InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,306.04
(
0.02%
)
US TECH 100
18,387.60
(
0.38%
)
Dow Jones
38,852.86
(
-0.55%
)
Brent Oil
84.14
(
-0.23%
)
Bitcoin
68,620.01
(
0.48%
)

Replies to post #240694 on Wave Systems Corp. (fka WAVXQ)

Replies to #240694 on Wave Systems Corp. (fka WAVXQ)

RootOfTrust

01/30/15 12:46 PM

#240699 RE: 24601 #240694

24601...

While Wave's VSC 2.0 solution enables both device and user-based authentication, it competes directly in the enterprise user only authentication market where the leading vendors including RSA The Security Division of EMC, Vasco, SafeNet and CA Technologies supply mainly tokens-type solutions ie. hardware external authenticators (expensive to deploy and maintain) and their embedded software counterparts (spoofable).

To clarify, Wave's VSC 2.0 competes against primarily user authentication tokens including those provided by the market leading vendors referenced above. It turns out the market in which these solutions are sold is described by the "Gartner Magic Quadrant for User Authentication", however VSC 2.0 because it implements the TPM which is bound to the device is principally "device-based authentication" and only sequentially becomes "user-based authentication" after the TPM is bound to the device and users are permissioned to the device via the TPM. By contrast conventional authentication tokens such as an RSA SecureID are not bound to the device and as a result if an attacker spoofs the credentials they can gain access to the network via their own unauthorized device which can't happen with device-bound TPM-secured identity.

Securing both device and user identity in the TPM is inherently superior to any form of non-device bound user authentication, the only issue remaining is that TPMs are still not readily available on phones, however we know this has not prevented early deployers of the Wave VSC solution from moving forward on those devices which have TPMs ie. PCs including notebooks and some pads. In many cases the customer has deployed a separate MDM (Mobile Device Management) solution (now often software tokens ie. "phone-as-a-token") for their phones and consequently it's feasible to move forward with a VSC 2.0 on their non-phone devices.

User authentication tokens come in two varieties, external hardware tokens which are expensive to deploy and maintain, and embedded software tokens which while less expensive to deploy and maintain are more hackable than hardware toens, and Wave VSC 2.0 competes directly against both offering an ROI as a replacement solution.

http://next.wave.com/