Strong Authentication Services (Two Factor Authentication)
Unauthorized remote access to highly sensitive corporate, financial, and personnel information puts businesses at risk. Today’s hackers use a variety of sophisticated techniques to obtain or determine user names and passwords, thereby gaining access to otherwise secure systems. One of the best deterrents to user name and password theft is the use of one-time passwords (OTPs). These passwords are generated on a device in possession of an authorized user. Due to their short lifespan (typically 60 seconds or less), OTPs are immune to the replay attack methods used with static passwords. Moreover, the OTP authentication practice and process is significantly stronger than conventional user name and password authentication since they are based on secret key cryptography and are immune to phishing and brute force hacking methods.
Secure-IQ's CloudID focuses on software based OTP Tokens (Soft Tokens). Soft Token is available across all mobile platforms including Apple AppStore, Android Google Play, Blackberry AppWorld, Windows AppStore. Secure-IQ OTP Authentication is also available as Mobile Authentication through SMS OTP Tokens and email OTP Tokens.
CloudID Mobile Authentication Components
The backend core of the CloudID system is comprised of three software components: a Mobile Authentication Portal, a Mobile Authentication Application, and a Key Server Database which provides a Strong Authentication base These three applications can be hosted as a service in the cloud, installed on-premise as an appliance, or installed as software on customer supplied servers.
CloudID comes with a complete set of web-based tools that make user and OTP administration easy, convenient, and reliable. Each client Token Manager can be given access individual systems and applications. Usage rules governing time of day, end user, application, role, IP address, and country of origin are also configurable. Administrators may also runs reports that include geographic area, after-hours access, top users, accessed systems, and more.
With a framework and structure to build a Strong Authentication process with OTP Authentication using Mobile Authentication or Email Authentication, SecureIQ offers several methods of integrating the CloudID system with existing IT systems and applications. These customer applications are denoted in the diagram above as the “Secured Application”. Integration methods include:
Web Service API: XML data over SSL is exchanged between your application/system and the Strong Authentication Service using W3C defined SOAP standards.
RADIUS Server Interface: applications using RADIUS service clients can be configured to securely pass parameters for authentication directly to the Strong Authentication Service.
Servlet Request: basic Servlet requests using attribute names over HTTPS
More information on these options as well as custom software integration is available from our Professional Services group.
AD Request : Active Directory Authentication Using Secure-IQ's Seamless AD Integration Solution which provides 2FA services to AD/Exchange/RDP etc.