Monday, January 26, 2009

Entrust, wake up and smell the coffee!

Quest sells a two-factor authentication product called Defender. Entrust also sells two-factor authentication products. Defender supports OATH complaint tokens so our customers can purchase tokens from us or any vendor who supplies OATH compliant tokens. Entrust supports OATH compliant tokens too, but they don't want customers using Entrust tokens with anything other than Entrust software...

You are expressly prohibited from using and agree not to use Entrust Tokens with any other manufacturer's verification or identification software even if the Entrust Tokens may interoperate with such other manufacturer's verification or identification software.

What's even better is how Entrust touts their support of OATH!

...the Entrust IdentityGuard Mini Token OE supports the OATH algorithm for broad, open-standard compatibility.

Wow. Forget about standards. Forget about interoperability. Long live vendor (Entrust) lock-in. Yes, that's exactly what I told the prospect who was looking at Defender and Entrust. We're open. Entrust only wants to appear open.

Get with the program guys.

Technorati Tags:
, , , , , ,

1 comment:

jck said...

This condition appears to prohibit the someone from buying the Entrust low-cost tokens with the intent of using them with some other software solution, which would make sense if Entrust was partially subsidizing the cost of these tokens to establish a better market position. This seem fair to me, and would be consistent with Entrust's commitment to end premium pricing for commodity hardware. This isn't quite the same thing as preventing third party OATH tokens from being used with a properly licensed Entrust authentication service.

Has there been difficulty using other vendors OATH compliant tokens with the Entrust software?