RSA Hong Kong: Interest growing in smart cards

R. A. Hettinga rah at
Sat May 4 00:38:58 EDT 2002

Friday, May 3, 2002
Interest growing in smart cards


The Hong Kong Government's plan to introduce digital identification cards
starting from next year is raising the business community's interest in
using similar smart card technology for controlling access to internal
computer systems, according to Pierre Pang, Hong Kong territory manager for
RSA Security.

One of RSA's Hong Kong clients plans to implement a trial system for 500
users in September, using smart card technology to allow employees access
to the company's computer system at their desktops and kiosks.

The smart-card system could eventually be expanded to cover the company's
10,000 users.

Mr Pang said his office received about 10 inquiries per week about
smart-card technology, but widespread adoption would depend on prices of
card-reading hardware coming down dramatically.

RSA, which manufactures password-generating tokens and other computer
security products, recently introduced a card that can be embedded with
digital certificates, as well as add-on Java programs which can be used for
digital purses and other applications.

The company has also added a single sign-on software product that competes
with Microsoft's Passport and Sun's Liberty Alliance Project.

Such products are more in demand as companies move to grant employees and
customers access to more information over Web interfaces, and as
governments begin to offer more services to citizens through the Internet.

With single sign-on, which is often based on open technologies such as
Kerberos, users can access several programs or databases without having to
key in user names and passwords many times. Systems administrators can
theoretically set up and manage rules for granting access to information
more easily.

One possible stumbling block to the implementation of such single sign-on
schemes is lack of user enthusiasm and concerns over security.

A recent Gartner study estimated most users of Microsoft's Passport program
did not know of or use the authentication features.

However, Gary Lau, an RSA technical consultant, said user acceptance of
single sign-on was low because the systems only required passwords and the
perception was that password security was low.

Once these systems required a second factor - such as a smart card,
fingerprint or digital certificate - before access was granted then people
would change their view of single sign-on.

R. A. Hettinga <mailto: rah at>
The Internet Bearer Underwriting Corporation <>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list