Vault ID, a single-function USB token, contains a smart-card chip that stores usernames and passwords for all online accounts.
With 63 million American adults banking online and millions falling victim to identity theft, GuardID Systems, a San Mateo, Calif. startup, forecasts shipping 250,000 ID Vaults.
The company boasts a consumer security device that protects against phishing, pharming and keystroke logging. ID Vault, a single-function USB token, contains a smart cardchip that stores user names and passwords for all online accounts.
Users can plug the "digital vault" into their PCs and click on icons for secured favorites. From there, they can choose the accounts they want to access. Pages loads automatically, saving the effort of launching browsers. The device sends encrypted data without requiring users to type access codes.
"You get used to the convenience and forget about how it's protecting you," GuardID Systems CEO Jerry Thompson said during an interview Tuesday.
ID Vault relies on proprietary software to monitor and update IP addresses on a database of 4,000 financial institutions. If a hacker tries redirecting users to an invalid site, the program warns that it is not "compatible."
If someone steals an ID Vault and attempts to log on to the owner's accounts, the information is wiped from the memory after three unsuccessful logon attempts -- but not before giving the opportunity to insert the 20-digit serial number that came with the device.
GuardID Systems offers a two-pack, with a spare token for backup, and the program allows users to print a copy of their user names and passwords. The financial site monitoring service is free for the first year and available by subscription after that.
The Federal Financial Institutions Examination Council decided last year to require banks to institute a two-layered authentication approach to prevent identity theft and account fraud. The council did not endorse specific technology, but identified USB tokens as one possibility. The council noted that the devices are difficult to duplicate, tamper resistant, user-friendly, convenient, and simple to implement.
"An effective authentication system is necessary for financial institutions' compliance with requirements to safeguard customer information; to prevent money laundering and terrorist financing; to reduce fraud and the theft of sensitive customer information, often the precursor to identity theft; and to promote legal enforceability of financial institutions' electronic agreements and transactions," the council stated when delivering the guidance.
Thompson said those users should be guarding access to financial information and other online accounts, especially as hacking becomes increasingly serious.
"Many, many of these hackers have gone from harassing you to trying to steal from you," he said. "It's generally random, not focusing on an individual. It's the low-hanging fruit. Most people are not aware there is anything they can do to prevent ID theft, and people are spending fortune on ID theft insurance. It seems that the practical thing is to prevent it and they need to know that there's a way to do that."
Approximately 27 million American adults have been victims of ID theft in the last five years, according to the Federal Trade Commission.
Gardner Research said GuardID Systems could block phishing and pharming more proactively than browser plug-ins and enhancements.
GuardID Systems began shipping the product, which costs $49.95, to Circuit City, CompUSA and Best Buy last month. The product is also selling through Internet resellers like Amazon.com.
IT's Reputation: What the Data SaysInformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
What The Business Really Thinks Of IT: 3 Hard TruthsThey say perception is reality. If so, many in-house IT departments have reason to worry. InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business views IT's performance in delivering services - and, more important, powering innovation. The news isn't great.
InformationWeek Must Reads Oct. 21, 2014InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.