CRYPTOCard Smart Card Supports VeriSign; CRYPTOCard's SC-1 Smart Card Provides Secure E-mail.

Business Editors/Hi-Tech Writers

KANATA, Ontario--(BUSINESS WIRE)--April 15, 2002

CRYPTOCard, (www.cryptocard.com) the innovative leader in Secure Password Technology, today announced that the CRYPTOCard Smart Card (SC-1) supports a VeriSign Digital ID.

Much like a

drivers license or a passport is used in face-to-face interactions, the SC-1, combined with a VeriSign Digital ID for Secure E-mail, enables a user to digitally sign an e-mail message using Microsoft Outlook Express, Microsoft Outlook, or Netscape Messenger to electronically prove their identity.

Additionally, as CRYPTOCard makes it simple for users to download VeriSign Digital IDs onto their SC-1, a user can separate their private key from their hard drive, thereby, preventing a hacker from gaining access to the private key via a stolen computer.

The SC-1 is also PIN protected to prevent unauthorized users from accessing and/or clearing the card of any stored tokens or Digital IDs.

Providing significant savings over RSA, the SC-1 is a hardware/software-combined unit that holds a software token that can positively authenticate a user to several applications and/or secure servers. The SC-1 makes it simple to positively authenticate the identity of all parties attempting to access information or services online, and enables a completely secure e-mail environment.

A user simply inserts the SC-1 into a CRYPTOCard Smart Card Reader to log on, and removes the card to log off - no smart card, no access. The user utilizes the same approach whether logging on locally to a Windows 2000 network, or remotely accessing the system via dialup, ISDN, or the Internet.

The SC-1's portability enables users to send and receive signed and/or encrypted e-mail (that authenticates the identity of sender and receiver, verifies message integrity, and ensures privacy of the message content and all attachments), or present their Digital ID to gain access to secured Web sites, without having to remember multiple passwords, from anywhere at anytime.

"The integration of VeriSign's Digital ID further underscores CRYPTOCard's commitment to make affordable, easy-to-use Secure Password Technology available to all organizations," commented Malcolm MacTaggart, President & CEO, CRYPTOCard. "If VeriSign provides a smart-card enabled service or product solution, it will work with CRYPTOCard smart cards."

Digital IDs, also known as digital certificates, bind an identity to a pair of electronic keys that can be used to encrypt and sign digital information. Issued by a certification authority, Digital IDs typically contain the user's name, a serial number, expiration dates, a copy of the certificate holder's public key (used for encrypting messages and digital signatures), and the digital signature of the certificate-issuing authority (to enable the recipient to verify that the certificate is real).

CRYPTOAdmin couples something in the user's possession (a smart card or token), with something the user knows (a PIN) to positively authenticate all users attempting network access.

The server generates an unpredictable one-time `Secure Password' that must match the one-time `Secure Password' generated by a specific user's smart card or token. As the `Secure Password' is only valid for the current logon attempt it is useless to hackers.

Providing centralized authentication with decentralized administration, regardless of network infrastructure or user location, the server supports hierarchical administration, replication/fail-over, and a wide range of operator definitions on a variety of server platforms including Windows NT/2000, Solaris, and Redhat Linux.

The CRYPTOCard Reader is ISO 7816-1/2/3 compliant, EMV and Microsoft PC/SC certified, and supports all major PC platforms. The SC-1 is ISO 7816, EMV 3.1.1, and Java Card 2.1 compliant. Its private key algorithms are DES and T-DES, and public key algorithms are RSA and SHA-1. The SC-1 can be labeled with a corporate logo or pertinent information, such as helpdesk numbers.

About CRYPTOCard

Established in 1989, CRYPTOCard provides cost-effective Secure Password Technology to leading enterprises worldwide in the government, technology, aerospace, financial, telecommunications, and healthcare sectors.

The CRYPTOCard system positively authenticates a network user's identity by coupling something in the user's possession (a smart card, hardware token, or software token), with something the user knows (a PIN).

CRYPTOCard's versatile two-factor authentication technology provides centralized authentication for all network access regardless of network infrastructure or user location, and eliminates the need for complicated passwords - greatly reducing Help-Desk costs associated with resetting.

Partners include Cisco, Microsoft, Check Point, Entrust, Oracle, and Sun Microsystems. For additional information on CRYPTOCard, visit www.cryptocard.com.

CRYPTOCard, CRYPTOAdmin, and the SC-1 CRYPTOCard Smart Card are trademarks of CRYPTOCard Corporation. Other products mentioned herein may be trademarks and/or registered trademarks of their respective owners.