Security vendor VeriSign has unveiled its Open Authentication reference architecture (Oath), designed to help companies deploy strong authentication technology across different devices and networks.

Oath uses open standard protocols including Lightweight Directory Access Protocol and Remote Authentication Dial-In User Service, so that secure user and device credentials can be provisioned and verified by a wide variety of software and hardware products.

VeriSign said a more stringent level of security, combining user identity with a software or hardware 'token', is needed to fight hackers.

The company claimed traditional IT security approaches, where online identities are verified by static passwords, are becoming increasingly vulnerable to attacks.

"As we've seen with personal computers, networking and other advances, ubiquitous adoption of any technology requires a fundamental shift from proprietary to open architecture," said Stratton Sclavos, chairman and chief executive of VeriSign.

"The Oath architecture calls for a new, more versatile generation of physical tokens that can combine three authentication methods, including one-time password, public key infrastructure-based authentication and Sim-based authentication (for GSM and 3G networks)," the company said in a statement.

"Armed with such flexibility, the same device will be capable of securely authenticating an end user across multiple networks and applications with much greater flexibility and interoperability."