November 6, 2008

OAKBROOK TERRACE, Ill., and ZURICH, Switzerland, 6th November 2008 - VASCO Data Security International, Inc. (Nasdaq: VDSI) (www.vasco.com ), a leading software security company specializing in authentication products, announces it is offering a solution for the security concerns companies have when deploying Software as a Service (SaaS). With Identikey Server 3.0., used in conjunction with a Digipass authenticator, a dynamic One-time Password replaces the static password offered by default by a SaaS application. In doing so, confidential login credentials are no longer transmitted over the Internet and are no longer susceptible to phishing attacks.

Hosted applications are becoming increasingly popular, especially among business decision makers, such as marketeers or HR Managers (CRM, ERP, pay-roll applications). IT-departments rightly have genuine concerns about security when implementing SaaS: how do you secure these Internet-based applications? Is the business critical information safe in third party hands? Are the confidential data only accessible by authorized users? With Identikey Server 3.0 VASCO provides an answer to these concerns.

By default hosted applications (ERP, CRM, e-gaming, accountancy, pay-roll applications) offer authentication through static password only. Together with the rise of SaaS, the number of phishing attacks is increasing, trying to retrieve data from hosted applications. With the adoption of strong two-factor authentication, business critical data residing in Internet based applications can be safeguarded from attacks.

VASCO’s Identikey Server 3.0 brings the security of SaaS applications to a higher level. When using Identikey Server 3.0 the end-user will log on using a dynamic one time password generated by a hardware or software based Digipass. Once the user has proven that he is who he claims to be, access will be granted to the sensitive information stored in the hosted application. As a result, data theft and account sharing becomes impossible.

Identikey Server can be integrated in various ways:

  • On the hosted application side, provided through the SaaS vendor

  • Through an integration partner, who will offer it as an authentication service to its customers.

  • On the customer side, allowing the SaaS customer to use it simultaneous for other authentication purposes, such as securing remote access to the corporate network for home office users or road warriors.

Identikey 3.0 is VASCO’s authentication server solution, based on VACMAN technology, which offers Digipass two-factor authentication for remote access to networks and for web based applications. The solution is ideal for medium and large enterprises who want to integrate user authentication or signature validation into their web applications. Its SOAP interface enables Identikey integration in virtually any web based environment.

“When implementing SaaS applications at VASCO, we were concerned about the security aspects of these hosted applications. We used our own technology and expertise to find a solution to our security concern. While implementing it at VASCO we realized that others might face the same concerns. With Identikey Server 3.0 we now offer our own security measure for Saas to the market.”, says Jan Valcke, President and COO at VASCO Data Security.


VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security serving a customer base of approximately 8,000 companies in more than 100 countries, including more than 1,200 international financial institutions. VASCO’s prime markets are the financial sector, enterprise security, e-commerce and e-government.

Forward Looking Statements
Statements made in this news release that relate to future plans, events or performances are forward-looking statements. Any statement containing words such as “believes,” “anticipates,” “plans,” “expects,” and similar words, is forward-looking, and these statements involve risks and uncertainties and are based on current expectations. Consequently, actual results could differ materially from the expectations expressed in these forward-looking statements.

Reference is made to the Company's public filings with the US Securities and Exchange Commission for further information regarding the Company and its operations.

For more information contact:
Jochem Binst, +32 2 609 97 00, [email protected]