Multi Factor Authentication

alt

The evolution of Internet based services has led to wide-spread adoption of reusable passwords (passwords that are the same every time they are used), which is also the source of the identity fraud problem. Reusable passwords simply do not provide a sufficient level of security and can, in the worst case, provide a false sense of security.

Reusable passwords have many disadvantages, such as being open to phishing attacks, dictionary attacks and password caching. Static passwords are also dependent on the end users ability to remember them and follow complex password rules, often resulting in an exploding number of password-reset calls to the helpdesk. By deploying software-based authentication from PortWise, an organisation may empower their users with cost-efficient, secure and easy-to-use two-factor authentication. PortWise TruID offers a significantly reduced TCO compared to hardware security token solutions, with up to 40% cost savings.

PortWise Web Password
PortWise Web Password is a web-based token that runs in the user's standard web browser. It runs with ActiveX or Java and does not require any pre-configuration or client software on the user's device. PortWise Web Password is not tied to any specific hardware possession but adds significant security compared to static passwords as the scrambled online keyboard protects the password against trojans and keyloggers. To protect against replay attacks, an OTP is calculated by the web client and sent to the PortWise server for validation, instead of the user's password.

Portwise Web

PortWise Mobile Text
PortWise Mobile Text is a two-factor authentication mechanism that combines a static password with the possession of a physical device that the user already has, such as a Mobile Phone, PDA, pager or laptop. The user authenticates by entering its username and password, if the credentials are correct an OTP is generated and sent to the users device. The user finalises the authentication by entering the received OTP. PortWise Mobile Text can use a wide range of distribution channels to deliver OTPs.

PortWise Soft Token
PortWise Soft Token is a Java based client to be installed on a hardware device that the user already has, such as a cellphone, PC, pager or PDA. The user enters a pin code into the soft token to generate an OTP that is used to logon to the application or service. The soft token provides the same level of security as any token based solution, without the hassle of distributing and maintaining hardware tokens.

PortWise Soft Token

PortWise OATH
PortWise is a member of the Initiative for Open Authentication (OATH). OATH is a collaborative effort of IT industry leaders aimed at providing an architecture for universal strong authentication across all users and all devices over all networks. By using open standards, OATH offers more hardware choices, lower cost of ownership, and allow customers to replace existing disparate and proprietary security systems. With PortWise OATH, a customer can implement strong authentication using any OATH compliant hardware or software security token from any security vendor to implement strong user authentication. Also, prior investments in OATH infrastructure may be utilised and integrated with PortWise to further lower the total cost of ownership.