What is RSA SecurID?
RSA SecurID, sometimes referred to as SecurID, is a two-factor, public-key encryption authentication technology that is used to protect network resources. Developed by RSA Data Security, SecureID is built around the difficulty of factoring very large numbers. Because of this design, the algorithm uses prime factorization as a fool-proof method of stopping brute force attacks. Solving the encryption takes a massive amount of time and processing power, thus deterring direct attacks on the security system. It is the standard encryption method for important data, especially when the information is being sent over the internet.
This authentication system is built around two main protections—a password or pin drive known by the user (something known), and (typically) a USB, smart card, or fob, otherwise called hardware tokens (something you have with you). These two points of authentication, or then used in conjunction with RSA’s Authentication Manager Software, which verifies the authentication requests.
How SecureID Works
When a user accesses a protected resource like a financial tracking database, or a bank’s back-end interface, he or she is asked for their passcode. The passcode is based on both the PIN provided by the SecurID system upon setup and the code that is generated for that login by the user’s authenticator token. In this example, the user clicks on their RSA SecurID device, which generates a session specific code. Then, both of these codes are received by the RSA Authentication Agent and translated to the RSA Authentication Manager software, which then checks and approves the codes. The RSA SecurID system computes what number the token is supposed to be showing at that moment in time, checks it against what the user entered, and makes the decision to allow or deny access.