EMC today strengthened its already strong grip on the identity market with the acquisition of knowledge-based authentication provider Verid.
Terms of the deal were not disclosed.
The Fort Lauderdale, Fla.-based Verid, whose solutions are used on websites, back-office systems and interactive voice-response platforms to validate users’ identities, will join EMC’s RSA Security division.
Last June, Hopkinton, Mass.-based EMC acquired RSA, best known for its tokens and smart cards, for about $2.1 billion. Before that deal, RSA picked up strong authentication provider PassMark, known for its SiteKey login tool, and Cyota, which offers banks and other financial institutions fraud intelligence.
"The acquisition of Verid both builds upon our existing set of authentication methods and significantly expands our capabilities into the preliminary vetting and verification stages of new user relationships in a variety of markets," Christopher Young, vice president of consumer and access solutions at RSA, said in a statement today announcing the acquisition.
Scott Crawford, a senior analyst with Enterprise Management Associates, told SCMagazine.com today that the Verid buy provides a "pretty good continuum" for RSA following the PassMark and Cyota acquisitions.
Banks and other financial institutions should pay particular attention to products such as Verid’s consumer verification offerings, especially in light of identity thieves who may be able to circumvent multifactor authentication, Crawford said. These organizations need to be thinking in terms of risk, not necessarily compliance, he said.
"There is way too much trust of the user," he said. "Banks really need to be thinking about not just increasing what they do to provide strong authentication, but also the ability to validate that independently."
Components of Verid’s solution immediately will become part of RSA’s risk-based Adaptive Authentication suite, according to EMC's statement.
The suite will contain a "two-tier approach" combining initial and ongoing authentication, according to the statement. The Verid product largely will be used in the first phase to verify a person’s identity when he or she opens an account, but the knowledge-based technology also will be used in the second stage should that user lose credentials or conduct a high-value transaction.
"We are thrilled and very proud to join forces with RSA, a world leader in identity protection," said Kevin Watson, the former CEO of Verid. He will continue to head the business, reporting to Young.
Get more IT security news. Click here for SC Magazine Blogs.