Wave Releases Beta Version of id.wave.com, a Hardware-Secured, Single Sign-on Identity Service for the Web
Lee, MA & Las Vegas, NV (Digital ID World, Booth #11) — September 15, 2009 — Wave Systems Corp. (NASDAQ: WAVX; www.wave.com) announced today the launch of id.wave.com, a new identity service that enables strong authentication and single sign-on to Web services and applications in the “cloud.” The service is available in beta form and will be demonstrated to prospective partners and industry insiders at this week’s Digital ID World Conference in Las Vegas, Sept. 15-16.
As Web-based applications and services increase in both number and importance, knowing who is on the other end of the cloud in a secure and private way is increasingly vital. Wave’s online identity service is designed to allow users to create a single, secure, user-friendly identity that is accepted at many websites including Facebook, Google and salesforce.com using OpenID and SAML. The id.wave.com service takes full advantage of the Trusted Platform Module (TPM) security chip to secure users’ authentication identities with keys held in the TPM.
To date, tens of millions of TPMs have shipped on enterprise-class PCs. Combining this installed base with the many sites that support OpenID and SAML has the potential to significantly improve Web service authentication. Users will benefit by not having to remember multiple passwords. IT benefits from an open standards solution to secure authentication credentials on the TPM, and by significantly reducing the ability for a user to lose control of his or her identity. The CIO benefits by knowing that only authorized users and authorized devices are connected to the organization’s cloud computing services, whether internal or external. Finally, users can log into their PC and the PC securely logs them into the sites where they have relationships.
“Wave is pleased to announce this new service, enabling the installed base of millions of TPMs to be able to access the websites that accept Open ID,” commented Steven Sprague, President and CEO of Wave Systems. “We believe id.wave.com is what many enterprises and consumers have been looking for—an open identity provisioning service that brings ease of use, privacy and takes advantage of the strong authentication and single sign-on hardware they already own.”
With an Open ID, a visited website (relying party) communicates with an identity provider and that provider then confirms the visitor’s identity to the website. Many sites participate in OpenID as an identity provider, relying party or both. Wave’s id.wave.com service integrates the OpenID standard with the TPM chip on the user’s machine to safely protect the user’s authentication credentials in hardware. The result is that the PC internally provides stronger, multi-factor authentication between the user and service providers—providing secure digital identities across the Web.
Wave’s EMBASSY® Remote Administration Server (ERAS) already provides enterprises with central policy control of remote TPMs. Should an employee be terminated, this control is designed to enable the enterprise to immediately revoke the employee’s OpenID or SAML access credentials to sensitive Websites.
Wave Positioned to Offer Hardware-Secured Identity Service
As one of the leading providers of TPM management software, Wave’s extensive software offerings work with the TPMs from the leading vendors and with all the TPMs on PCs that have shipped to date (an estimated 300 million and counting). Since early spring of this year, Wave has been working with TrustBearer Labs, an authentication solutions provider, in developing the id.wave.com service.
Last week, the government announced the “Open Identity for Open Government” initiative (see news release), with several government agencies agreeing to pilot the acceptance of industry identity credentials from a number of providers. Wave has agreed to participate in these pilots and has committed to demonstrating the value of implementing stronger authentication to more sensitive Web services.
In addition to demonstrating id.wave.com at this week’s conference, Wave will also be participating in the following sessions at Digital ID World:
•“Securing OpenID with Built-In Hardware Security” and “Device Authentication to the Network” – Wave Executive Vice President Lark Allen and CEO Steven Sprague will host two separate “Lunch ‘n Learn” sessions, one addressing each topic. [Tuesday, Sept. 15 at 11:30 a.m. -1:00 p.m.]• “Trends in Identity Management Solutions”—Wave CEO Steven Sprague will join Eric Olden, CEO of Symplified, in a break out session moderated by Eric Norlin, Conference Content Co-Chair. [Wednesday, Sept. 16, 2:05-2:55 p.m.]
•“Open, Secure Machine Identities for Clouds (and Brick and Mortar!) – Wave CEO Steven Sprague will lead an informational seminar on how a laptop or PC can be individually provisioned for access to sensitive services and data on the Web, offering ease of use and unparalleled security for the new models of SaaS and Cloud computing. [Wednesday, Sept. 16, 3:00-3:50 p.m.]For demonstration and meeting appointments at Digital ID World, contact Wave’s Executive Vice President Lark Allen at lallen@wavesys.com.
AI
