‘Roaming’ Credentials Feature Federally Approved Technology

• Jul 18, 2008

In the past, companies had to designate specific computers that could be used for digital signing, install smart card readers, and distribute smart cards to authorized users -- an incredibly rigid (and costly) approach.

For the first time, private companies can quickly authenticate employees' identities through roaming credentials, which do not require software or hardware installation or administrative privileges on specific computers. Available through TriCipher ID Tool ToGo, roaming credentials enable users to authenticate their identities and digitally sign business-critical documents from any computer or Internet-enabled device -- easing one of the biggest barriers to digital signing adoption.

"Distributed applications and users require flexible identity management technologies such as roaming credentials," said Gerry Gebel, VP and service director at Burton Group, an independent technology-industry analyst company. "The pharmaceutical industry has very challenging collaboration and secure document exchange requirements and has invested a great deal of time and effort to improve their business process through technical innovation."

Science Application International Corporation (SAIC) is the first to deploy SAFE-BioPharma roaming credentials to the pharmaceutical and healthcare industries using TriCipher's portable, cost-efficient ID Tool ToGo. Pharmaceutical companies can now simply, securely and more affordably perform electronic business transactions among one another and with government agencies, such as the Food & Drug Administration (FDA) and National Cancer Institute, part of the National Institutes of Health (NIH).

TriCipher's roaming credential enables SAFE-BioPharma members' employees to securely log onto systems and digitally sign documents that require multifactor authentication. SAFE-BioPharma members, which include Amgen, AstraZeneca, Bristol-Myers Squibb, Genzyme, GlaxoSmithKline, Johnson & Johnson, Merck, National Notary Association, Pfizer, Procter & Gamble, Roche, Sanofi-Aventis and Schering-Plough Corporation, can perform essential functions such as recording clinical trial results and submitting paperwork for new drug documentation from any Internet connection.

"By enabling a mobile credential, TriCipher is simplifying identity management and the ability to digitally sign electronic documents. Its technology and the federal acceptance of SAFE-BioPharma's roaming digital ID will significantly improve business processes in the biopharmaceutical and healthcare industries and their communications with federal and international agencies," said Mollie Shields-Uehling, president and CEO, SAFE-BioPharma Association.

TriCipher's roaming credential gives users on any system Level 3 assurance, meaning that a high level of trust is established through strong authentication using at least two independent authenticating factors. The roaming credential leverages TriCipher ID Tool ToGo, unveiled last year as the first portable, low-cost authentication solution that could be delivered on a multi-use device. One part of the user's credential is generated from ID Tool ToGo, and the other portion is stored on TriCipher's appliance behind the scenes -- requiring only a standard USB drive with ID Tool ToGo to authenticate. The credential aligns with the government's guidance in the National Institute of Standards Technology (NIST) Special Publications 800-63-1 for Level 3 remote authentication, and meets the rigorous requirements for a Federal Medium Assurance Commercial Best Practices identity and digital signing credential.

"Authentication is following the typical pricing and availability trends of other technologies, from limited and expensive to more flexible, convenient and affordable," said John De Santis, TriCipher CEO. "TriCipher is leading the industry past the peak costs, and making strong security expected and achievable for organizations of all sizes in all markets."