Intuitive and Secure, Image-Based Authentication

Company Confidential Information

Poor Authentication on the Web

• Passwords are poor security:

• People have too many to remember, choose weak passwords, use the same password on multiple sites

• Vulnerable to key loggers, brute force attacks, dictionary attacks, etc.

Website security is the most vulnerable area of IT security

• 96% of all breached records were accessed from outside, often by using stolen login credentials or keyloggers that capture passwords

• Challenge Questions are poor security

• Tokens, Smart Cards, Biometrics are expensive, not practical for public-facing websites

• Login credentials leaked from one site are used to access other sites

How to Balance Security & UsabilityThe need for strong security that is easy-to-use

• Businesses sacrifice security in an effort to create a “frictionless” experience for online customers.

• This leads to online fraud and identity theft ($221 Billion in fraud last year alone!), data breaches and other security compromises.

• Businesses struggle to enforce strong authentication without burdening customers.

These issues are compounding as people do more online interactions using mobile devices.

Company Confidential Information

Company Confidential Information

Image-Based Authentication

Confident ImageShield™ Image-based authentication that creates a one-time password

1. The first time a user enrolls, they select a few categories to remember

2. When authentication is needed, they are presented with a grid of random images

3. They identify the images that fit their secret categories and enter the corresponding letters as their one-time password or PIN

The pictures, their locations and the letters are different every time – creating a unique authentication code each time.

Two Factor, Mobile AuthenticationConfident Multifactor Authentication™

1. A one-time password (OTP) is encrypted within an ImageShield.

2. ImageShield is displayed on the user’s mobile device, they identify the pictures that fit their secret categories – thus reassembling the OTP

3. Reassembled OTP is submitted to be verified

4. Only if the user identified the correct images will they have the correct OTP

5. Web page proceeds automatically if authentication is correct – the entire process remains out-of-band from the web session

Company Confidential Information

Two Factor, Mobile Authentication

Company Confidential Information

Confident Multifactor Authentication™

Generates a one-time password, hidden from view

User applies a “shared secret” on the second factor

A multilayered, multifactor solution

Only the legitimate user is able to use the second factor

Secure against Zeus-in-the-mobile, SMS-forwarding and keylogging attacks

Secure if someone else has possession of your mobile device (loss or theft)

Entirely out-of-band

Company Confidential Information

Two-Factor Authentication

Application on the Smartphone

1. Push technology triggers an app on the phone to display the ImageShield

2. User taps the images that fit their secret categories

3. Authentication remains entirely out-of-band

Company Confidential Information

Two-Factor Authentication

Zero-Footprint Deployment

1. An SMS message is sent to the user’s phone

2. The ImageShield is opened in the mobile browser

3. The user taps the pictures that fit their secret categories

4. The authentication is confirmed. The entire process remains out-of-band.

Confident KillSwitchTM

In addition to choosing their secret categories for authentication, the user chooses one or more “No Pass” categories

Captures behavioral biometrics, IP address, geographic information, actionable data so business can take immediate proactive measures against the attacker, lock the account, send alerts and more

X

Positively identifies hackers in the act of trying to break into an account

Can alert the business to a wide-scale, brute-force attack on the business in real-time

X

Intuitive and Secure, Image-Based Authentication

www.ConfidentTechnologies.com

Try the Live Demos at: www.ConfidentTechnologies.com/demos

Watch Our Videos at www.Youtube.com/ConfidentTech

Thank You!