SOURCE: Arcot Systems, Inc.

October 23, 2007 09:27 ET

Arcot Achieves NIST FIPS Validation "Gold Standard" for IT Security

SUNNYVALE, CA--(Marketwire - October 23, 2007) - Arcot Systems has achieved validation against Federal Information Processing Standard (FIPS) 140-2, Level 1, the IT security industry's "gold standard" from the U.S. National Institute of Standards and Technology (NIST). The rigorous validation process means that Arcot software has met one of the most difficult testing methodologies in the world. FIPS testing focuses on a product's cryptographic modules and its ability to provide services such as user authentication, data confidentiality and integrity. The U.S. government requires the cryptographic modules of any product that protects sensitive data to meet the FIPS 140-2 standard.

"This is a major development for us, as we continue to expand the ways in which organizations can deploy our technology and protect their employees, customers and partners from identity theft and fraud," said Jim Reno, chief technology officer at Arcot. "The significance lies in the fact that NIST validated Arcot's software-only ArcotID against the same stringent standard that the U.S. government requires for products sold to the public sector to protect their IT systems. Going after this validation, Arcot proved to the private sector that we are focused on continuing to ensure that our solutions meet the high criteria levels set by NIST and it reinforces our commitment to the security of public and private sectors alike."

The ArcotID is a unique software credential that balances cost, convenience and strength. It is a ubiquitous, secure authentication token that transparently fraud-proofs the login process without expensive hardware, rapidly scales to millions of users and runs on a variety of mobile platforms. It also protects against man-in-the-middle or brute force attacks and enables digital signatures -- none of which can be done with hardware OTP tokens. Today, Arcot already protects and verifies 50 million online user identities worldwide.

"FIPS 140-2, Level 1 is the same standard used throughout the government for their high security agencies," said Avivah Litan, vice president and distinguished analyst, Security and Risk Management, Gartner Inc. "It is very comprehensive, well established and difficult to achieve. FIPS 140-2 validation carries a lot of weight with customers in both the public and private sectors."

More information regarding Arcot's most recent FIPS certifications is at:

NIST Website -- Validated FIPS 140 Cryptographic Modules, 2007 (Arcot is
#818)
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2007.htm

NIST Website -– Arcot FIPS 140-2 Certificate
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140crt/140crt818.pdf

NIST Website -– Arcot Security Policy
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp818.pdf

About Arcot Systems

Arcot Systems is a leading provider of risk-based authentication, strong authentication, digital signing and cardholder authentication solutions. The company makes online transactions safe for millions of customers by blocking fraud and protecting access. Arcot technology defends against Internet threats including phishing, man-in-the-middle and spyware. Its software-only authentication solutions eliminate the need for hardware tokens and complex login processes providing customers with strong, PKI-based authentication with the simplicity of a username/password interface. Arcot offerings are compliant with U.S. and international standards including 3-D Secure, IdenTrust, SAFE and FFIEC Internet Banking Authentication recommendations. For more information, visit http://www.arcot.com.

Arcot, Arcot WebFort and ArcotID are registered trademarks of Arcot Systems Inc. All other trademarks are the property of their respective owners, and are used for identification purposes only.

For more information visit www.arcot.com.

Contact Information