VeriSign Identity Protection Authentication Service
VeriSign's Identity Protection Authentication Service finished a close second in this category, with solid scores from readers on the security of its credentials and scalability. VeriSign's two-factor credential can be used across multiple sites; the credential is validated against VeriSign's shared infrastructure, meaning customers do not have to deploy an on-site server. Instead, they connect via SOAP-compliant Web services to VeriSign's network, reducing deployment costs.
VeriSign, like other authentication vendors, has benefited from a glut of regulatory activity mandating two-factor authentication, in particular the FFIEC guidance for online banking.
Product manager Jeff Burstein says VeriSign will concentrate development on new credential choices, including enhancements to its one-time password credit card form factor. Burstein explains that the card, built on OATH one-time password standards, fits into a consumer's wallet--preferable he says to early one-time password generators made of metal that were awkward to carry around.