Sophisticated hacking techniques have left businesses more vulnerable than ever while rendering traditional authentication methods inadequate to protect them. That’s why Wave Systems Corp. (NASDAQ: WAVX) today unveiled a new kind of virtual smart card that offers stronger authentication at significantly less cost than traditional second-factor authentication options.
A live webcast of the launch is available on wave.com at 2 p.m. EDT today.
The Wave Virtual Smart Card 2.0 is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7. It also supports Windows 8 and 8.1. Wave’s new solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, lower total cost of ownership, and a reduced risk of unauthorized use.
Businesses need to adopt virtual smart cards because today’s security landscape is riddled with data breaches, and recent hacks have shown that current authentication methods are flawed. Passwords are easy to crack, difficult to remember and expensive to manage. While tokens and physical smart cards may provide strong security, the costs to purchase, maintain and replace them when lost or damaged can quickly rise.
Organizations that deploy Wave Virtual Smart Card 2.0 gain the security of smart card authentication while eliminating the problem of lost or stolen tokens and physical smart cards, resulting in lower costs and fewer help desk incidents. Many large companies report that more than 30% of physical smart cards and tokens must be replaced each year. By switching to virtual smart cards, these companies can save those costs and often 50% or more on the total authentication solution.
How it works
The Wave solution conveniently provisions virtual smart cards to users’ devices from a central management server, using the Trusted Platform Module (TPM) security chip as the security foundation for each virtual smart card. The chip’s capabilities include the secure storage of credentials such as keys and certificates. These TPM chips have been shipping on most business computers for much of the last decade, with hundreds of millions shipped to date.
The Wave Virtual Smart Card 2.0 solution takes the user identity of the individual and binds it to the unique device identity generated by the TPM chip in the devices that are associated with that user. Even if a hacker were to gain access to the user’s valid user credentials, without the device ID credential from one of that user’s known and trusted devices, the authentication and access to the environment or application that they were trying to gain access to would be denied. This means that a hacker would have to gain physical control of the targeted user’s device, crack the security on the device, and then submit the valid user credentials from that device before its loss is noticed and its access is turned off.
Virtual Smart Card 2.0 enables the enterprise to easily provision, manage and support virtual smart cards for its users. Virtual smart cards provide an attractive and convenient path to increased security over usernames and passwords without the added costs of managing physical smart cards and smart card readers.
Wave Virtual Smart Card 2.0 gives IT the ability to:
- Remotely create and delete virtual smart cards
- Provide help desk-assisted recovery
- Configure PIN and card policies
- View the status of virtual smart cards and enrolled certificates
- Generate reports for compliance
- Support virtual smart cards on laptops, tablets and desktops with TPM 1.2 or TPM 2.0
“With Wave Virtual Smart Card 2.0, enterprises can avoid many of the headaches of traditional authentication technologies with the same security as using physical smart cards in a PKI environment,” said Bill Solms, CEO of Wave. “Virtual smart cards are less expensive to manage, easier and faster to deploy and effectively address the problem of lost or stolen tokens.”
“DMI has a long history working with Wave Systems to advance the state-of-the-art in IT security,” said Jay Sunny Bajaj, president and CEO of DMI, a global leader in enterprise mobile solutions and Wave Solutions Partner. “Wave’s new Virtual Smart Card 2.0 enables us to save our clients money, improve and future-proof their IT security, and enhance the user experience all at the same time.”
Wave’s virtual smart card solution can help organizations comply with key regulations such as PCI, HIPAA and FFIEC. Many of these regulations require organizations to implement two-factor authentication methods to verify users’ identities when remotely connecting to a network.
To learn more and to view today’s product release webinar (2 p.m. EDT), visit www.wave.com.