Jun 26th 2014

Windows Phone ready for business with MyID

25th June 2014: Organisations can now give their employees secure access to corporate networks and resources straight from their Windows Phone using Intercede’s MyID technology. Intercede, a secure identity specialist and member of the Microsoft Developer Programme, was today the first company to announce that it can provide virtual smart card (VSC) management – a form of authentication that uses a device’s inbuilt secure element – for Windows Phone 8.1.

One of the biggest security challenges faced by organisations today is verifying the identity of people and devices that attempt to access their networks, data and premises. Many firms rely on usernames and passwords but these are an inherently insecure form of authentication, while proving especially awkward to use on mobile devices.

Virtual smart cards offer a convenient alternative using two-factor authentication, the acknowledged standard for secure access. To date however, many organisations have been reluctant to deploy strong authentication because of the perceived costs and complexities of managing smart cards across the enterprise.

The latest Windows-based devices now support two-factor authentication in the form of a virtual smart card managed by Intercede’s MyID technology, enabling organisations to verify the identity of employees accessing sensitive company information from their Windows Phone 8.1. MyID provides all of the lifecycle management features required to effectively implement large-scale credential roll-outs, including key recovery, certificate renewal and revocation. By effectively binding a person to their virtual smart card, MyID provides the chain of trust that is vital to ensure that the user is who they claim to be and that the credential on the virtual smart card can be trusted.

Windows Phone 8.1 comes with an inbuilt Trusted Platform Module (TPM) – a secure element within the device – which is where keys for use in secure two-factor authentication with a virtual smart card are stored. The TPM is protected from hackers; the keys are never loaded in the operating system’s memory, meaning the VSC remains safe even if the phone itself is compromised.

“Mobile devices have always been seen more as a security risk than a security asset,” said Allen Storey, Product Director of Intercede. “But that’s because mobile security was typically based on a vulnerable form of ID verification – usernames and passwords.”

“Passwords simply do not provide high enough levels of security. They are easily cracked, lost or stolen; and in needing to be increasingly complex, they are also getting harder to remember and more inconvenient for the end user. By implementing two-factor authentication, organisations can immediately strengthen their network security and offer employees the convenience of accessing corporate resources with a simple PIN on the go.”