SSL Certificates

What are secure websites and why SSL certificates are ?

As a business owner with online websites, ecommerce applications or other services that require secure login by your customers, you understand how important it is to protect customer information. Information including credit card numbers, personal addresses, and other "personally identifiable information" (PII). Not only is it important to protect this information, but it's also important that access to sensitive areas of your website is protected against users you don't trust.

How do you implement secure, trusted access to web applications for your customers, using cell phones, two-factor authentication and strong identity management? In more simple terms, how can you most easily establish a strong "trust" with an online customer who wants to buy your products or services?

The definition of "trust" is part reliance, and part confidence, in the characteristics of something. To establish a trusted relationship with you, online customers need to show, using a very reliable and proven method, proof that they are who they say they are. The way they demonstrate their identity to you, has to result in the level of confidence you need to let them through. A very good way of establishing trust is to use a concept known as "two factor authentication".

Two factor authentication is a process where a website user provides two different credentials, or two kinds of identification, to access the site. One kind of identification might be something you know, like a strong ID and password combination. A second kind of identification might be something you have or get, like another secret word or code that's generated by another security device - or perhaps your own fingerprint. In the movies, for those high-tech laboratories, usually someone types in a number on a keypad, and then a camera scans their eye or hand...that's two-factor authentication at work (and no, it's no longer science fiction at all!).

What's problematic for many typical website owners is that strong identity management using two factor authentication is normally a very expensive proposition. Setting up a userid/password system is easy enough, but enabling many customers to provide a second "factor" (like a fingerprint, or secret code generated from a "key token") typically means a lot of extra, costly technology - and possibly distribution of the technology to end-users. That's simply not practical for typical businesses to implement and manage.

A new and much more reasonable method of achieving Two Factor Authentication is now on the market, from award-winning companies like Anakam Inc. This method doesn't use new or additional, expensive technology, but instead can use mobile devices everyone already uses - like cellphones. Strong identity management with cell phones is enabled via text messaging, voice delivery of a PIN, or voice biometric verification. Per the Anakam website, their products achieve full compliance with NIST Level 3, are scalable to millions of users, cost less than hard tokens or smart codes, are installable in the enterprise (i.e. your company and its website) without added client hardware/software, and are easy to use (all you have to do is answer a phone call or read a text message)...... it's an increasingly popular method, easy to support, and very low cost.
Therefore, if you own or operate a website with very sensitive, protected information, and want to keep it that way in the face of increasing levels of hacking and privacy theft, consider implementing a solution such as Anakam's two-factor authentication as a "tokenless" strong identity management technique.