Microsoft selects VeriSign to provide secure log-in

• XT outage may affect Telecom earnings
• OOXML not suitable for Norwegian government, says study
• IP addresses dwindle as economies recover
• Routing fault pushes NZ ISPs out of Limelight
• NZ IT sector hiring plans show upward trend

 

• Windows 7 rollout lessons learned by early adopters
• Live within your means
• Is Skype safe for business?
• Slapped in the face
• Why watching 'Lost' is like managing ERP

SUBSCRIPTIONS

Computerworld is New Zealand's only specialised information systems fortnightly.

Subscribe now for $97.50 (24 issues) and save more than 37% off the cover price!

NEWSLETTERS

Get the latest news from Computerworld delivered via email.
Sign up now

NEWSFEED

Subscribe to Computerworld's
RSS newsfeed here and get news stories as they break.

VeriSign has announced that it has been selected by Microsoft as an OpenID provider for users of HealthVault, a free service that enables consumers to store and manage their health information online. HealthVault's acceptance of VeriSign OpenIDs will begin later.

VeriSign combines OpenID single sign-on with strong authentication via VeriSign Identity Protection (VIP) credentials. Acceptance of VeriSign's OpenIDs, secured by the VeriSign Identity Protection Service, gives consumers another choice when signing into Microsoft HealthVault to help safeguard their personal health information.

Microsoft HealthVault members who have activated their VIP credential on their VeriSign OpenID can also utilise the same VIP credential on eBay, PayPal, AOL and a number of other sites that participate in the VeriSign Identity Protection Network.

The need for securing online health records is growing. Some 47 million Americans are uninsured, a situation that has spawned a brisk black market for health insurance policy information stolen from consumers and sold the same way Social Security Numbers and credit card numbers are stolen and sold. By securing their OpenID log-ins with VIP credentials, HealthVault members are making it harder for identity thieves to illegally access sensitive medical and insurance data.

"HealthVault is about empowering people to take control of their personal health information, and that means making their web experience easier while also helping them safeguard their privacy," says George Scriban, senior product manager, Microsoft Health Solutions Group.

When a user logs into their HealthVault record using VeriSign OpenID secured with a VIP credential, they will be prompted for their OpenID user name and password, and then asked for a one-time-password (OTP) generated by their VIP credential. The process makes it extremely difficult for fraudsters to access accounts illegally because it combines something users know (user name/password), with something they have (a VIP credential). Moreover, as the same credential can be used by other members of the VIP network, users can utilise these credentials to secure their identities across multiple websites.

"Moving health information online creates tremendous convenience for consumers since they will now be able to access critical healthcare information that has traditionally been physically housed in one place and controlled by outside parties," says Fran Rosch, vice president, Identity and Authentication Services at VeriSign.

"However, just as we've seen in online banking, providing convenience to consumers creates potential opportunities for fraudsters. By accepting OpenIDs secured with our VIP user credentials, Microsoft HealthVault can offer an online healthcare solution that balances convenient access with a secure experience."