nCipher Security Integration Available From StriataPublished on 01 Mar 2004
Striata, has further enhanced its electronic communication security capabilities by providing integration into nCipher hardware-based digital certificate security devices.
Says Nic Ramage, Striata Chief Technology Officer, “A significant increase in fraudulent activity known as ‘phishing’ has caused a great deal of uncertainty and anxiety amongst recipients of electronic communication. The potential for identity fraud on electronic channels is a real risk and prompt measures need to be introduced to eliminate deception.”
‘Phishing’ involves a recipient receiving an email requesting them to update their customer details. When they click on the provided link, they are routed to a ‘spoofed’ website where they are requested to submit their confidential information in order to update their records. The perpetrators then capture this information and later use it for fraudulent activities.
According to Ramage, the incorporation of a digital certificate into email communication adds another layer of security in the battle against online fraud.
“Striata have integrated our digital certificate signing capabilities with nCipher’s Hardware Security Module (HSM) to protect the digital certificate at a hardware level while providing authentication, non-repudiation, and alteration alerts.” says Ramage.
nCipher is a leading developer of Internet security products that assist e-businesses in solving the challenges of information security, systems scalability and processing speed in electronic commerce and public key infrastructure applications.
By digitally signing an email, the sender is able to assure the recipient of the authenticity of the sender and notify the recipient if the email has been changed from the original. This eliminates the risk of an email being ‘spoofed’ by someone masquerading as a trusted service provider, as well as the risk of an email being tampered with in transit.
Experts believe that digitally signed emails will become the norm for business-to-business and business-to-consumer email communication. Already in Europe, all invoices sent by electronic means will only be accepted by Member States, provided that the authenticity of the origin and integrity of the contents are guaranteed by means of an advanced electronic signature based on a qualified certificate and created by a secure-signature-creation device.
“However,” says Ramage, “realising the value of digital certificates will require a re-education of email users in order to capitalise on the security benefits. Users will need to be aware of what a certificate ensures, and how to know if a certificate is invalid. They will also need to know what a certificate does not do.”
For organisations that require the utmost security to protect their brand, business and customers, hardware-based digital certificate products like those available from nCipher is a critical consideration.
“By enabling the integration of this product into our eMarketing and eBilling distribution module, we have further assisted users of our Application Platform to protect their intellectual property, authenticate and secure their email communication, while also ensuring the integrity and privacy of customer information, and minimizing their risk.” says Ramage.
To view a digitally signed email send a blank email to: firstname.lastname@example.org
nCipher is redefining cryptographic security to protect points of risk across the enterprise – from network appliances to Web servers, to custom software applications and back-end databases. nCipher provides hardware and software solutions that enable organizations to implement best practice security by addressing the challenges of cryptographic key management and performance. Many of the world’s leading organizations – from Microsoft and Barclays Bank to PricewaterhouseCoopers and the U.S. Navy – rely on nCipher to deliver a sound e-security infrastructure. nCipher’s products are particularly well suited to organizations with high volumes of security-sensitive transactions, such as banking and financial institutions, government departments, e-retailers and online service providers. nCipher is listed on the London Stock Exchange (LSE:NCH) and is a member of the FTSE TechMARK and FTSE4Good indices with offices in Cambridge, UK; Boston, Seattle, Paris, Hamburg, Singapore and Tokyo.
For more information on nCipher, visit www.ncipher.com.