IM gets Caller ID feature from Presensoft

Security vendor Presensoft Monday unveiled a caller ID system for instant messaging that uses certificates to validate the identity of the users on either end of a connection over public IM networks.

The unique IM authentication system is targeted at bringing a measure of security and auditing to public IM networks that are used by many corporate users.

Presensoft IM Caller ID supports fully encrypted and authenticated IM sessions that the company says are secure enough for transferring credit card information, bank statements and other confidential data. IM sessions are logged and auditable. When retrieving IM sessions from an archive, users can pinpoint conversations between two parties based on the IDs embedded in the text, eliminating the need to comb through reams of raw text looking for particular conversations with undecipherable screen names.

“This Caller ID way of looking at things is something that is necessary because in today’s market to be 100% truly secure in who you are talking to over IM you almost have to keep it internal,” says Matt Anderson, an analyst with the Radicati Group.“I think this is a pretty unique solution and Presensoft has a reason to be excited.”

The company says Caller ID is about securing IM conversations and not about restricting which corporate users can have IM tools.

The system uses a proxy at the desktop, which requires the IM client to validate its certificates via Microsoft’s Active Directory certificate server before an IM session can take place. Once the user’s certificate is validated, Caller ID displays their name, company name and other relevant data within the text shown in the IM client.

Users of consumer IM clients download Presensoft’s IM Privacy Manager, which is a free utility much like Adobe Acrobat that can encrypt data and hold a certificate. When users get on IM, the Presensoft IM Caller ID application grabs the user’s certificate from Active Directory, passes it to the client and if it matches the certificate stored by the user then the session is secured. 

Companies deploying Caller ID use their own customer information stored in their directory to issue certificates to their external users.

The Caller ID system when paired with Presensoft’s IM Policy Manger provides encryption, logging, hygiene, auditing and authorization.

The system, however, does not require IM Policy Manager and is compatible with third-party management platforms, including software from FaceTime, Akonix and Symantec.

Caller ID uses Active Directory’s group membership information to support its policy engine and Microsoft’s SQL Server to store captured IM sessions and support logging, auditing and reporting features.

Users can run their own back-end infrastructure or subscribe to a hosted service from Presensoft.

“Because we are not a gateway we do not sit on the edge of the network so IM communication stays the same,” says David Pulaski, CEO of Presensoft. “We do not create a bottleneck.”

IM Caller ID supports MSN Messenger, AOL’s AIM, ICQ and Yahoo! Messenger.

Presensoft plans to support Microsoft’s Live Communications Server and the Communicator client before year-end.