Two-Factor Authentication (2FA)
SecureMetric offers Open Authentication Technique (OATH) compliance dynamic password system, which consists of SecureOTP Authentication Server with SecureOTP series of hardware and mobile tokens. This solution can effectively address the weakness of User Name and Password with additional layer of security on the hand of the end users. So far, SecureMetric already implemented more than 20 2FA projects to banks and enterprises across Southeast Asia.
Two-Factor Authentication (2FA) requires identification before being able to access an account:
> Something they know – User Name + Password
> Something they have – Hardware Token or Mobile (Two-Factor Authentication)
Two-Factor Authentication (2FA) is widely recognized as the more secured software authentication method for authenticating access to data and applications.
SecureOTP Authentication Server playing the role as a powerful Two-factor authentication (2FA) backend and the console of the SecureOTP implementation. It serves as a dynamic password and transaction verification platform with mutual authentication mechanisms that can achieve the objective to verify the authenticity of the user application system and the identity of the logged in user.
SecureOTP Event offers strong hardware based dynamic password for one time use Two-Factor Authentication through Event synchronous One-Time-Password technique or Event based One-Time-Password. This hardware token is designed based on OATH standards and can be seamlessly integrated into any OATH compliance backend system. The user just need to press the button on the token and a set of password will be dynamically generated.
SecureOTP Time is another form of hardware based dynamic password system based on real time clocks reside inside the hardware token and the backend authentication server. Usually Time synchronous One-Time-Password technique is more secure than Event based One-Time-Password. This hardware token is designed based on OATH standards with built-in real time clock and can be seamlessly integrated into any OATH compliance backend system.
SecureOTP CR is built based on OATH Challenge Response Algorithms (OCRA) which enables a real-time Two-Factor Authentication that can effectively establish mutual authentication to be taken place. It will require the user to enter the given numbers from the application as Challenges, where the user needs to key in that Challenge and eventually key in the generated number as the Response, back to the application. SecureOTP CR can prevent common threat from Man-In-The-Middle Attacks.
The evolution of smart phone has significantly changed the landscape of how we deploy 2FA. Securemetric offers secure yet highly compatible mobile-based One-Time-Password module for customer; it can convert the end user’s smart phone to become a secured 2FA instantly. We offer customization with flexibility for customer to embed it into their mobile application, achieving 2FA without affecting great end user experience on using your mobile application.