Officials of Rainbow Technologies Inc. said they are surprised and overwhelmed by the positive reaction to i-Key, a security device it is offering as an alternative to smart cards.
Like others in the digital security field, the Irvine, Calif., company has encountered a sudden run-up in demand for products that help secure information, commerce, and communications on the Internet.
The i-Key, introduced in January, was a beneficiary. Interest was so strong that "we had to go to management for more resources, and we doubled our ad budgets," said Rod Mann, director of worldwide marketing.
Rainbow apparently struck a chord by transforming the smart card with 8K of memory and certain cryptographic functions into a thin, oblong device about 2.5 inches long that can be comfortably carried on a key ring. Protruding from it is a metal connector that can be slipped into a computer's USB, or universal serial bus, port.
"It beats the smart card," Mr. Mann said. "You don't have the reader, the attachments, the cables-it's all too much to travel with"-and travelability is important in the enterprise security and network-access control functions for which i-Key is being sold.
Rainbow, which has done a lot of government contracting and is increasingly taking its Internet security expertise into the private sector, is also attracting attention with i-Key's price tag.
The company sells a software development kit for $79, and with that a single i-Key costs $49. Once production quantities exceed 10,000, the unit cost falls below $20. "In the millions it would be much less and we would still make money," Mr. Mann said.
The benchmark for a smart card installation at a single corporate workstation is $90, according to data Rainbow cites from International Data Group.
Smart cards also suffer from a lack of standardization and interoperability, Mr. Mann said, whereas "ours is plug-and-play with Windows 98."
USB ports are becoming truly universal, with some computer makers placing them conveniently on keyboards. When the i-Key is inserted, a tiny light goes on to signal the connection is made. Its data encryption and hashing functions combine with personal identification numbers to provide for "strong two-factor authentication," Rainbow said.
The company is not yet able to disclose any sales, Mr. Mann said, but he added that several leaders in digital certificate technology have taken evaluation kits.
Rainbow does not expect to send smart cards to oblivion. It just wants to take advantage of the "built-in (USB) readers everywhere with a far more deployable technology," Mr. Mann said.
He said Rainbow has smart card vendors "looking into whether they can put their designs on our device, and we would offer to put our stuff on their form factor, too."
After starting slowly, the company is producing i-Keys by the thousands and expects to have to ramp up from there. Ingrid Haysom, strategic relations manager, said a major contract could be announced within several weeks, and "once there is a big-name customer, things will take off."
This week Rainbow announced the availability of digital certificate storage with 1,024-bit RSA encryption-key lengths on the M2 model of i-Key. Pending U.S. export clearance for those extremely hard-to-break codes, Rainbow also offers an exportable version, the M0.
"The exportable model is the logical next step for providing globally available hardware-level security," said Shawn Abbott, chief technology officer. "These i-Keys offer the flexibility of providing a superior cryptographic token for user authentication both in the U.S. and global markets."
