LEE, MA--(Marketwire - Oct 31, 2012) - Wave Systems (NASDAQ: [ WAVX ]) announced capabilities in its newest version of EMBASSY Remote Administration Server (ERAS) that empowers IT to roll out virtual smartcards for added protection against credential theft -- without the provisioning challenges, costs and support associated with physical smartcards.

Microsoft is emphasizing the role of virtual smartcards in its recently released Windows 8 operating system, as one of the key pillars of modern access control. Wave is delivering modern access control today on Windows 7, enabling the use of both machine and user ID using hardware-protected certificates through the Trusted Platform Module (TPM).

Virtual smartcards are similar to physical smartcards, but instead of requiring the purchase of additional hardware, they utilize technology that users already own. They feature the same properties, including non-exportability (ensuring information on the card cannot be extracted from the device), isolated cryptography (cryptographic operations cannot be extracted) and anti-hammering (to prevent brute force attacks). The primary difference lies in the fact that private keys are protected using the TPM of the PC instead of smart card media. Private keys are protected not by the isolation of physical memory, but rather by the physical isolation and cryptographic capabilities of the TPM.

"There are compelling reasons why organizations should give serious thought to upgrading to virtual smartcards, rather than tokens or physical smartcards, to address their modern access control requirements," said Steven Sprague, CEO for Wave Systems. "These older forms of user authentication come with significant acquisition and replacement costs, plus additional hardware such as card readers. Virtual smartcards can be enabled on any machine running Windows 7 today -- without procurement expenses."

Implementing virtual smartcards means employees never have to type domain credentials into their device, effectively providing two layers of protection against credential stealing attacks.

• Depending on policy, user name and password may never need to be used -- so it's virtually impossible to steal them.
• It's much more difficult to target user name and password as a means of attack, as they would only be one authentication factor.

Making Device ID the Cornerstone of Enterprise Network Security
Virtual smartcards provide added security by identifying both the user and the device. The user's possession of his or her PC serves as the equivalent of holding the smartcard, because the smartcard is "loaded by default."

"The organization that employs virtual smartcards has taken the very important step of managing device identity -- a fundamental shift in network security. It puts the focus on the identity of the device and out of the hands of the user. Tomorrow's network starts with device ID."

About Wave Systems
Wave Systems Corp. (NASDAQ: [ WAVX ]) reduces the complexity, cost and uncertainty of data protection by starting inside the device. Unlike other vendors who try to secure information by adding layers of software for security, Wave leverages the security capabilities built directly into endpoint computing platforms themselves. Wave has been a foremost expert on this growing trend, leading the way with first-to-market solutions and helping shape standards through its work as a board member for the Trusted Computing Group.

Safe Harbor for Forward-Looking Statements
This press release may contain forward-looking information within the meaning of the Private Securities Litigation Reform Act of 1995 and Section 21E of the Securities Exchange Act of 1934, as amended (the Exchange Act), including all statements that are not statements of historical fact regarding the intent, belief or current expectations of the company, its directors or its officers with respect to, among other things: (i) the company's financing plans; (ii) trends affecting the company's financial condition or results of operations; (iii) the company's growth strategy and operating strategy; and (iv) the declaration and payment of dividends. The words "may," "would," "will," "expect," "estimate," "anticipate," "believe," "intend" and similar expressions and variations thereof are intended to identify forward-looking statements. Investors are cautioned that any such forward-looking statements are not guarantees of future performance and involve risks and uncertainties, many of which are beyond the company's ability to control, and that actual results may differ materially from those projected in the forward-looking statements as a result of various factors. Wave assumes no duty to and does not undertake to update forward-looking statements.

All brands are the property of their respective owners.