Security Dynamics Technologies Inc. is offering a way to turn millions of hand-held computing devices into digital authentication tools.
Working with 3Com Corp.'s Palm Computing unit, Security Dynamics has developed software that lets Palm organizers take the place of the SecurID tokens commonly used in money transfer operations and other functions dependent on network security and access controls.
Security Dynamics, which has four million of its conventional SecurID products in circulation, is making a play for ubiquity. In February, in conjunction with Gemplus and its MPCOS operating system, Security Dynamics announced the 1100 series and 2100 series smart cards-lighter-weight alternatives for ensuring that a transaction is traceable to an authorized employee or customer.
Palm has captured more than 40% of the hand-held market, with more than three million devices in use, and its Palm VII generation is on the way.
"Their market share is strong, which is why we came into this market with Palm first," said Bill McQuaide, director of product marketing at Security Dynamics, which put its Palm version on the market this week.
Adapting for the Palm VII is still in the future, as the Bedford, Mass., security technology provider wanted to focus first on existing components of the Palm Computing Platform, Mr. McQuaide said.
Just as the new Palm product and competition in its field are expanding the market for such devices and sparking innovation, Security Dynamics is likely to extend its authentication offerings in collaboration with its RSA Data Security subsidiary, the leading provider of data encryption systems.
At RSA Data Security's annual conference in San Jose, Calif., in January, University of California computer scientist Ian Goldberg gave a presentation on how the Palm 3d could be used as a full-scale authentication token. He proposed a secure electronic mail application complete with cryptographic operations, suggesting it would be superior to, and obviate the need for, smart-card-based authentication.
For now, Security Dynamics' Palm enhancement centers on the random- number generation that adds a layer of security to personal identification numbers in what is known as two-factor authentication.
How higher technology might play into the strategy can be glimpsed in a Security Dynamics Web site demonstration. The software can be beamed using the Palm 3d's infrared capability.
Security Dynamics remains committed to developing a range of "form factors" to increase the locations and options available for two-factor authentication with SecurID and the related ACE/Server management software.
The smart card and Palm alternatives have joined a "family" that includes the standard SecurID card, a PIN pad version of the hardware, another in the form of a key fob, and software tokens for Microsoft Windows and NT operating systems.
More form factors are on the way, but Mr. McQuaide and SecurID product manager Merritt Maxim said they are not prepared to talk about them.
Microsoft Corp. and some of its allies have put forward the Windows CE operating system as an alternative to Palm's, and the competition could set off a round of device creativity.
As of now, "Palm products have become the biggest thing to happen in the information appliance space," mobile computing expert Andrew Seybold wrote in the latest issue of The Outlook, of which he is editor-in-chief. "This does not mean that Windows CE palm-size PCs will not do well."
A conference in the field, DemoMobile 99, opens this weekend in Coronado, Calif. In a sign of how far the personal digital assistant market has come from Apple Computer's ill-fated Newton, a start-up company, Proxinet, will be introducing software that enables Internet content to be viewed on Palm and Windows CE devices.
AvantGo Inc. and the Online Anywhere division of Motorola Inc. are among others offering similar technology.
"Our strategy and goal are to make SecurID ubiquitous," Mr. McQuaide said. "This is certain to bring strong authentication into new environments and enhance ACE/Server. The key for us is that by offering customers a range of choices, they can take full advantage of what is in the marketplace and we can extend our lead."
Easy one-time installation and connection to any ACE/Server system make the Palm offering ideal for companies with data bases that are updated periodically by remote salespeople or other employees via network connections, Mr. Maxim said.
"Alongside a standard hardware or software token or smart card, the Palm operating system or any diverse form factor would be centrally managed" with ACE/Server, he said.
Mr. Maxim pointed out that with technological advances, hand-held devices that started out as simple data organizers have become full-fledged computers, especially popular among employees of the large corporations that are buying better data security.
"We're very encouraged and excited by the opportunities we see to make Palm devices an enterprise-level security solution with the strong authentication that businesses need," said Marc Bercow, Palm Computing's vice president of strategic alliances and platform development.
"Some analysts have talked about device chaos," Mr. Maxim said. "This means one less thing to carry or worry about."
Security Dynamics Technologies and a rival maker of authentication devices, Vasco Data Security Inc., announced Tuesday that they had settled legal claims against each other filed last year in federal court in Massachusetts.
The settlement also pertained to a dispute between Vasco and Security Dynamics' encryption technology subsidiary, RSA Data Security Inc. of San Mateo, Calif.
Security Dynamics charged that Vasco's Digipass 300 and Digipass 500 violated patents for two-factor authentication systems. Security Dynamics' SecurID is the leading product in the field, with four million users, and Oakbrook Terrace, Ill.-based Vasco said it has sold 2.6 million Digipasses.
The devices generate random code numbers that bolster the security afforded by personal identification numbers.
Under terms of the confidential settlement, the companies did not elaborate on a statement that "they are pleased that this matter has been resolved."
"We both intend to get back to the market and not let this be a distraction," said Vasco spokesman Mike Lange.
