RSA® CONFERENCE 2005, SAN FRANCISCO— RSA Security Inc. (NASDAQ: RSAS) today announced RSA® Authentication Service, a consumer-focused offering that will provide Internet users with enterprise-class protection for their online activities. With a specific focus on ease-of-use and flexibility, the service will aim to meet the demands of a market that requires a range of technologies, deployment options and customization. RSA Security plans to launch a pilot program of the service later in 2005 and then release it commercially.

RSA Security also announced that Christopher Young, former head of safety and security premium services at America Online, has joined the company as vice president of consumer authentication services and will bring the offering to market.

The service will present businesses with a straightforward authentication offering designed to allow their customers to gain secure access to multiple sites using a single credential. It will provide an additional layer of security that will harden existing authentication mechanisms. The company expects that the design of the service will help lessen the potential barriers of cost, usability and liability that have historically inhibited large-scale strong authentication deployments to consumers.

“E*TRADE FINANCIAL is proud to have been one of the first financial services companies in the U.S. to pilot the RSA SecurID token solution for its customers,” said Lou Klobuchar, president E*TRADE FINANCIAL Services. “In addition to maintaining the highest levels of customer security on our own systems, we are committed to enabling our customers to increase security on their personal systems – at their home, office or wherever they choose - to safely access their accounts. We believe multi-layered security will fast become the industry standard.”

Users will benefit from a variety of credential options, including traditional key-fob tokens, smartcards, USB authenticators or soft tokens on a range of PDAs and hand-held computers. The same device will be able to be used at any site in the service, with each authentication managed by RSA Security. Each device produces a new, randomly-generated passcode every 60 seconds which – when used to log-in to a Web site – is vetted by RSA Security. The engine in the RSA Authentication Service would then either authorize or deny access to the site and communicate the permissions to the site’s owner.

“RSA Security is leading the way with this innovative and viable system of consumer authentication that offers the same power and practicality as a bank card,” comments Lars Rabbe, CIO at Yahoo Inc. “In addressing traditional usability issues and many liability concerns, it is moving firmly in the right direction for both end-users and businesses. A single credential that is accepted across many online locations, providing an extra layer of security, is very compelling – and one that consumers will want.”

“For more than 20 years the world has been using two-factor authentication as a pre-requisite for accessing cash at an ATM, yet today we still depend on passwords to gain access to online resources,” comments Howard Schmidt, former cyber-security advisor to the White House. “Security technology is constantly improving – as is its accessibility and convenience – and I expect to see more and more strong authentication deployed to bolster existing security mechanisms.”

RSA Authentication Service marks the next phase of RSA Security’s goal to make convenient two-factor authentication available to all online users. This expanded focus follows the 2004 launch of America Online’s AOL® Passcode premium service which offers RSA SecurID strong authentication to AOL’s members. Scores of banks across the world also provide this technology to their customers, strengthening the positioning of RSA Security to leverage its passion and expertise in the consumer space.

Said Young, “RSA Security’s reputation is built on a history of providing trusted identity protection to businesses of all shapes and sizes. We intend to bring this knowledge and experience to bear as we work to define, implement, and operate an authentication service that is focused on end-user consumers.”

Until now, users and businesses have been forced to work with a variety of disparate authentication methods of varying strength – resulting in confusion, a lack of adoption, and inadequate levels of security that have left consumers vulnerable to identity theft and other scams. RSA Security believes that, by enabling the use of a single credential that is available in a wide range of form-factors and accepted at a potentially unlimited number of sites, many existing problems can be removed.

“The consumer authentication market is real, and genuine growth opportunities exist across the globe,” comments Avivah Litan, principal research analyst at Gartner Inc. “According to our research, consumers would like the ability to opt in to stronger security as offered by their online service providers.”

“We envisage consumers ultimately using one credential to access multiple service providers across a range of delivery channels. Beyond the Internet, these could include telephone-based authentication, or authentication at an ATM for example,” continues Young. “Further, we expect interest in the service from a variety of sectors. It would be particularly applicable to online traders, Internet Service Providers, and the online gaming community.”

“Security is traditionally an afterthought when new markets open up, but models such as this would enable the nascent consumer space to get it right from the start,” says Adam Joffe, CTO of Sony Online Entertainment. “Online gaming is an exploding market, but identity hijacking is a growing concern and we support any initiative that will reinforce existing security infrastructure and boost consumer confidence – without burdening the user experience.”

About RSA Security Inc.
RSA Security Inc. helps organizations confidently protect identities and information access. The company secures more than 15 million user identities, safeguards trillions of business transactions annually, and manages the confidentiality of data in tens of thousands of applications worldwide. RSA Security’s portfolio of award-winning solutions – including identity & access management, secure mobile & remote access, secure enterprise access, secure transactions and consumer identity protection – sets the standard in the industry. Our strong reputation is built on a 20-year history of ingenuity, leadership and proven technologies, and our more than 17,000 customers around the globe. Together with more than 1,000 technology and integration partners, RSA Security inspires confidence in everyone to experience the power and promise of the Internet. For more information, please visit www.rsasecurity.com.