RSA, the security division of EMC, has released RSA SecurID Software Token for iPhone (iTunes Link), a free app that lets you supplement typical user log-ins with an extra, cryptographically strong ID confirmation. The app turns your iPhone or iPod Touch into a SecurID authenticator.
The app works with a SecurID token seed and RSA's Authentication Manager; together they can provide a one-time password that changes every minute. This password is used to securely access a VPN, WLAN, or Web application. Although the SecurID Software app is available at no cost from the iTunes App Store, you must purchase the required SecurID token seeds (part #SD820) from RSA. Plus you'll need the RSA Authentication Manager for token and user management.
The app itself is configured by sending the user a unique software token seed, which is imported with just one tap. Users then can use their iPhone to securely access various systems and software. Additionally, the app replaces the traditional key fob token. The tokens can just as easily be revoked and reissued if an iPhone is lost or stolen.
RSA's approach is a lot different than the approach used by VeriSign's VIP (VeriSign Identity Protection) Access for Mobile (download on iTunes), a free app that also lets you supplement typical user Web site log-ins with an extra, cryptographically strong ID confirmation. However, it is geared more towards the consumer by supporting popular sites such as eBay, AOL, GEICO, and PayPal at no extra cost. You can read our previous coverage of VeriSign's app for more information.
This type of credential-based security technology is a clear win for businesses, employees and consumers. It shows another innovative use for the iPhone and it makes me wonder again what my iPhone can replace next.