RealTime IT News

Ping For Safer Log-ins

Ping Identity, a standalone maker of secure single sign-on software for managing Web-based exchanges, improved its software platform for allowing businesses to securely complete transactions and share information.

The Denver-based identity management specialist also unveiled PingLogin, a new authentication product to help customers of banks and other industries to safely log into their accounts.

PingFederate 4 now supports all the different flavors of the Security Assertion Markup Language -- SAML 1.0, SAML 1.1 and SAML 2.0 -- as well as WS-Federation 1.0, a security protocol created by Microsoft, IBM and others.

Perhaps more importantly, customers may use all four standards in their computer networks at the same time, choosing which of the four to use on a per-connection basis, said Mike Donaldson, vice president of Ping.

This opens up more choices for those who want to use SAML, WS-Federation, or both in their Web services environments.

PingFederate 4 also provides four separate administrator roles that can be assigned to one or more administrators based on an individual company's security needs. The software also provides a detailed audit trail of all administrative actions.

Such enforcement functions help regulation-conscious businesses meet compliance requirements, such as HIPAA, SEC 17a-4 and Sarbanes-Oxley.

Donaldson also said Ping Federate 4 comes with a new attribute source software development kit to make it easier for the Ping platform to work with identity software that an enterprise might already be using.

Developers may retrieve attributes from data sources exposed with SOAP interfaces, flat files and custom interfaces.

PingFederate 4 is available now. Existing Ping users can use simple upgrade engines to leverage the new software.

New users can download PingFederate 4 and use it freely for the first six months or 100,000 transactions, whichever comes first.

After the transaction limit or half a year is reached, Ping offers a licensing plan of $100,000 per two-CPU server.

PingLogin is a strong authentication and single sign-on framework to allow consumers to safely use online services and Web applications, said Ryan Hunter, director of product marketing at Ping.

Such a product is important because the number of identity theft cases is skyrocketing.

Moreover, identity fraud perpetrators are improving in their methods to pilfer unsuspecting victims' IDs, making reliable authentication technologies a popular item on the wish lists of CIOs.

PingLogin includes a binding SDK that supports multiple consumer communications devices, such as Web browsers, PDAs, smartphones, AJAX and Microsoft .NET applications, voice recognition units and car navigation systems.

Ping is also partnering with consumer authentication technology vendors BioPassword, Trade Harbor and Verid to ensure that PingLogin helps strong authentication mechanisms and applications work together.

PingLogin will be available for download from Ping in July. As with PingFederate, the first six months or 100,000 transactions are free.