RSA releases open specifications for one-time password integration

RSA Security has released five open specifications designed to streamline the integration of one-time password (OTP) methods into enterprise applications.

RSA executives said the specifications - a sixth is in the works - are available for public review and will help other vendors integrate support for various OTP methods, including time-synchronous and challenge-response systems.

"These will drive broader adoption in the industry of strong authentication," Bill McQuaide, senior vice president of enterprise solutions, said at the RSA press lunch Tuesday.

RSA plans to send the specifications to existing standards bodies, such as the Internet Engineering Task Force (IETF).

The OTP specifications falls in these categories: One-time password credential provisioning; one-time password retrieval; and one-time password transport and validation.

A year ago, VeriSign introduced another standards effort to drive adoption of strong authentication. The Open Authentication reference architecture (OATH). OATH is designed to allow secure user credentials that can be provisioned by a variety of software and hardware products.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.