Lawsuit could put kink in Microsoft's push for cloud security

A patent suit challenges two-factor authentication technology used by PhoneFactor, a company acquired by Microsoft last October.

By John P. Mello Jr., PC World |  Security

A lawsuit could put a crimp in Microsoft's reported plans to implement two-factor authentication for users of its consumer cloud services.

Two-factor authentication--which supplements a user's password with a PIN or code generated by a local application or sent by a cloud provider to a user's device, typically a cell phone--has been adopted by large cloud-service providers as a means of better securing online accounts.

Now, a patent lawsuit filed by New Jersey-based StrikeForce challenges two-factor authentication technology used by PhoneFactor, a company acquired by Microsoft last October.

The lawsuit could affect the security of all users of Microsoft's consumer cloud services, such as SkyDrive and Outlook.com, as well as users of other services that use two-factor authentication, such as Google and Dropbox.

Details

According to a statement by StrikeForce, PhoneFactor's authentication technology infringes a patent issued to StrikeForce in 2011 for "several key technologies underlying a multichannel security system for granting and denying access to a host computer in response to a demand from an access-seeking individual and computer."

StrikeForce declined to comment further to PCWorld on the lawsuit but, in a FAQon the litigation posted on its website, it claimed its ProtectID Authentication Product "offers 2-factor 'Out-of-Band' authentication across many methods and devices for cyber security protection."

"Methods that are used include, for example, receiving a call and entering a PIN number or One-Time Password (OTP) on a phone-type device," it added.

Microsoft, in an email, declined to comment on the lawsuit.

When Microsoft purchased PhoneFactor last year, Corporate Vice President Bharat Shah observed in a statement, "The acquisition of PhoneFactor will help Microsoft bring effective and easy-to-use multifactor authentication to our cloud services and on-premises applications."

Earlier this week, it was reported that Microsoft was readying a roll out of two-factor authentication for its consumer cloud services. "Unfortunately we do not yet know the timing of the release of this new feature, but rest assured that it will be coming soon," according to LiveSide, which focuses on news and information about the Microsoft cloud.


Originally published on PC World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question