Experian and Symantec’s two-factor credentialing solution selected by Centers for Medicare & Medicaid Services
Experian and Symantec continue to gain traction in the public sector

Costa Mesa, Calif. and Mountain View, Calif., March 23, 2012 — Experian® and Symantec Corp. (NASDAQ: SYMC) today announced that the two-factor credentialing solution jointly developed by the companies was selected by the Centers for Medicare & Medicaid Services (CMS) to provide Enterprise Remote Identity Proofing (ERIP) and Multi-Factor Authentication (MFA) Credential Services.  The Experian and Symantec solution will play a critical role in a $78 million contract that was awarded to Science Applications International Corporation (SAIC) delivering  an offering  that will support CMS in providing this enterprise service.

As part of CMS' multiple Federated identity proofing methods, the Experian and Symantec solution combines Experian’s identity proofing capabilities with the strong authentication capabilities of Symantec’s Validation and ID Protection (VIP) Service to address the key challenges that arise in identity proofing and authentication requirements of the CMS programs.

In order to ensure CMS alignment with the Federal Identity, Credential and Access Management (FICAM) roadmap, Experian and Symantec have initiated the assessment process through the Kantara Initiative, to be formally assessed for level 3 compliance with NIST SP 800-63-1. The joint offering aims to minimize the risk of fraud while leveraging a secure cloud services model, and enable access to CMS systems using multiple devices including secure mobile access technologies.

“Experian is thrilled that our solution was selected by CMS and believes it will add great value in helping to safeguard individual users’ identities and support  federal mandates and regulations.” said Scott Waldron, president of Experian’s Government Services. “Our innovative solution with Symantec continues to gain traction with government agencies and healthcare organizations, and this success is another milestone on our path to becoming the de facto standard in the public sector for identity proofing and authentication.”

The offering will utilize Experian’s Precise IDSM platform, risk-based identity proofing encompassing highly predictive risk assessments through a combination of identity element verification, authentication, risk scoring and progressive out-of-wallet questioning to refine decisions about which identities should be allowed to enter into the CMS system and which identities should be denied access or further verified via alternate processes.  

Symantec’s VIP service, the leading cloud-based authentication service, will enable CMS to provide secure online access and transactions to help obtain compliance and reduce fraud risk. A fully hosted strong authentication Security as a Service (SaaS) solution, VIP offers a cost-effective way to give legitimate users access to business resources, enterprise applications and websites while protecting against cybercriminals. VIP provides an additional layer of protection beyond standard username and password by requiring a dynamic one-time-use, six-digit security code generated by a user’s VIP credential.

“Symantec is very excited about the opportunity to work with the SAIC team to provide CMS with an advanced Symantec-Experian multi-factor authentication and identity proofing joint solution,” said Gigi Schumm, vice president and general manager of Symantec's Public Sector organization. “Our solution will provide strong authentication for all existing CMS systems. We are also evolving our solution to become an identity provider in support of CMS plans to accept externally issued identity credentials and the realization of the Administration’s National Strategy for Trusted Identities in Cyberspace.”

Michael Troncale
Experian Public Relations
1 714 830 5462

Cris Paden
Symantec Corp.

About Experian
Experian is the leading global information services company, providing data and analytical tools to clients in more than 80 countries. The company helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score and protect against identity theft.

Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended 31 March 2011 was $4.2 billion. Experian employs approximately 15,000 people in 41 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.

For more information, visit http://www.experianplc.com.

Experian and the Experian marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.

About Symantec
Symantec is a global leader in providing security, storage and systems management solutions to help consumers and organizations secure and manage their information-driven world. Our software and services protect against more risks at more points, more completely and efficiently, enabling confidence wherever information is used or stored. More information is available at www.symantec.com.

Note to Editors: If you would like additional information on Symantec Corporation and its products, please visit the Symantec News Room at http://www.symantec.com/news. All prices noted are in U.S. dollars and are valid only in the United States.

Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

Forward-looking Statements: Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.