Friday, February 20

Verisign's File Vault

Today, I configured my File Vault at Verisign's Personal Identity Portal.


If you read this blog, you probably know that nothing is 100% safe. And you probably distrust this type of offering. But, Verisign knows encryption as well as anyone. Verisign spun off from RSA (then RSA Data Security) in 1995 with some of RSA's public- and private-key cryptography technologies. They're really good at authentication and encryption which are exactly the two specialties I expect from an online storage vendor.


They're giving you 2GB of storage space free - it requires Two-Factor authentication to get in and encrypts data on the back end. And it's an easy-to-use UI with no software install. It's probably a better option than backing up my docs on a USB key (subject to damage and loss) or using some other non-security-focused vendor.

Smart Business

I also like the business model. We all wonder how OpenID providers will make a profit. Verisign seems to be ahead of the pack in providing value-add to users. You get more than just an OpenID credential. You get strong authentication, secure storage, and a personal identity page (probably the least interesting, but still somewhat fun and on the right track).

So, they can sell 100 million tokens to customers who get real value above and beyond reducing the number of credentials they need to remember. And of course, Verisign can license this technology to banks, governments, or anyone else who wants to resell online safety deposit boxes along with secure two-factor authentication solutions under their own brand. Paypal already re-brands the token to protect their customer accounts.

I could easily imagine brick and mortar banks handing out tokens with every new on-line bill pay account and/or offering a virtual safety deposit box to every physical box customer. It's value for the customer and a business model that makes sense. I'd even pay for a new token every few years just to maintain a secure place to archive my important files.

I knew there was a reason I never setup that Amazon S3/JungleDisk account.

1 comment:

Anonymous said...

I agree with the value of secure storage backed up by strong auth. Not sure if this addresses (or even relates) to 'how openid providers will make money'. One can look at it as a secure storage provider who also supports OpenID...just like gmail, yahoo, orange and many others have revenue models and support OpenID as an additional feature.