USE THE MOBILE AS A TOKEN
Multi-factor Authentication adds confidence to the login process by using several factors to validate the user's identity upon login. SMS PASSCODE authenticates users by sending a real-time session-specific One-Time Passcode (OTP) to the user's mobile phone via SMS, app, voice call or email. Once the OTP has been validated, the user is given access. The solution looks at several factors for each login. These factors include e.g.session ID, network IP and geo location, number of successful logins, type of system that is accessed, time of login, and device used. All of these factors add context that helps determine the level of trust and whether the user needs to be approved or blocked. SMS PASSCODE also offers self-service for the users.
SMS PASSCODE has been recognized as a leading technology in a new generation of multi-factor authentication in record time, where the user's mobile phone is used for strong user validation. It has a number of security benefits. SMS PASSCODE®, unlike the old-fashioned token solutions, sets an effective stop for Phishing and Pharming attacks, and the system automatically detects potential Brute Force and Denial of Service attacks.
The solution is challenge-based, which means that the passive passcode will only be sent to the user after the username and password are validated. The code is also session specific and therefore cannot be misused. The solution is easy to implement, but meets all requirements for an enterprise IT environment. Security and scaling are continuous, and the solution offers fail over, load balancing, and encryption between all components.
How does SMS PASSCODE® Work?
The solution works by providing the user with username and password at the login site. Then, SMS PASSCODE® validates if the user is created, after which the user password validates (typically in Active Directory). Only if this is correct, a passcode (one-time code) is generated and sent to the user's mobile phone. Thus the solution is challenge-based.
The user then enters the received passcode within 2 minutes (the code's lifetime can be configured). The submitted passcode can only be used from the browser session / VPN client from which is is requested - i.e. session specific. It the passcode and session ID are correct, the user is permitted to access.
Ease-of-Use - Integration - Support
- User self-service
- Radius VPN / SSL VPN support
- MS ISA Server & Websites
- Windows Logon, Remote Desktop & Terminal Services
- IIS Web Sites
- Transparent integration
- Low Total Cost of Ownership
- Plug and Play Installation
- Highly scalable and fault tolerant
C-cure advises on the right choice for your business. Contact us for further product information, meetings, offers etc.