OATH Announces Certification Program To Promote Interoperability

PRESS RELEASE

SAN FRANCISCO --(Business Wire)-- Mar 03, 2010 OATH, the Initiative for Open AuTHentication, today announced that the organization has developed draft certification criteria for the first 2 profiles, the HOTP Standalone Client and the HOTP Validation Server. The organization made the announcement at the RSA Conference 2010 in San Francisco, the information security industry's largest tradeshow.

The OATH Certification Program is one of the key elements on the OATH technology roadmap and was developed through the collaboration of several OATH members. The Certification will provide assurance to customers that products implementing OATH standards and technologies will function as expected and interoperate with each other. This will enable customers to deploy 'best of breed' solutions consisting of various OATH 'certified' authentication devices such as tokens and validation servers from different providers.

OATH will continue to develop the certification program during 2010 and publish additional profiles to address the whole breadth of OATH technologies and standards. The OATH certification profiles are intended to provide specific guidance and recommendations to providers who want to implement OATH specifications in their products. In addition to developing the profiles, OATH is also working on implementing a compliance testing program that will be announced in the latter half of 2010.

"The OATH Certification Program is the one key deliverables for the organization in next 12 months," said Siddharth Bajaj, Chair for the OATH Certification Working Group and Principal in VeriSign Labs. "This will help ensure products are truly interoperable and realize the full value of the specification work that OATH has been doing for the last few years."

The draft certification profiles and more information about the OATH Certification Program will be available on the OATH website at - http://www.openauthentication.org/certification.

Additionally, OATH will be demonstrating the HOTP certification profiles for both client and server in action during the RSA Conference in San Francisco.

OATH Pavilion at the RSA Conference Booth #2023:

Conference attendees can view OATH technology in action at the OATH Pavilion (at the RSA Conference 2010). The following companies will be showcasing their technologies: Aradiom, Bio-Key, Feitian, Nordic Edge, Portwise, Smart Displayer, Spyrus and VeriSign.

OATH session at CARTES Asia:

OATH will be chairing a session at Cartes Asia titled Smart Security Access. The Session is scheduled to be held Thursday March 18th at Asia-World-Expo in Hong Kong. www.cartes-asia.com/congress.

About the Initiative for Open AuTHentication

The Initiative for Open AuTHentication (OATH) is the industry's leading collaboration of device, platform and application companies, and end user customers of authentication technologies. OATH participants foster use of strong authentication across networks, devices and applications. OATH participants work collectively to facilitate standards and build a reference architecture for open authentication while evangelizing the benefits of strong interoperable authentication in a networked world. As OATH grows, the organization actively incorporates feedback and technology contributions from end-user participants who share a common vision for open authentication technology and the products that provide this important measure of security.

OATH is dedicated to assisting customers with the reduction of cost and complexity of deploying strong authentication within enterprises and across the Internet. Since its formation in 2004, OATH's membership includes security industry leaders from token manufacturers, platform vendors, smartcard providers, and security services companies. End user companies join OATH to add their voice and ideas towards the goal of open authentication.

To join OATH and to see a list of its current membership, go to: http://www.openauthentication.org/membership.asp. To learn more about OATH, e-mail [email protected] or visit http://www.openauthentication.org.