USB key adds physical element to enhance data security
September 28, 2007 Where credit card and banking information is being processed, user authentication, accountability and data security are of paramount importance. The iKey 4000 is a USB device that authorized users carry with them at all times in order to gain access to secure systems. It adds an extra factor to the access control puzzle – you need to both have the physical key and know the correct password to get in, thus satisfying the highest Payment Card Industry security protocols.
We wrote recently about a USB key that protects its own contents with a touch-pad keylock – here’s a different device that enforces the highest levels of data security for environments where highly sensitive data like credit card details or classified information are being dealt with. SafeNet recently announced the availability of the iKey 4000 USB token, the world’s strongest available hardware authentication solution for safeguarding data against unauthorized access. The iKey 4000 meets the Payment Card Industry Data Security Standards (PCI DSS) requirements.
The PCI DSS outlines security requirements for all organizations that process, transmit, or store cardholder data. Those requirements include restricting access to credit card, and assigning a unique digital ID to each person with computer access. Compliance deadlines are September 30 for Level One merchants, and December 31 for Level Two merchants. Non compliant merchants face hefty fines and put their organization in danger of security breaches.
“Organizations that use payment card processes are under extreme pressure to protect the information they handle, as well as meet industry compliance mandates,” said Andy Solterbeck, vice president of Product Management, SafeNet. “Given its stronger protection, versatility and usability, the iKey 4000 provides them with added benefits over prior solutions and gives them a way to meet and exceed their security and compliance needs.”
Implementing access control measures by merchants is necessary so that their data can only be accessed by authorized personnel. USB tokens cryptographically store digital IDs like passwords, keys, certificates, or biometrics. Such tokens are the preferred method for positive employee identification because private information never leaves the device and is protected by two-factor authentication—something you have (the token) and something you know (password). Tokens require users to authenticate themselves before initiating any security functions, ensuring that only authorized users are accessing information.
Building on the global standard of token security previously established by the SafeNet iKey 2032, the iKey 4000 provides unprecedented security by utilizing Advanced Encryption System (AES), a powerful encryption technology that enables two-factor authentication. In addition, its hardware-based key generation, key storage, encryption and digital signing provide unparalleled security to client applications.
The iKey 4000 enables VPN authentication, e-mail encryption, digital signatures and many other PKI-enabled applications from leading vendors. SafeNet’s iKey 4000 USB Token supports PKCS #11, Microsoft CryptoAPI, and Apple Native PC/SC for easy integration into custom applications. iKey 4000 is designed to meet FIPS Level-3 and Common Criteria standards.