Valimo Signs Elisa to Offer Mobile Identification in Finland and Estonia
Valimo, the Finnish mobile identification service provider, has signed agreement with the second largest Finnish mobile operator Elisa. The agreement allows Elisa's 2.5 million mobile customers in Finland and another 340 000 in Estonia to use mobile phone as everyday electronic identification method. With Valimo's solution the customers can login to internet services with a single PIN code, and also digitally sign documents. Thus mobile phone can replace web banking credentials now used extensively for secure identification in the region.
Valimo develops software to secure and perform transactions in both mobile and fixed network environments, offering solutions for digital signing, authentication, and validation. Valimo's service uses PKI (Public Key Infrastructure) and works on all handsets and devices, which use a SIM card as the user's secret key is stored on the card. Identification or confirmation request is sent onto the user's screen, and the user will use his/her own PIN code to verify. The service requires country specific registration of the person's identity and the SIM card. In Finland the registration is done by the police authorities.
Valimo's services have been well received , and the company recently announced the the Turkish operator Turkcell's customers recently exceeding 1,8 million mobile transactions.
Yubico Offers Master Key To Web
Yubico is a Swedish American security startup, founded in 2007 and based in Stockholm Sweden and Sunnyvale CA.
Yubico's mission is to "make Internet identification secure, easy, and affordable for everyone". The firm offers a physical token called YubiKey, which can be used for secure identification to web services.
The device is a simple one-button USB keyboard designed to generate a unique user identity and a one-time passcode, which will be sent to the PC as keyboard characters, thus saving the user from typing. When submitting the web form with the passcode, the information is verifed against the security provider’s authentication server. YubiKey can also be combined with a PIN or password for two-factor authentication.
YubiKey has quite good differentiating benefits compared to competing solutions. It also doesn't require any client software or installation, and thus works on any USB-enabled computer. YubiKey can currently be used with any website supporting OpenID. At the moment other possible uses include Windows login, Wordpress, Web single sign on, OpenVPN, Phpbb Forum, and Windows ActiveDirectory. Yubico has a developer community working on gradually spreading the support.
The company states the product suits perfectly any high security web-based application where fast and frequent online authentication is needed, for example government services and financial transactions as well as different purchases. According to their own words they aim to serve everyone from individuals to large corporations and the web community (which sounds ok for a universal security solution provider, though somewhat unfocused for a startup).
Yubico sells the YubiKey hardware online for quite an affordable price of 30 USD and offers the basic SDK under open source, to enable building customized authentication services. They also run their own validation servers and offer the service for subscription.
