Demo page
Technologies: Risk-dependent scalable,
out-of-band, strong authentication.
Out-of-band (OOB) authentication is widely accepted as the solution for Man-in-the-Middle (MITM) attack. OOB Authentication requires that separate information channels are used for authentication and access. Both SecurePortalAccess and Signature&Encryption utilize this approach. SecurePortalAccess utilizes OOB using proprietary VoiceShield PC client-server encrypted communication channel . For reference please go to Controlled Field-test by Standards Institute VoiceShield exceeds US NIST Level 4 open network e-authentication requirements. For discussion please go to NIST level 4 and beyond. SecurePortalAccess also utilizes OOB authentication using proprietary MobilVoice phone-to-IVR communication channel. Signature&Encryption utilizes OOB authentication using client-server encrypted communication channel .
|
|
The rationale for risk-dependent scalability for authentication is the need to balance security and user convenience. SentryCom uses the following scalability "ladder": 1. Two-factor authentication. 2. Two-factor "live" authentication. 3. Three-factor authentication.
|
|
1.Two-factor authentication
includes proprietary
combination of hardware/
software IDs and PIN. It is
most convenient for users,
but is susceptible to trojan
& key-logger attack and
should be used only for
low-risk cases.
2.Two-factor live authentication
resolves trojan & key-logger
vulnerability , but is less
convenient and should be
used for moderate-risk.
3.Three-factor authentication
is the most secure, but is
also least convinient and
should be used for high-risk.