Authentication with Vendor-Specific Attribute