-the-shelf USB smart drive. This helps avoid costly, single-purpose tokens, biometric devices and smart cards -- increasing security and improving customer loyalty while lowering multifactor authentication costs by 80 percent or more.

ID Tool ToGo can also integrate with higher levels of authentication on the TriCipher Authentication Ladder(TM). The technology can also combine with forthcoming transaction authentication technology, enabling users to guarantee that their online activities are safe from the next generation of hacker attacks.

Banks Reap Biggest Rewards
ID Tool ToGo enables stronger security, and gives banks in particular significant competitive advantages. According to the TriCipher Consumer Online Banking Study, the banking industry could increase profitability by $8.3 billion through increased online banking adoption and customer loyalty. If offered identity protection software, 62% -- or 102 million -- U.S. online consumers would download and use identity protection software from their financial institution. Banks offering identity protection software would open the door to 31 million new customers who do not currently bank online, and another 39 million online users would likely increase their online banking activity.

ID Tool ToGo is available immediately.

About TriCipher
TriCipher, Inc. provides a unified authentication infrastructure to protect the B2B and B2C online channel against fraud and identity theft. The TriCipher Armored Credential System(TM) (TACS) is the first authentication system that enables companies to deploy and manage multiple types of credentials from a single infrastructure. Through this flexible "Authentication Ladder," TriCipher protects customer investment by adjusting authentication strength to defeat new threats and to meet regulatory changes without the need to implement a new infrastructure. Founded in 2000, TriCipher is headquartered in Los Gatos, Calif. The company is funded by ArrowPath Venture Capital, Intel Capital, RBC Technology Ventures, Trident Capital, and Wasatch Venture Fund. For more information, visit TriCipher on the web at http://www.tricipher.com/.

(1)Gartner, Inc., Transaction Verification Complements Fraud Detection and Stronger Authentication, by Avivah Litan and Ant Allan, 12 September 2006

(2)Gartner, Inc., Semiconductor Forecast Database: 2Q07 Update, by Joseph Unsworth, 30 May 2007

Web site: http://www.tricipher.com/

All Topics