View
903
Download
0
Category
Preview:
DESCRIPTION
Mobile Authentication and Two-Factor Authentication Using Images.
Citation preview
Intuitive and Secure, Image-Based Authentication
• Multifactor, image-based authentication that’s easy to use: o One-time passwordso Two-factor authenticationo Authentication for mobile apps, mobile websites & mobile payments
• Hundreds of websites and organizations rely on Confident Technologies:o10 customers in the financial services sector, including Charles Schwab Retirement Services
•Thousands of individual consumers use our online password manager for single sign-on and OpenID login
Who We AreImage-based authentication technology for websites,
web and mobile applications, and mobile devices.
Company Confidential Information
• 15 independent patent filings for image-based authentication, image-based password management, use of authentication images for advertising and more
The Problem with Mobile AuthenticationDifficult, Not Secure, Slow
• Typing usernames & passwords is too difficult on smartphones and tablets• Often requires switching among multiple soft keyboards
• 60% of smartphone owners say they wish there were a better way to authenticate for mobile apps
• Passwords and PINs are poor security: • Too many to remember, people choose weak ones, use the same one on multiple accounts and applications
• Vulnerable to key loggers
Company Confidential Information
How to Balance Security & Usability
• Businesses sacrifice security in an effort to create a “frictionless” experience
• This leads to fraud and identity theft ($221 Billion in fraud last year alone!)
• Businesses struggle to enforce strong authentication without burdening customers.
“Mobile Authentication Will Be More Revolutionary Than Mobile Commerce Transactions”
Company Confidential Information
• 84% of smartphone owners have struggled with mobile transactions
• 43% said a negative experience would cause them to abandon a mobile transactions
According to experts at the 2011 CTIA Wireless conference:
Company Confidential Information
Image-Based Authentication
Confident ImageShield™ Image-based authentication that creates a one-time password
1. The first time a user enrolls, they select a few categories to remember
2. When authentication is needed, they are presented with a grid of random images
3. They identify the images that fit their secret categories and enter the corresponding letters as their one-time password or PIN
The pictures, their locations and the letters are different every time – creating a unique authentication code each time.
Company Confidential Information
Image-Based Authentication
Confident Mobile Authentication Image-based authentication can be used to create one-time passwords and strong authentication for:
• Logging in to mobile apps and mobile websites
• Approving mobile payments or transactions
• Device lock/unlock
Easier on users
More secure (creates one-time passwords)
Faster & quicker on mobile devices than typing passwords
Two Factor, Mobile AuthenticationConfident Multifactor Authentication™
1. A one-time password (OTP) is encrypted within an ImageShield.
2. ImageShield is displayed on the user’s mobile device, they identify the pictures that fit their secret categories – thus reassembling the OTP
3. Reassembled OTP is submitted to be verified
4. Only if the user identified the correct images will they have the correct OTP
5. Web page proceeds automatically if authentication is correct – the entire process remains out-of-band from the web session
Company Confidential Information
Two Factor, Mobile Authentication
Company Confidential Information
Confident Multifactor Authentication™
Generates a one-time password, hidden from view
User applies a “shared secret” on the second factor
A multilayered, multifactor solution
Only the legitimate user is able to use the second factor
Secure against Zeus-in-the-mobile, SMS-forwarding and keylogging attacks
Secure if someone else has possession of your mobile device (loss or theft)
Entirely out-of-band
Confident KillSwitchTM
In addition to choosing their secret categories for authentication, the user chooses one or more “No Pass” categories
Captures behavioral biometrics, IP address, geographic information, actionable data so business can take immediate proactive measures against the attacker, lock the account, send alerts and more
Positively identifies hackers in the act of trying to break into an account
Can alert the business to a wide-scale, brute-force attack on the business in real-time
Intuitive and Secure, Image-Based Authentication
www.ConfidentTechnologies.com
Try the Live Demos at: www.ConfidentTechnologies.com/demos
Watch Our Videos at www.Youtube.com/ConfidentTech
Thank You!
Recommended