Industry coalition plans interoperability program

The Initiative for Open Authentication, an industry coalition promoting the use of open standards for interoperable strong authentication, used its annual meeting at this week's RSA Security Conference to discuss plans for an interoperability certification program.

The group, usually called OATH, considers interoperability one of its key focuses, said Don Malloy, the institute's marketing chief and director of business development for Nagra ID Security SA. The coalition has been working on the program for about six months and expects to launch it in another six, and will be restricted to members of the institute. Common architectures and specifications do not necessarily mean that implementations by different vendors will work with each other, and the goal of the program is to ensure that any back-end authentication system will be able to work with any of the institute's schemes or algorithms. The institute was organized five years ago to make the use of strong, two-factor authentication simpler and more widespread, increasing security and making it easier to conduct sensitive online transactions. It has produced a reference architecture based primarily on existing standards with a goal of making authentication schemes interoperable across networks and vendor platforms. One of the organization's guiding principles is that open architectures rather than proprietary solutions are required for the widespread adoption of a technology.