Company staff can now get secure access to corporate networks straight from their Windows Phone. Intercede has announce virtual smart card (VSC) management – a form of authentication that uses inbuilt security – for Windows Phone. Intercede is a software company specialising in identity and credential management.
Companies need to verifying the identity of people attempt to access their networks and premises but usernames and passwords are insecure and awkward to use on mobile devices.
Virtual smart cards offer an alternative using two-factor authentication, the standard for secure access. The latest Windows-based devices now support two-factor authentication in the form of a virtual smart card managed by Intercede’s MyID technology.
MyID provides features that include key recovery, certificate renewal and revocation. Windows Phone 8 enables this because it comes with an inbuilt Trusted Platform Module – a secure element in the device – which is where keys for use in secure two-factor authentication with a virtual smart card are stored. The TPM is protected from hackers; the keys are never loaded in the operating system’s memory, meaning the VSC remains safe even if the phone itself is compromised.
“Mobile devices have always been seen more as a security risk than a security asset,” says Allen Storey, Product Director of Intercede. “But that’s because mobile security was typically based on a vulnerable form of ID verification – usernames and passwords.”
“Passwords simply do not provide high enough levels of security. They are easily cracked, lost or stolen; and in needing to be increasingly complex, they are also getting harder to remember and more inconvenient for the end user. By implementing two-factor authentication, organisations can immediately strengthen their network security and offer employees the convenience of accessing corporate resources with a simple PIN on the go.”