RSA SecurID: A Primer

Tokens Traditionally Used to Achieve MultiFactor Authentication
RSA SecurID: A Primer
Editor's Note: RSA's surprising announcement of a cyberattack targeting its SecurID multifactor authentication products prompts this overview of what RSA SecurID is and what it does.

RSA SecurID is a multifactor authentication solution based on standard industry requirements for "something you know," such as a password or PIN, "something you have," like a token, and/or "something you are," like biometrics. SecurID is widely used and regarded as the pioneer product of hardware and software token authentication.

Since RSA SecurID's introduction into market, other token solutions have emerged, mimicking the standard set by RSA, says Josh Corman, research director of enterprise security at analyst firm The 451 Group.

More mature risk management programs and industries have long adopted the use of hardware tokens, Corman says. Government agencies, pharmaceutical companies, financial services and healthcare organizations are just a few examples. "Tons of people use them," he says. "Anyone who is considered to have a higher risk of exposure uses tokens."

SecurID tokens are available for software and hardware, and are most often used as second-factor authentication for securing VPNs and WLANs, e-mail, intranets and extranets, desktops and Web servers.

On the software side, SecurID provides two-factor authentication for personal devices, with support for up to 10 software tokens on one device. On the hardware side, SecurID provides two-factor authentication based on patented time-synchronization technology, which generates a one-time authentication code that changes every 60 seconds.

According to RSA, "RSA SecurID is the authentication choice of over 25,000 customers worldwide."


About the Author

Tracy Kitten

Tracy Kitten

Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years' experience, she covered the financial sector for 10+ years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.