Safenet Reinforces SaaS Security With Increased Authentication

On- demand services have to lead to increased sharing of individual login user names and passwords, resulting in unauthorised access to end-user data. This translates into potential revenue loss for ISVs providing SaaS applications.

With a focus on this problem, SafeNet recently launched the ‘HASP SRM SaaS PaaS’ solution that is built on Aladdin technology. In an interview with Biztech2.0, Rana Gupta, business head – India and SAARC, SafeNet explains how this solution can help SaaS providers in preventing unauthorised usage and maximising revenue.

Please talk in detail about the solution and its features

This solution has two components- SaaS Pass Login Application and SaaS Pass Web Service Module. The login application, which service providers distribute to their customers, is fully customisable. All operations, including distribution and pre-activation of the login application can be handled over the Internet to minimise logistical costs. The Web Service Module integrates with the SaaS provider’s existing Web application.

HASP SRM SaaS PaaS prevents end-users from sharing their subscriptions by locking the end-user machine with a pre-defined license/subscription model, requiring a login to the SaaS services with machine authentication. This effectively ties access to the service to an authorised machine, essentially a machine on which a software client has been previously activated.

The solution is based on a small client application installed on the end-user’s machine that communicates over the Internet, with a server-side application in the service provider data centre. The client application is responsible for passing encrypted login information to the provider’s server, which can then authenticate the user and that service access is being attempted from an authorised machine.

How do you differentiate this solution from those presently available in the Indian market?

There is no other solution offered by anyone else on the lines of HASP SRM Saas Pass. This is the only solution that brings additional security to the currently deployed mechanism of user-name and password. By using this solution, existing SaaS providers can ensure prevention of revenue loss. Existing shrink-wrap product providers can easily take their products to SaaS model. The solution is offered as a pay-per-use (per license) model, an annual subscription model and a perpetual licensing model.

How will it help service providers in preventing unauthorised usage of services and also increase revenue?

By preventing the sharing of user-name and password, SaaS service providers can ensure that the actual number of licenses are used by the subscribers. This is akin to the loss of revenue by the TV Channels due to under-reporting of subscriber base by the cable providers and then reverting to Direct-To-Home or delivery of Cable TV via the box model.
How has data security been taken care of?

HASP SRM SaaS Pass solution implements security between the client and the server so that the user-name and password that is being exchanged is in encrypted form. There is no impact on the data stored by the SaaS provider, as the solution doesn’t touch that part.

Apart from on-demand service providers, can this solution be of use to other companies as well?

The solution is available for companies offering software as well as hardware systems. This is a comprehensive offering that facilitates implementation of hardware token based licensing as well as software based licensing for software products like accounting package, hardware products like EPBX, and SaaS services like CRM.
What is SafeNet’s future road map?

Besides the SaaS solutions we shall be looking at the impact of Cloud Computing on the deployment of Software and how it may impact the need for Software Rights Management technology.