RSA has acquired San Francisco startup PassBan to beef up its identity access management portfolio.
PassBan’s mobile and cloud-based multifactor authentication technology will be used to help RSA accelerate delivery of its Adaptive IAM vision, according to Manoj Nair, senior vice-president and general manager of the RSA Identity Trust Manager business.
PassBan offers modern multi-factor verification methods including biometrics, voice and facial recognition, geo-location, and on-demand OTP tokens, Nair said. These methods would complement the broad capabilities already available in RSA’s new Authentication Manager 8 platform.
While RSA’s SecurID software tokens let customers use their mobile devices as authentication form factors, PassBan’s technology will “enable us to take that even further,” Nair said.
With more and more employees using mobile devices to access enterprise data and resources, and the growing popularity of cloud applications, it is critical that authentication models “enable and support multiple authentications from multiple devices,” Nair said. With PassBan and the recent acquisition of IAM vendor Aveska, RSA will be able to extend its Adaptive IAM strategy to address mobile and cloud requirements and cover enterprise, cloud, and mobile IT environments, Nair said.
PassBan “enhances all of the key tenets” of RSA’s Adaptive IAM vision, including reliance on rich identity profiles, risk-based and intelligence-driven authentication and access controls, and tools optimized for cloud and mobile infrastructures.
RSA will also be incorporating PassBan’s mobile technology partners into its mobile partner ecosystem, RSA Certified Mobile Partner Program. “Developers looking to increase the security of their mobile or web applications with multi-factor user verification will now get access to a combined wealth of easy to use capabilities and options to choose from, to best fit their application needs,” Kayvan Alikhani, the CEO of PassBan, said in a blog post.
The acquisition combines “PassBan’s focus and expertise in cloud based mobile user identification and verification solutions with that of RSA’s comprehensive security solution suite and their long standing track record as a trusted name in business security, worldwide,” Alikhani said.
The acquisition announcement comes just a few days after RSA announced it was integrating Webroot’s malware detection technology into its own FraudAction anti-phishing service to detect phishing attacks faster and with less false positives. With this partnership, not only would the FraudAction service identify attacks faster, it would also be able to analyze suspected sources and proactively protect users, the companies said.
Related: RSA Plans Agile, Intelligent IAM Through Acquisition of Aveksa