RSA's partnership with China's Sichuan Anmeng E-security Co Ltd comes on the back of US Congress' indication to move towards a ban on exporting encryption products in order to aid national security in light of the terrorist attacks on September 11.
In the early 1990s, the US government restricted the export of certain cryptographic technology under the International Traffic in Arms Regulation (ITAR), now called the Defense Trade Regulation (DTR). According to the regulation, certain cryptographic algorithms are munitions and people who export them can be charged as though they were exporting bombs or state secrets.
Concerns of the US government then included fears that encryption technology might enable its enemies to communicate without the Federal government being able to decipher the messages.
The regulation has since been relaxed, partially from successful lobbying on the part of crypto vendors which claimed that they were competing internationally and hence were at a disadvantage compared with non-US companies that were not likewise restricted.
In light of the recent attacks on the World Trade Center and the Pentagon, there is increased pressure to tighten export regulations.
In fact, a senior management executive with an Asian munitions company, speaking on condition of anonymity, claimed that working with US companies was "complicated". The munitions company buys components from US firms and is required to disclose where finished products are being sold--on concerns regarding the "transfer of technology."
The English version of RSA's SecurID has already been deployed across several vertical sectors in China, including telecommunications, Internet service and content providers, data centers, medium-to-large enterprises, and governments agencies.
However, the Chinese version will be packaged as Anmeng SecurID.
"Currently, many enterprises in China are not aware of the importance of e-security and have not developed a comprehensive security strategy," said Anmeng CEO Meng Xiancheng.
SecurID is a two-factor authentication solution based on something you know (a password or personal identification number), and something you have (an authenticator or token)--providing a more reliable level of user authentication than reusable passwords.
Each authenticator has a 64-bit symmetric key built-in that combines with an algorithm to generate a new code every 60 seconds. The code tallies with an RSA authentication server on the backend. The user combines this code with a personal identification number (PIN) in order to gain access. The server checks the code to ensure its validity for only that moment in time to authenticate the user.
"There are several advanced e-security technologies in the market, but none of them are designed to solve the most fundamental security problem--password disclosure. This can be solved by employing two-factor authentication," Meng claimed.
He believes that two-factor authentication will be play a big role in China's e-security market. "Given RSA Security's extensive experience in developing two-factor authentication solutions, we believe Anmeng SecurID will emerge as the market leader for user authentication solutions in Chinese-speaking markets," he claimed.
Chinese-speaking markets in the region also include Taiwan, Hong Kong, Macau. Countries like Singapore and Malaysia also have large Chinese-speaking populations.
"With the rapid growth of Internet usage and the growing adoption of electronic commerce in China, companies can expect an increase in hacking and other fraudulent activities.
"Given today's uncertain economic climate, even a single unauthorized intrusion can result in losses amounting to millions of dollars. It is imperative for enterprises conducting business in Chinese to deploy comprehensive and trusted e-security solutions," said RSA chairman Chuck Stuckey.
According to the International Data Corp, the worldwide Internet security market will grow an average of 23 per cent annually for the next five years, hitting US$14 billion in 2005.
Play video
There are currently no comments for this post.