Forget about passwords, hardware tokens, and SMS codes

Platform-independent two-factor authentication for sensitive business data

Dangers for your company due to the use of password-based logins belong to the past! Protect your logins with a user-friendly two-factor authentication which is based on strong Public Key Infrastructure

Plattform

faktor

Two-factor authentication / Multi-factor authentication

The two-factor authentication is used to verify the user´s identity. Two factors, which are independent of each other, are used (“Possession” and “Knowledge”)

One example is cash withdrawal at an ATM. The user identifies with the own credit card (Factor: Possession) and the entry of the PIN (Factor: Knowledge).

 

Show more

Biometric identifiers, like the scanning of fingerprint or retina, can also be used as independent factors (mulit-factor authentication). The strength of the biometric component is that it can be unmistakably assigned to the user.

Whereas the two-factor authentication often takes place with hardware token or smart card, a two-factor authentication with smartphone is nowadays also possible. The disadvantage of smart cards is that the process takes more time and causes more effort for the user and requires the presence of smart card and card reader. A smartphone, however, is usually always with the user.

Two-factor authentication (2FA) for the protection against phishing and brute force attacks

A secure login considers common threats (e.g. phishing, man-in-the-middle attacks, or malware). The main problem for the website provider, respectively the main incentive for the attackers, are passwords and, as a result, the problem that they can be intercepted during transmission or accidental entry on a bogus website. Even complete password lists can be stolen during a server intrusion.

 

Show more

The answer to these threats must be finally the elimination of passwords. Passwords are anyway more or less a burden for the user, as they must be frequently changed due to security reasons. Furthermore, they must be long and complex, which makes it difficult to remember them.

A modern and future-oriented authentication also considers the user behaviour. Smartphones have already captured the everyday life of many users. What would be therefore more obvious than introducing an authentication by smartphone without the use of passwords?

password

With SecSign ID two-factor authentication (2FA) you can operate an own identity and access control server as on-premise solution

This authentication procedure , respectively login procedure, relies on our Public Key Infrastructure (PKI). For this authentication type the actual user “identification” is outsourced and does not take place anymore on the system to which the user wants to log in.

One huge benefit of this is that the web service does no longer have to take care about the implementation of cryptographic procedures for the protection of secret access data for authentication.The service is connected with the SecSign ID server via completely implemented interfaces. The SecSign ID server then takes care of the user authentication and thus protects the user´s login and the server of the service.

 

With the ID server you cannot only provide your users with a secure login but also have a central control and defense instance for all your company logins.

With SecSign ID you receive a highly secure and convenient two-factor user authentication per smartphone on basis of a PKI (Public Key Infrastructure).

The used challenge response procedure is based on asymmetric encrpytion with 2048-bit key pairs.

More about SecSign ID

You want to learn more about SecSign ID or try out the convenient two-factor authentication?

Read more

Test it now

Questions?