The era of static user authentication is over for application service providers offering online access to sensitive content. Yet, most banks or government institutions are struggling to find strong authentication methods that are user-friendly, secure and cost effective. The ease of deployment is also a key factor for successful large-scale deployments.
Since smart phones are now so widely deployed and highly cherished by consumers, their ever-greater ubiquity and ease of use provide an obvious channel for delivering two-factor authentication (2FA).
The Cryptomathic Mobile AuthApp is a versatile mobile 2FA security suite that offers a range of user-friendly one-time-password (OTP) smart phone applications that generate dynamic passcodes on a range of standard and popular devices including those running with Backberry, Google Android and Apple iOS platforms.
As the most flexible mobile OTP solution, Mobile AuthApp is based upon open standards such as OATH event-based (HOTP), OATH time-based (TOTP) and challenge response (OCRA) algorthims, as well as modes inspired by the MasterCard CAP / VISA DPA schemes.
The wide range of available algorithms provides protection against the majority of online attacks, and enables the applications to be customised to meet your exact authentication needs with no impact on existing token functionality or costs. Available features include:
- different registration workflows
- PIN / password enablement
- custom branding
- time or event based OTPs
- challenge response OTPs
- data transaction signing
Integration and Deployment
The applications are fully integrated with the Cryptomathic Authenticator and Signer solutions, offering best-in-class technology for 2-factor authentication and digital signatures. The independent and extremely flexible design of all Cryptomathic products also enables Mobile AuthApp to be seamlessly deployed with third party systems and platforms.
Mobile AuthApp offers organisations the easiest and most cost-effective method of deploying authentication tokens, by simply uploading their custom branded applications to a relevant application server / store where the end-users can download and register for use within seconds. Once the registration process is complete, the Mobile AuthApp does not require any data connection to generate the dynamic passcodes.