Wave Systems Corp. (fka WAVXQ)

[Genz2]

AT&T, Sprint, T-Mobile and Verizon Unveil First-Look at Future of Mobile Authentication

https://www.marketwatch.com/press-release/att-sprint-t-mobile-and-verizon-unveil-first-look-at-future-of-mobile-authentication-2018-09-12

LOS ANGELES, Sept. 12, 2018 /PRNewswire/ -- The Mobile Authentication Taskforce, comprised of AT&T, Sprint, T-Mobile and Verizon, gives a first look at its authentication solution that is less dependent on passwords to secure user accounts. The demo of the taskforce's solution debuts today at Mobile World Congress Americas 2018.

Developed collaboratively by the four largest U.S. wireless carriers, the prototype reveals the taskforce's approach to multi-factor authentication, which combines the carriers' proprietary, network-based authentication capabilities with other methods to verify a user's identity. Once the user signs up and provides consent, the solution then generates a device-based ID that serves as the user profile at the center of the authentication process.

"This initiative expands upon our global operator initiative, Mobile Connect, to bring standardized authentication and identity services to the US market," said Alex Sinclair, Chief Technology Officer, GSMA. "The solution aims to deliver a seamless experience for service providers from many sectors, helping to drive rapid adoption and scale."

The demo features three test apps for Mobile World Congress Americas attendees to experience at the GSMA Innovation City. The authentication solution demo showcases the experience within mock-up banking, photo and social media apps. The three-day show is taking place in Los Angeles from Sept. 12-14, 2018.

Addressing user authentication-related risks could help safeguard consumers from attacks designed to acquire login credentials and mobile phone numbers for use in fraudulent schemes such as phishing and social engineering. It could also help provide businesses and consumers with extra layers of protection from identity theft, bank fraud, fraudulent purchases and data theft.

In conjunction with the prototype's unveiling, the taskforce also launched a website to engage and onboard developers at https://mobileauthtaskforce.com. Additionally, the four carriers are exploring opportunities to offer other products that could use this authentication technology.

For more information and guidance on joining the taskforce's community of developers, please visit https://mobileauthtaskforce.com. Experience a demonstration of the prototype at GSMA's Innovation City at The Los Angeles Convention Center, South Hall, S1346.
=================================================================
Wave Knowd Introduces New Model for Internet Authentication Without Passwords

https://www.wavesys.com/buzz/pr/wave-knowd-introduces-new-model-internet-authentication-without-passwords

Lee, MA -

May 9, 2013 -

Wave Systems Corp. (NASDAQ: WAVX), the Trusted Computing Company, today announced Wave Knowd, a new web service available for preview that significantly reduces the vulnerability and use of passwords by leveraging the unique identity of computing devices. With a simple integration of Wave Knowd, any website can establish reliable and consistent identity relationships with the devices its customers use most often for Internet services. Wave Knowd, which signifies “Known Devices,” is being tested by partners to provide the backbone for general purpose machine identity.

“The maturation of the web mandates a change in how we, and our computing devices, connect to the web,” said Steven Sprague, Wave CEO. “With cable television, satellite radio, bank kiosks and mobile phones, the service relationship is tied to the endpoint device. The web needs the security and simplicity of this same model, where our computing devices themselves play an added role in authentication. I access dozens of web services every day from the computer in my home office, and want those sites to know and trust my PC so they’ll stop continually asking me to log in. Wave Knowd enables that trust.”

To make web authentication stronger and simpler, Wave Knowd provides a new approach to signing on and accessing Cloud and Internet services. From online banking to business services and even consumer gaming, passwords are failing to provide a level of security that either service providers or users can trust. Knowd is built upon the concept that only known devices should ever access a protected network. Knowd incorporates all of your access and identity solutions together to establish a relationship of trust between users’ computing devices, and the web services they access.

“We interact online using so many devices now, but from a security perspective those devices aren’t all equal. Accessing medical records or confidential business files from my kid’s smartphone is certainly not as trustworthy as connecting from my business PC with an encrypted drive,” continued Mr. Sprague. “Wave Knowd is all about making the Web simpler and safer, and that new foundation of trust begins with known devices, and known capabilities.”

Once machine identity is established, any web site—from gaming, social networking or shopping; to banking, business and financial services—can use Wave Knowd to create a reliable and persistent identity for the connecting device. Knowd allows Web sites to streamline access for users who repeatedly log on from trusted devices, while bolstering security. Initial authentication creates a unique and anonymous relationship between each computing device and each web service accessed, and then the level of trust between the two grows over time. Knowing the device can also help the site prevent fraud and phishing, or simply provide quicker no-password access. Wave is the partner helping to create and manage these relationships.

“Wave Systems was the obvious choice to provide ID Dataweb’s attribute exchange with device identity services,” said David Coxe, CEO at ID Dataweb. “In Knowd, Wave has provided a system that is rooted in state of the art device security technologies such as the Trusted Platform Module and other secure elements, while also offering a simple web based integration. It’s easy to identify if a connecting device is highly trusted, or whether it requires added screening and security.”

ID Dataweb uses Wave’s Knowd solution as part of the Identity Ecosystem supported through a grant from the U.S. Department of Commerce’s National Institute of Standards and Technology’s NSTIC initiative (National Strategy for Trusted Identities in Cyberspace). ID Dataweb has created a standards-based platform to simplify online identity verification using OpenID credentials.

Providing the Tools to Manage Trust in the Cloud: What’s Your Trust Score?

Wave Knowd is a powerful enhancement for any website. The endpoint identity service links an individual users’ unique device identity, with the Internet services that are typically protected only by username and password access. Users are prompted by their cloud service provider to register their primary computing devices to create a unique and persistent device identity relationship with their Internet services and service providers. No personal ID information is obtained by Wave, as Knowd works purely as a machine identity service. Furthermore, registered devices are given a unique ID for every service provider, establishing a separate trust relationship with each service.

Wave Knowd asserts a Trust Score that helps both consumers and cloud services or relying parties to determine the level of trust granted to each specific computing device. For example, a home PC that is used regularly for banking will quickly build a high Trust Score. Users can achieve a higher Trust Score by installing a small software application (Wave Knowd currently supports Windows 7 and 8, with Apple and Android to follow later this year). Business-class PCs containing a standard Trusted Platform Module (TPM) can establish even greater trust by leveraging the TPM security chip to create and securely store a unique device ID.

Knowd provides a web service with a new capability to enable or disable features based on the device that the user is actively using, providing a new security option for the end user. Perhaps an account password can only be reset from the user’s registered home computer and not from anywhere in the world, thereby linking in all of the user’s investment in the security of their home, from their alarm system to the doorman. Every web service can benefit from integrating Wave Knowd as part of the user’s experience.
================================================================
The authentication in the first article was a prototype and reveals that Wave Knowd could be a good alternative that was tested under NSTIC. Wave Knowd (in retirement) works with all a user's devices. In other words, one platform for the user. Companies could prefer the 'Trust Score' over the authentication technology in this Alliance. Wave is ahead of its time and its Knowd solution appeared to be far ahead of the solution in the first article. imo. It would be nice if it was taken out of retirement.