Consumer PCs Now Shipping With Identity Protection Technology

I recently had a conversation about security wtih Jennifer Gilburg and I felt strongly that she share the details with everyone and hence she decided to write a blog post – which is below for your reading pleasure (authored by Jen). As background, Jennifer Gilburg runs marketing for Intel Corporation’s Intel® Identity Protection technology. She has over two decades of software marketing and business development experience mostly in security. She spends her time crusading for better online security for consumers. In this guest post, she outlines how “digital tokens” are worth their weight in gold when it comes to protecting your identity online.

Until recently, when it came to exposure from online fraud, most people only worried about the protection of their online financial accounts. These accounts have been big targets for fraud as evidence by the thousands of phishing sites produced each month targeting financial institutions. While the threat of a compromised account can be a huge concern for the general consumer, liability in security incidents has traditionally landed on financial institutions, which are expected to protect their customers.

Today, though, responsibility is less clear. Fraudsters have found that by leveraging trust between online parties they can proliferate malware an incredibly fast rate. As people accumulate hundreds of trusted “friends” on social networking sites, fraudsters are targeting these accounts to spread malware downloads and send spam or targeted phishing emails. Moreover, with mass storage now readily available through consumer email service providers, more people are keeping valuable private information in their inboxes (think: mortgage applications!), which can provide data to fraudsters to perform identity theft. Throw in online gaming with millions of dollars of value in virtual goods and it is easy to see why fraud is booming.

The problem is: usernames and passwords (especially weak passwords and ones used at multiple accounts) do not provide ample protection. They are being phished, socially engineered, guessed or stolen at astonishing rates- to the point where most people have had or know someone who has had an account hijacked and used for malicious intent. What is needed is a way to more clearly tie a user’s identity to a trusted device, much as credit cards with personal photos provide an extra way to identify you when the card is presented to a retailer.

One popular way businesses do this today is to use physical, “two factor authentication” tokens. These are credit card-sized devices that combine something you know, your username and password, with something you have, a randomly generated code created in the token, that you input at a site to gain access. The tokens are used by many Fortune 500 companies to give employees, partners and vendors access to corporate network resources. The trouble with this approach is that there is a certain level of expense involved to maintain the system, and if the algorithms behind the tokens are ever compromised, it can take months to recode and replace them.

To address these challenges, Intel worked with other industry thought leaders to embed two-factor authentication in computer chip hardware, a security approach that promises to be more seamless for end users and more cost effective for organizations. This new technology is called Intel® Identity Protection Technology (IPT) Here’s how it works: Built into select 2nd generation Intel® Core™ processor-based PCs, IPT eliminates the need to memorize a code or attach a security device to your computer. When you access an Intel IPT-integrated web site you will be prompted to “register” your PC at that site.. On subsequent logins, you simply enter your user name and password and behind the scenes the PC generates a unique six digit code which gets validated by the website. Intel IPT’s smart technology makes this process simpler and more secure, changing your code at regular intervals before your account can be hacked. If you’re away from your PC, the web site can also offer an alternative method for authenticating users (such as SMS one-time password codes sent to registered phones or pre-determined knowledge based questions). For the end user, this whole process is very fast, easy and frictionless.

For a demo of the IPT experience, go HERE.

The great news is that OEMs started shipping IPT-enabled consumer desktops and laptops in June, and more than a dozen are now available, offering people and Web sites an integrated way of protecting access to online accounts. In addition, more than 1,000 Web sites now support IPT-enabled computers, and Intel is actively working with partners to expand that number.

For more information, please go to www.ipt.intel.com.

Becky Emmett

About Becky Emmett

Having joined Intel in 2008, Becky Emmett manages the PC client, Ultrabook and consumer PR team within Intel’s Global Communication Group. She received a B.S. from Portland State University and has since spent the last 13 years working in the public relations industry, primarily in the technology space. When not at work, Becky enjoys spending time with her husband, two sons and daughter. She is also an avid blogger and can’t seem to log out of Twitter and Facebook.

One Response to Consumer PCs Now Shipping With Identity Protection Technology

  1. This is only theoretically secure. I had considered exactly this plan, except here’s the flaw: You are transmitting data to and from the end users via a vast network of servers which you cannot guarantee are free of eavesdropping devices. Albeit an “encoded” transmission, there is no secure code that you can legally transmit in the U.S. without the express consent of our corrupt CIA. Therefore, it is only a matter of time before the initial transmission can be cracked. Once your hackers have that, step 2 is deduce the algorithm behind you sequencer, which they can again do over time based on comparative analysis of numerous systems. Possibly the only way to circumvent this is if you want superior security would be to pick up your PC at an authorized factory outlet and register it there. I came up with the idea for Macromedia Flash. I came to this site looking to possibly do some R&D work for Intel looking into how to create integrated circuits directly from scratch, rather than carve them from a substrate. If Intel is doing any research in this department, I would certainly be interested.