Establishing Digital Trust: Don't Sacrifice Security for Convenience
Think online trading isn't safe? Barclay's Global Investors is betting billions you're wrong.
BGI manages more than $830 billion in client assets for about 1,600 customers worldwide. Included are huge pension plans for clients such as Exxon, General Electric, General Motors and Sony. Such customers trade large blocks of stocks at a time, transactions that are often worth billions of dollars.
Up to now, these trades have been conducted chiefly by fax. But BGI recently signed on with RSA Security to use its SecurID tokens and ACE/Server system to enable online trading 24 hours a day."Institutional investors didn't have same opportunity for online trading as individuals," says Matthew Lewis, manager of client order management for BGI. "This will allow them to do online trades in a secure environment."
BGI is tesing the service with five customers thus far. Those customers each receive a SecurID token that is unique to them. The token can be either hardware, such as the traditional credit card-size device, or software that works on devices such as a Palm personal digital assistant. In either case, the token generates a different six-digit number every 60 seconds. The ACE/Server residing in BGI's network generates numbers that are syncrhonized with each SecurID token.
To sign on to BGI's Orders Online trading network, customers enter a PIN plus the six-digit SecurID number. If the PIN is correct and the SecureID number matches that generated by the ACE/Server, the customer is granted access. This is a process known as two-factor authentication, which requires use of something users know (the PIN) and something they have (the SecurID token).
Lewis calls the system "easy, reliable and efficient," noting it took two to three months to pull all the pieces together.
In addition to keeping track of which user has which token, the ACE/Server communicates with ACE/Agent software on attached hosts to grant access to applications. ACE/Agents work with systems ranging from Windows NT to Unix servers and mainframes.
The ACE/Server with SecureID starts at $4,000 and tokens start at $62 per user.