RSA and VeriSign Partner on Cloud-Based OTP ServiceBy Ericka Chickowski | Print
Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers
The software as a service (SaaS) solution allows channel partners to offer users managed, shared authentication to access multiple Websites through a one-time password (OTP) device.
VeriSign announced that it is teaming up with RSA to offer RSA SecurID hardware tokens as a means of second factor authentication in conjunction with the VeriSign Identity Protection (VIP) Authentication Service.
Sold both through VeriSign channel partners and direct, VIP is a cloud-based software-as-a-service (SaaS) solution that offers users managed, shared authentication to access multiple Websites through a one-time password (OTP) device. The deal with RSA allows VeriSign to leverage the RSA SecurID Authentication Engine under the hood, offering additional form-factor flexibility to VIP customers.
"The VIP service will now work with both VeriSign (OATH-based) and RSA SecurID tokens. It’s likely that customers can mix and match token types based upon their application support and price requirements," wrote Mark Diodati, analyst for Burton Group, in a recent analysis of the deal.
VeriSign reports that it will complete the integration necessary to transition to the new engine by December. In a quid pro quo move, RSA plans to then shift all of its authentication service customers participating in its RSA GoID program to the VIP Authentication, aiming for complete transfer by the end of second-quarter 2010. The symbiotic relationship will be augmented by a cross-sales agreement that will have VeriSign reselling RSA SecurID hardware tokens through its sales channels and RSA reselling VIP Authentication Service through its channels.
As Diodati explains, VeriSign and RSA have long sparred over the OTP market.
"The press release implies that the relationship between RSA and VeriSign has been co-operative and amicable. Don’t be fooled," he wrote. "In early 2005, VeriSign was the primary driver for the OATH industry group, expressly created to take on RSA’s 'cash cow'—its SecurID OTP business. Since that time, VeriSign aggressively pursued RSA’s SecurID customers and competes against RSA in the consumer authentication space."
In spite of past rivalries between the companies and a strategic coup gained by VeriSign in now being able to consolidate the SecurID technology into the VIP platform, Mary Monahan, managing partner with Javelin Strategy & Research, sees the new partnership as a win-win for the companies.
"The alliance of two powerhouses with the integration of RSA SecurID technology into VIP will strengthen their combined market leadership and work to increase the collective clout of both VeriSign and RSA," she said. Javelin recently rated both companies as Best in Class for multichannel authentication technology.