|
True
Multi-Factor and Mutual Authentication
Virtual Token™ authentication
is a patent-pending cryptographic multi-factor
authentication process that also employs
"Virtual Tokens™" for mathematic mutual
authentication. Virtual Token™ authentication is a true multi-factor
approach as defined by the FDIC
and the FFIEC.
Virtual Token™ authentication complies with section
8.3 of the PCI
Data Security Standard and it
satisfies U.S. "Level 3" multi-factor
authentication requirements as specified
in NIST
Special Publication 800-63. Virtual Token™ authentication
is the strongest multi-factor authentication
in the world using government-approved authentication
standards.
Virtual Token™ authentication
is extremely easy to deploy . There is no
hardware to purchase or ship, no software
or active-x objects to install, no javascripting
requirements, and no certificates to manage.
Virtual Token™ authentication is 100% cross-browser,
cross-device compatible. For its breakthrough
in cyber security, the U.S. government has
twice named Virtual Token™ authentication a semi-finalist for
both the Homeland
Security Award.
Virtual Token™ authentication
means REAL authentication. Virtual Token™ authentication
detects and authenticates "something
the user knows" (their login credentials)
AND "something the user has" (their
connected device). For the first time, organizations
can now reliably detect and authenticate
their user's internet-connected devices
safely, securely, and easily.
Industry
Recognition
Virtual Token™ authentication was
rated
#1 among competitive solutions
for ease of implementation and overall low-cost
of ownership and it has the lowest
support costs of any multi-factor
authentication product. It was awarded InfoWorld's
highest honor, the InfoWorld
100 Award
for the "best use of technology
to meet business goals" and the U.S.
government has twice named Virtual Token™ authentication a
semi-finalist for both the Homeland
Security Award for
"making a measurable and constructive
contribution related to basic and/or advanced
research in the area of homeland security
which will result in a significant and positive
benefit to society".
Strongest
Multi-Factor Authentication in the World
Virtual Token™ authentication
is significantly stronger than all other multi-factor
authentication approaches, including hardware
tokens
and it is significantly easier to
support than software certificates. Virtual Token™ authentication
authentication algorithms were developed
by the National Institute of Standards and
Technology (NIST) and the Information Technology
Laboratory (ITL) under the authority of
the U.S. Department of Commerce. These authentication
algorithms are now the current
U.S. standard for authentication
and are used to protect all sensitive U.S.
government data. There are no stronger
authentication methods in the world.
Unbreakable Mutual
Authentication
Traditionally,
mutual authentication was based on mathematics
and cryptographic processes that operated "without
user interaction". It has
only been recently, with the introduction
of weak "secret image" based systems,
that many organizations have begun to associate
mutual authentication with on-screen images.
While on-screen images are a form
of mutual authentication, they represent
the weakest form. Fraudsters can
(and do) replicate on-screen
images and other information with shocking ease.
They "provide little extra protection"
and "might actually detract from security
by giving users a false sense of confidence".
(Quoted from the New York Times article
on a recent MIT / Hardware University study of "site-authentication
images").
Virtual Token™ authentication does not
resort to weak images or pass-phrases.
Virtual Token™ authentication uses unbreakable mathematics
in a patented "Virtual Token™"
approach to mutual authentication. Users
do not register any images and they are
not required to verify anything on your
website. The Website is mathematically authenticated
to the user and the user’s device is mathematically
authenticated to the website "without
user interaction". Only the genuine
website can produce a valid Virtual Token™
number, which will only validate when entered
from the genuine user’s internet device.
It doesn't matter if fraudsters replicate
the website to try and solicit information
from the user. There is no amount of information
that a user can divulge to the fraudster
that will allow the fraudster to access
the user's account.
Man-in-the-Middle
& Malware Protection
Virtual Token™ authentication
is effective against ALL
forms of online fraud, including
phishing, pharming, malware, man-in-the-middle
attacks, vishing, hostile proxies, keylogging
trojans, altered transactions, and social
engineering techniques. Virtual Token™ authentication is also
the only MFA product that completely satisfies
all 4 dimensions of security (confidentiality,
data integrity, non-repudiation, and anti-replay).
Usable by 100% of your
Customers
Virtual Token™ authentication is usable by 100%
of your customers, regardless of their hardware
configuration, operating system, or choice
of browser. There is no additional hardware
to carry and no additional software to download.
Virtual Token™ authentication does not require your customers
to enable flash, java, or javascript, and
Virtual Token™ authentication even functions if your customers
turn their browser "cookies" off.
Virtual Token™ authentication authenticates customers who connect
from behind anonymous proxy servers, customers
who use dynamic IP dial-up internet providers,
and customers who login from mobile devices
such as Blackberries, iPhones, and web-enabled
cell phones. "If they can get
to your website... they can use Virtual Tokens™".
If
you would like additional information
about Virtual Token™ authentication, click here.
|
|
