What do you mean by passive authentication? With active authentication, the user has to do something. In the case of Cyota, the authentication technology operates under the covers and works on a series of risk-based analytics. A profile is developed for each consumer, based on the computer they are logging on from or the device they are using, and then on a set of behaviors. So if we find that a computer user is coming from a different IP address and the IP address and the time zone is Moscow standard time and one of his behaviors is to transfer money into a bank in Latvia, I would say there's a 100% probability that that transaction would get kicked out and that the person would not get authenticated to do that kind of transaction. All this would happen under the covers without the active participation of the consumer.
Some security analysts believe that token-based authentication of the sort RSA sells is too cumbersome and expensive to be of much value. What do you think? I take exception to that. You enter a PIN, and you read a number off a token. I don't think that's particularly cumbersome. People do like it. People do understand that this is a device to authenticate them, and it gives them a high degree of confidence. As you go up the food chain of active authentication, you can verify things like wire transfers, more readily sign things to the extent that signatures are required. One of the things we have done is launch a service that will stand up side by side with the Cyota service and will allow people to register themselves through their tokens on multiple sites. And to the extent that consumer-facing organizations participate, these tokens can be used to verify consumers in multiple places.
What are the consumers' own responsibilities when it comes to securing their information? I think we vastly underestimate the consumer. What a lot of financial institutions have done is gone to them and ask them, "Would you like a token to authenticate yourself?" Absent any value statement, the consumer is likely to say, "No, I like things just the way they are." Contrast that with, "Are you worried about your ID getting stolen?" or "Would you consider using a device to protect your ID?" and the answer is "Yes." So it all depends on how you ask the question.