Online and Digital Identification, Securing Web 2.0, PKI and Digital Certificates

Confident Technologies releases image-based mobile authentication

Monday, July 25, 2011

California-based Confident Technologies has released a new two-factor authentication platform for mobile phone out-of band authentication.

The patent-pending product called Confident Multifactor Authentication offers a smart phone-based secure image-based second factor in the authentication process that is not connected to or stored on the device.

When users register with Web sites or online services, the application asks them to choose different categories of everyday objects they can easily remember, such as types of plants and animals.

Anytime the user needs to authenticate a transaction, the application generates a grid of random categories, some of which are the user’s chosen images. The user then taps on their chosen categories, enabling the authentication.

Because the process authenticates via an application, the secure images aren’t accessible to identity thieves. The grid of authentication images also changes with each use, preventing the risk of shoulder-surfing or theft through keystroke logging malware. Requiring users to memorize the second-factor authentication rather than storing it on the devices means that losing a mobile device doesn’t create vulnerabilities in the user’s identity.

Confident Multifactor Authentication is currently being trialled. Organizations that wish to take part in the trial may contact Confident Technologies for more information. [end] 

Related Articles
CSC, Daon partner for banking multifactor authentication product

CSC has partnered with identity authentication technology and services provider Daon to produce a biometric multifactor authentication service for the banking industry. The product, called ConfidentID Mobile, provides in and out-of-band identity authentication for transactions in multiple channels, including online and mobile.

read more »
Thursby launches iOS two-factor authenticating smart card reader

Thursby Software Systems, Inc. has released the PKard Reader, a touch Web browser solution for the iOS that includes secure authentication to a personal smart card.

read more »
ValidSoft and Spindle partner for payments security

ValidSoft, a supplier of telecommunications-based fraud prevention, authentication and transaction verification products, announced its new partnership with Spindle Inc., a mobile commerce and alternative payment solutions provider to bring payments security products to U.S.-based customers.

read more »
BioID releases Web service

BioID GmbH released BioID Web Services, a cloud-based service enabling developers of Web, cloud and mobile applications to integrate biometric functionality into their applications with simple APIs.

read more »

Comments
Ric Hughey Permalink
July 26, 2011 12:44 PM

I suspect that we will see more and more cognitive authentication strategies emerge for several reasons:

  1. Alphanumeric PINs and Passwords are boring
  2. Most people (including me) are prone to jotting down alphanumeric passwords, and/or keeping them in a txt file on our local machine
  3. Smart phones make image viewing possible, so there is no longer a technology restriction as to using images for out-of-band 2FA (two factor authentication)

But if we look beyond the authentication/security of the client-side session transaction, the randomness of images and grid location helps ensure that the server-side authentication repository is relatively secure…even if hacked. If done properly, there should not be username/password lists available.

Ric Hughey

Reply
Comment on this article

Your full name and URL will be displayed with your comment.

Your email is not shown or shared, and is used only for your Gravatar image.




characters left.
Copyright © 2012, AVISIAN, Inc. All rights reserved.