IBM designates Arcot WebFort as "Ready
for Tivoli"

Because they are easily cracked or stolen, simple usernames and passwords invite identity fraud. They are the weak link in identity management strategies that enable criminals to gain access to critical network resources by masquerading as legitimate users. They also fail to satisfy industry best practices and regulatory guidelines for protecting user identities.

WebFort authentication server and the ArcotID have been designated by IBM as "Ready for Tivoli®" with Identity Manager and Access Manager for eBusiness. IBM Tivoli customers can now use Arcot's 100% software-based strong authentication solutions as part of their integrated end-to-end access and identity framework, all managed with the Tivoli common enterprise operations console.

Smart without the Card

Traditionally, any enterprise wanting to incorporate stronger authentication into IBM identity and access management framework faced deploying expensive hardware-based technologies: one-time password (OTP) tokens, smart cards, or USB drives. Enterprises with thousands or millions of users find the cost to deploy hardware-based strong authentication prohibitive. Worse, these costly technologies also require changes to user behavior and business processes, and added operational expenses.

The patented ArcotID is the only Software Smart Card solution on the market. It provides hardware-strength protection of users' identities while keeping the simplicity of a password.

Powerful integration

Arcot WebFort™ and RiskFort™ integrate with both the Tivoli Access Manager (TAM) and Tivoli Identity Manager (TIM) from IBM to prevent identity fraud and simplify the administration of users' digital identities.

WebFort lets IBM Identity Management users quickly and easily upgrade their user authentication to strong, two-factor authentication without expensive hardware like OTP tokens. It is easier, faster, and less expensive to deploy than traditional OTP tokens or smart cards. Adding WebFort does not require changes to end-user login experience or core business processes. There are no new procedures and no end-user involvement—so no help desk calls.

Integrated with TAM, RiskFort blocks fraudulent access in real-time. It identifies high-risk activity, without any user interaction. It assesses the fraud potential of every authentication attempt and online transaction by examining a range of data collected automatically. It calculates a risk score and uses it along with business rules to approve or decline transactions, ask for additional authentication, or alert a customer service representative.