Upload
confident-technologies
View
887
Download
4
Embed Size (px)
DESCRIPTION
Confident Technologies provide out-of-band, multifactor authentication using a highly secure and easy-to-use, image-based approach. Learn more at www.confidenttechnologies.com
Citation preview
Intuitive and Secure, Image-Based Authentication
Company Confidential Information
Poor Authentication on the Web
• Passwords are poor security:
• People have too many to remember, choose weak passwords, use the same password on multiple sites
• Vulnerable to key loggers, brute force attacks, dictionary attacks, etc.
Website security is the most vulnerable area of IT security
• 96% of all breached records were accessed from outside, often by using stolen login credentials or keyloggers that capture passwords
• Challenge Questions are poor security
• Tokens, Smart Cards, Biometrics are expensive, not practical for public-facing websites
• Login credentials leaked from one site are used to access other sites
How to Balance Security & UsabilityThe need for strong security that is easy-to-use
• Businesses sacrifice security in an effort to create a “frictionless” experience for online customers.
• This leads to online fraud and identity theft ($221 Billion in fraud last year alone!), data breaches and other security compromises.
• Businesses struggle to enforce strong authentication without burdening customers.
These issues are compounding as people do more online interactions using mobile devices.
Company Confidential Information
Company Confidential Information
Image-Based Authentication
Confident ImageShield™ Image-based authentication that creates a one-time password
1. The first time a user enrolls, they select a few categories to remember
2. When authentication is needed, they are presented with a grid of random images
3. They identify the images that fit their secret categories and enter the corresponding letters as their one-time password or PIN
The pictures, their locations and the letters are different every time – creating a unique authentication code each time.
Two Factor, Mobile AuthenticationConfident Multifactor Authentication™
1. A one-time password (OTP) is encrypted within an ImageShield.
2. ImageShield is displayed on the user’s mobile device, they identify the pictures that fit their secret categories – thus reassembling the OTP
3. Reassembled OTP is submitted to be verified
4. Only if the user identified the correct images will they have the correct OTP
5. Web page proceeds automatically if authentication is correct – the entire process remains out-of-band from the web session
Company Confidential Information
Two Factor, Mobile Authentication
Company Confidential Information
Confident Multifactor Authentication™
Generates a one-time password, hidden from view
User applies a “shared secret” on the second factor
A multilayered, multifactor solution
Only the legitimate user is able to use the second factor
Secure against Zeus-in-the-mobile, SMS-forwarding and keylogging attacks
Secure if someone else has possession of your mobile device (loss or theft)
Entirely out-of-band
Company Confidential Information
Two-Factor Authentication
Application on the Smartphone
1. Push technology triggers an app on the phone to display the ImageShield
2. User taps the images that fit their secret categories
3. Authentication remains entirely out-of-band
Company Confidential Information
Two-Factor Authentication
Zero-Footprint Deployment
1. An SMS message is sent to the user’s phone
2. The ImageShield is opened in the mobile browser
3. The user taps the pictures that fit their secret categories
4. The authentication is confirmed. The entire process remains out-of-band.
Confident KillSwitchTM
In addition to choosing their secret categories for authentication, the user chooses one or more “No Pass” categories
Captures behavioral biometrics, IP address, geographic information, actionable data so business can take immediate proactive measures against the attacker, lock the account, send alerts and more
X
Positively identifies hackers in the act of trying to break into an account
Can alert the business to a wide-scale, brute-force attack on the business in real-time
X
Intuitive and Secure, Image-Based Authentication
www.ConfidentTechnologies.com
Try the Live Demos at: www.ConfidentTechnologies.com/demos
Watch Our Videos at www.Youtube.com/ConfidentTech
Thank You!