Phishers beware — the Massachusetts Institution of Technology, Google Inc., Apple Inc. and others are teaming up to develop verification software to make it easier to verify the Web site you are accessing is not a fake.
MIT announced Thursday the formation of the Kerberos Consortium, based on the software of the same name developed in the 1980s, according to Executive Director Stephen Buckley.
The software is open source, meaning it is free and can be modified and improved by other users.
It is primarily used by large corporations for identification purposes, using a system called mutual verification.
“Usually when you access an e-mail account at home, you enter your name and card number, and prove your identity to the system,” Buckley said. “But a lot of times, the system doesn’t have to prove to you it’s authentic.”
This is one way Internet-based identity theft can occur: A person enters personal information into a site that appears to be something like eBay or his or her bank, he said.
According to the Federal Trade Commission, identity theft cost the U.S. $49 billion in 2006. “We think Kerberos could definitely help solve part of that problem,” Buckley said.
Kerberos can also help corporations that want a secure way to log in a single time to many different servers, only needing one password. The consortium, which also includes the Centrify Corp., the Financial Services Technology Consortium, Stanford University, Sun Microsystems, TeamFI and the University of Michigan, would try to apply Kerberos technology to the Internet and mobile phones, rather than just corporate computer networks, Buckley said.
It will also attempt to educate large corporations that provide consumer services about how it makes transactions safer, and to get other technology firms to further develop and improve the software.
