Multi-Factor Authentication (2FA) is using a combination of multiple different "factors" to gain access to or authenticate online banking: something you know, such as a password or PIN, and something you have, such as a SolidPass loaded mobile phone, along with other factors such as who you are, where you are, or what you are sending.
Using multiple factors as opposed to one factor delivers a higher level of authentication assurance and security.
SolidPass supports a variety of authentication methods enabling true multi-factor authentication. SolidPass can go beyond traditional hard-token OTP protection. SolidPass helps organizations and entities to realize stronger authentication than a static username and password by providing two-factor authentication. The SolidPass security token is engineered to dynamically generate a one-time password (OTP). Potential uses of SolidPass include securing access to enterprise applications and vpn connections. The security token can also be used to authenticate users and sign transactions. This is especially useful for online banking and mobile banking security, where SolidPass can be embedded in a mobile banking application for seamless authentication.
SolidPass supports the following strong authentication methods:
- Event-based One-Time Password (OTP)
- Time-based One-Time Password (OTP)
- PIN control mandatory/optional
- Security Question
- Transaction Data Signing (TDS)
- Mutual Authentication
SolidPass can be used to prevent the following attacks:
- DNS Cache Poisoning
- Browser Poisoning
Mobile Token Convenience
The key advantage of the mobile token is that there are no new devices or wallet-fillers for customers – just an add-on to the device they already carry everywhere. Since customers already own the “hardware” (the mobile phone), SolidPass can be provided and managed at a fraction of the true cost of a hardware token solution. Thanks to its flexible framework, the application can also be updated to guard against new security threats.
SolidPass works on a number of different mobile platforms. The supported mobile platforms include:
- Java ME (J2ME)
- Windows Mobile
Desktop Soft Token
SolidPass also supports desktop-based software tokens as well. The Desktop Operating Systems and Browsers supported are:
- Toolbar Token
- Java Token
- Linux Token
- Mac Token
- Windows Token
Software Token Embedded
SolidPass is a software token built such that it can be used as a standalone product or embedded in mobile applications such as mobile banking.
Thus strong authentication can be built into standalone applications.
Regulatory requirements are pressuring organizations to adopt stronger authentication methods and to secure access to data systems and applications. Static username/password identity management no longer provide enough security to authenticate users accurately. This has led to adopting two-factor authentication systems. Legislation from the Sarbanes-Oxley Act (SOX), guidelines from the Federal Financial Institutions Examination Council (FFIEC), and recommendations from the Health Insurance Portability and Accountability Act (HIPAA) all require that organizations use stronger forms of authentication to mitigate data theft, prevent fraud, protect customer information and patient privacy. SolidPass helps organizations and enterprises comply with regulatory regimes that cover authorization rules and auditing protocols.
In addition to non-compliance, organizations that continue to use static username/passwords face numerous problems ranging from brute force attacks, dictionary attacks, guessing and social engineering.
Custom Branded Security Tokens for Financial Institutions and Enterprises
Custom branding is an available option for SolidPass security tokens. This is especially useful for Banks and large corporations.
Industries and verticals that the SolidPass multi-factor security token is appropriate for:
- Public Sector
- Homeland Security
- Professional Services
- Corporate Security
- Cloud Computing Security
Solutions that the multi-factor SolidPass token is appropriate for include:
- Online Banking Security
- Mobile Banking Security
- E-Commerce Security
- VPN Access Security
- Network Access Security
- Identity Management
- Embedded Token
- Mobile Authentication
- Software-as-a-Service (SaaS)