REDWOOD CITY, Calif. — Authernative, Inc., the developer of innovative user authentication and identity management technologies, announced today that the Authernative(R) Cryptographic Module has been awarded Federal Information Processing Standards Publications (FIPS) 140-2 Validation. This certification from the National Institute of Standards and Technology (NIST) in the United States, and the Communications Security Establishment Canada (CSEC), provides cryptographic product validation to Federal agencies for use in protecting sensitive government data in computer and telecommunication systems. FIPS 140-2 provides stringent third-party assurance of security claims on any product containing cryptography that may be purchased by a government agency.

The FIPS 140-2 compliant Authernative(R) Cryptographic Module embedded in AuthGuard(R) user authentication product assures U.S. and Canadian government customers, system integrators, & resellers that AuthGuard(R) product provides the highest level of protection for sensitive information and comply with strict government security regulations.

AuthernativeAuthGuard(R) user authentication product is most suitable for Federal agencies complying with such government guidelines as “E-Authentication,” “Protection of Agency Sensitive Information,” “Safeguarding Personally Identifiable Information,” “Telework,” “Policy for a Common Identification Standard for Federal Employees and Contractors,” “Continuity of Operations Programs,” and other initiatives designed to ensure secure access in government environments.

AuthGuard(R) is a versatile authentication server providing, supporting, and managing multiple open and proprietary authentication methods through a single user interface. Authentication options range from legacy password, to one-time challenge one-time response, OTP, out-of-band, and secure in-band authentication. These methods, used alone or in combinations, allow for one-factor, layered, or multi-factor authentication that is electronically deployable, has scalable security, high usability, low total cost of ownership, and self-service capabilities.

“Authernative(R) Cryptographic Module embedded in AuthGuard(R) provides for secure mutual authentication and session-only random symmetric key distribution in client-server architecture enabled with a multifactor authentication scheme,” said Dr. Len Mizrah, CEO of Authernative, Inc. “Our continued commitment in obtaining NIST certifications is a clear validation of Authernative’s expertise in the security industry built on intellectual property foundation, including numerous U.S. and International patents in the area of user authentication, transaction authentication, and encryption key management, coupled with years of innovative security product development.

In order to expedite the FIPS 140-2 validation process, Authernative partnered with Corsec Security, Inc., a consulting firm with over ten years of validation experience. “Authernative delivers high-quality user authentication products and achieving a FIPS 140-2 validation has helped demonstrate their dedication to their customers,” said Matthew Appler, CEO, Corsec Security, Inc. “Corsec is thrilled to have worked with Authernative on achieving this remarkable milestone.”

As the gold standard for cryptographic security, FIPS-140-2 validation is required by the U.S. Federal Government to certify the design strength of information assurance products, and is increasingly becoming a benchmark for the private enterprise sector including the banking and finance markets, as well as being reviewed by ISO to become an international standard. FIPS 140-2 is gaining worldwide recognition as an important benchmark for third party validations of encryption products of all kinds. FIPS 140-2 validation of the Authernative(R) Cryptographic Module will provide users with a high degree of security, assurance, and dependability.

About Authernative, Inc.
Authernative provides innovative patented software security solutions offering identity and access management capabilities including authentication, authorization, administration, and auditing. The company’s products are used to prevent unauthorized access to confidential data, protected resources, and financial transactions. They allow organizations to lower the cost of providing, deploying and managing user authentication for enabling e-government and addressing regulatory compliance requirements. For further information, please visit

About Corsec Security, Inc.
Corsec Security, Inc. specializes in helping companies navigate through the complex process of receiving FIPS 140-2 and Common Criteria (CC) certifications. Corsec’s consulting, document creation, and project management services deliver unmatched expertise in achieving government validation efforts at a firm, fixed price. Corsec partners with companies around the world to achieve local and international certification and to add security functionality to a wide range of products. Corsec minimizes the time, effort and money a vendor needs to invest in validation while ultimately maximizing the return on that investment. For further information, please visit

[tags]Authernative Inc, user authentication and identity management technologies, AuthGuard Cryptographic Module[/tags]