RSA brings two-factor authentication to Android

EMC Corp.’s RSA security division has announced that it will release new software that lets enterprise workers use their Google Android-based smart phones to authenticate themselves on other business apps.

The RSA SecureID Software Token for Android will extend the company’s two-factor authentication technology, allowing the app to act as a SecureID authenticator. RSA’s two-factor authentication technology, which can be used to help users securely connect with several hundred different enterprise software products, requires staff to provide hardware or software tokens to access their business apps.

For example, when enterprise users are ready to log in to the corporate ERP system from their laptop, they can generate a one-time software token with their Android app that will enable them access. The passwords only last for 60 seconds and are rolled out via RSA’s Authentic Manager software.

While the app will be available for free on the Android Market later this month, users will only be able to use the tool as a second authentication token at enterprises that have deployed RSA’s Authentication Manager platform.

Rachael Stockton, manager of product marketing at RSA, said this functionality was highly demanded by existing RSA customers as the growth of Android in the enterprise world continues at a rapid pace. She added that the ubiquity of the smart phone in general makes it a perfect fit to host a software authentication token.

“People don’t forget their smart phones, so it lowers the support calls,” Stockton said. She added that workers would no longer have to call a support desk to get the one-time passcode or request a new SecureID card.

For users that misplace or lose their smart phones, Stockton said IT administrators will actually be able to take back the software tokens over the air and re-use them once the device is found or replaced.

She said this can help save money on authentication tokens and also works perfectly for enterprises that use a lot of contract or temporary workers.

The Android app is currently only supported on smart phone devices, with a release covering Android-based tablets planned for next year.

RSA released the same app for Apple iOS devices last year, a move that was applauded by some industry analysts.

“This aligns with consumerization of IT, where companies need to accommodate for these newer devices while maintaining the security of their existing systems,” said Scott Crawford, managing research director covering security and risk management at Enterprise Management Associates. “This becomes an opportunity to leverage the iPhone for strong authentication while generating a cost-effective asset.”

In addition to the SecureID Android app, RSA also announced a new software development kit for developers looking to embed SecureID two-factor authentication directly into Android apps. The SDK, which is free to all RSA Secured partners, will also be released later this month.

– With files from IDG News Service

Related Download
A Guide to Print Security for Canadian Organizations Sponsor: HP
A Guide to Print Security for Canadian Organizations
IT security vulnerabilities are a growing cause for concern for organizations trying to protect their data from printer breaches.
Register Now