Study: Companies can halve authentication costs by ditching hardware tokens

Oslo, Norway, 4th – A new study, carried out by authentication experts Encap, compares the cost of authentication methods for enterprises. It reveals that large companies could halve the total cost of ownership of authentication technology used by employees for secure access to enterprise services/applications via private and enterprise owned networks. An enterprise with around 3,000 employees could save up to $165,000 over three years by migrating from hardware-based solutions.

Top line findings:

  • CAPEX: The deployment cost for hardware one time password (OTP) is $202,000 vs. smart device-based software at $9,000, representing a 95 per cent decrease in cost
  • Replacement costs: Hardware OTP replacement costs are over 90 per cent more expensive than all software based approaches
  • Annual cost per user: SMS OTP is the highest annual cost per user at $35, when compared to $15 for smart device-based software
  • Software-based: Smart device-based software is at least 60 per cent less expensive than all other software based approaches in terms of annual costs per user

Today, authentication methods are predominantly hardware-based and usually take the form of a small device or token that provides a one-time-password (OTP) that an employee uses to access enterprise or cloud services. The need for employee authentication is increasing in importance with the emergence of the ‘bring your own device’ (BYOD) phenomenon.

“The BYOD trend is growing, and employees are demanding access to enterprise applications quickly and securely, no matter where they are or what device they are using. A solution that allows access to these services regardless of the device, location or network in a secure manner is invaluable to enterprise IT managers,” says Sarah Wallace, Analyst for Heavy Reading.

Encap’s study analysed the average cost of the six most prevalent approaches to authentication for a large enterprise with 3,000 users over a three year period. These include hardware approaches such as hardware OTPs and smart tokens (a USB or smart card), as well as software such as smart device-based software, mobile OTP (usually an app), PC OTP (via a web-browser) and SMS OTP. All of the approaches are two-factor authentication where the user requires something they have (a card or token) and something they know (password or PIN) to gain access.

Encap Enterprise Authentication Study – Top Line Results

Costs

(all USD)

Smart Device Software Hardware OTP Smart token (Smart card/USB) Mobile OTP soft token PC OTP soft token SMS OTP
Total deployment cost 9,000  202,000 181,000 127,000 127,000 82,000
Total cost of ownership 135,900 301,075 277,975 217,075 217,075 316,075
Annual total cost per user 15.10 33.45 30.88 24.12 24.12 35.12

“Having invested in remote access and cloud apps, enterprises must do everything possible to simplify speedy and secure access. Smart device software authentication turns smart devices – enterprise or employee-owned – into security credentials at an unbeatable price point,” said Thomas Bostrøm Jørgensen, CEO of Encap. “Our study shows that the time for hardware-based authentication has passed – it is just too expensive when compared with the alternatives.”

Note to editor:“But this is about more than just cost,” continued Jørgensen. “Employees – people – want simple access across a range of devices. Similarly, IT managers want to easily integrate authentication without painful provisioning and replacement issues. Hardware approaches are incompatible with today’s world of smart devices, remote access and cloud apps. It’s time for a change.”

– Ends-

Encap’s analysis is based on key variables in line with industry norms and values.
The data is based on variety of sources including the 2011 Gartner report “How much is that token in the window? What you should expect to pay for new authentication”, RSA and VeriSign data, as well as Encap’s own data.

The study:
For more information about the study please contact Encap on: info@encapsecurity.com

About Encap
Encap provides simple software-based, two-factor authentication and digital signing for the enterprise and banking sectors.

Encap represents a revolutionary new approach to authentication for the post-PC era. It replaces hardware and one time password authentication solutions such as tokens, card readers, SIMs and SMS with a mobile client linked to a smart device. Easy, quick and convenient for users, Encap creates a familiar, intuitive authentication process that works across all platforms – PC, mobile or tablet – and via the cloud.

Encap’s unique patented software delivers a ubiquitous security solution that is scalable, easy to integrate and requires no capital investment.

Based in Oslo, Norway, Encap’s world class management team has an unrivalled pedigree in mobile banking, finance, enterprise and remote access security. The Encap solution is approved by the Norwegian Banks’ Standardisation Office and used by major banking institutions, enterprises and technology integrators.

www.encapsecurity.com

Contact for Press:
Daniel Lowther / Sarah Wilson
CCgroup
T: +44 7747 636 687 / +44 7817 630794
E: encap@ccgrouppr.com