The RSA conference is underway in San Francisco, and the company running the show has unveiled a new version of its RSA Via solution that includes new authentication options for RSA Via Access. Overall the update finds a better balance between convenience and security
Conceptually, the RSA Via update is all about matching security level with the appropriate risk level in a given context. The solution is now designed to allow administrators to enable scalable security based on a variety of factors including what device is being used and the risk profile of the request. High risk requests, for instance, might require biometric authentication, while common, low risk requests might require less assurance and therefore allow for lower levels of user friction.
“Not all access needs the same level of assurance,” explains Jim Ducharme, Vice President of Engineering and Product Management, RSA. “Organizations need to focus on balancing the need to assure identity, while not sacrificing user convenience by taking a ‘one size fits all’ approach to authentication. RSA Via technology’s new capabilities align the various levels of risk associated with what a user is trying to access with the appropriate levels of assurance. This allows organizations to offer more innovative authentication options and help ensure there isn’t a tradeoff between security and user convenience.”
When it comes to authentication methods, RSA Via Access has expanded its list of supported modalities. The system already allowed for Touch ID fingerprint scanning and tap or shake authentication, but now it has expanded its scope to allow for Eyeprint verification from EyeVerify. Additionally, RSA Via Access is FIDO Certified, which allows it to support U2F (Universal Second Factor) authentication.
“I commend FIDO Alliance board member RSA for its investment in the development of FIDO standards, and this certified implementation of FIDO authentication for RSA Via Access,” commented Brett McDowell, Executive Director of the FIDO Alliance. “This adoption of FIDO by the widely recognized market leader in enterprise identity and authentication is a validation that FIDO is emerging as the preferred technology for strong authentication.”
According to a press release issued today, the new risk/assurance features will be available on the next RSA Via Access and RSA Via Lifecycle and Governance versions which will be released within first quarter 2016.
March 1, 2016 – by Peter B. Counter