We Believe: The market will soon require:

Similar documents
LinQ2FA. Helping You. Network. Direct Communication. Stay Fraud Free!

Digital Identity Trends in Banking

Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

Addressing Credential Compromise & Account Takeovers: Bearersensitive. Girish Chiruvolu, Ph.D., CISSP, CISM, MBA ISACA NTX April 19

Authentication Technology for a Smart eid Infrastructure.

FIDO Alliance: Standards-based Solutions for Simpler, Strong Authentication

FIDO TECHNICAL OVERVIEW. All Rights Reserved FIDO Alliance Copyright 2018

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Software Defined Perimeter & PrecisionAccess. Secure. Simple.

Keep the Door Open for Users and Closed to Hackers

Whitepaper on AuthShield Two Factor Authentication with SAP

Multi-Factor Authentication Wireless (Wi-Fi) Authentication

SECURITY STORY WE NEVER SEE, TOUCH NOR HOLD YOUR DATA

Authlogics for Azure and Office 365

EXPERIENCE SIMPLER, STRONGER AUTHENTICATION

ITU-T SG 17 Q10/17. Trust Elevation Frameworks

CONVENIENCE & SECURITY ARE THE KEYS TO SUCCESS NOW - SUBJECT TO THE SMART AUTHENTICATION. Kelly Ng Co-Founder

TECHNICAL WHITE PAPER FIDO APPROACHES: NOK NOK LABS S3 SUITE VS BUILD YOUR OWN FIDO

How Next Generation Trusted Identities Can Help Transform Your Business

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

<Partner Name> <Partner Product> RSA SECURID ACCESS Implementation Guide. Pulse Connect Secure 8.x

Contents. Multi-Factor Authentication Overview. Available MFA Factors

SafeNet Authentication Service

Octopus Online Service Safety Guide

Security Strategy for Mobile ID GSMA Mobile Connect Summit

Jrsys Mobile Banking Solutions

More than just being signed-in or signed-out. Parul Jain, Architect,

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

Deliver Strong Mobile App Security and the Ultimate User Experience

Pulseway Security White Paper

CHECK POINT CLOUDGUARD SAAS SUPERIOR THREAT PREVENTION FOR SAAS APPLICATIONS

Hassle-free banking in the DIGITAL AGE through NEXT-GEN. Technologies W H I T E PA P E R

Breaking FIDO Yubico. Are Exploits in There?

SCM STAR Supplier Entitlement Change of login mechanism. Unrestricted Siemens AG 2018

WHITE PAPER 2019 AUTHENTICATOR WHITE PAPER

Google Identity Services for work

TECHNOLOGY LEADER IN GLOBAL REAL-TIME TWO-FACTOR AUTHENTICATION

Cyber security tips and self-assessment for business

Unique Phishing Attacks (2008 vs in thousands)

Deprecating the Password: A Progress Report. Dr. Michael B. Jones Identity Standards Architect, Microsoft May 17, 2018

Vulnerabilities in online banking applications

Echidna Concepts Guide

<Partner Name> <Partner Product> RSA SECURID ACCESS. Pulse Secure Connect Secure 8.3. Standard Agent Client Implementation Guide

How to Build a Culture of Security

Put Identity at the Heart of Security

Paystar Remittance Suite Tokenless Two-Factor Authentication

Secure Container DME. SecureContainer - DME is available for ios and Android.

SafeNet Authentication Service

FIDO & PSD2. Providing for a satisfactory customer journey. April, Copyright 2018 FIDO Alliance All Rights Reserved.

SafeNet Authentication Service

MAN-IN-THE-MACHINE: EXPLOIT ILL-SECURE COMMUNICATION INSIDE THE COMPUTER

Development of smart authentication and identification in Asia

The PKI Lie. The OWASP Foundation Attacking Certificate Based Authentication. OWASP & WASC AppSec 2007 Conference

Internet is Global. 120m. 300m 1.3bn Users. 160m. 300m. 289m

Mobile Devices prioritize User Experience

Ling Hsieh 謝姈諺 Deputy Sales Manager/ Marketing Department

Security Flaws of Cheng et al. s Biometric-based Remote User Authentication Scheme Using Quadratic Residues

Webomania Solutions Pvt. Ltd. 2017

Attacking Your Two-Factor Authentication (PS: Use Two-Factor Authentication)

Dissecting NIST Digital Identity Guidelines

Unlocking Office 365 without a password. How to Secure Access to Your Business Information in the Cloud without needing to remember another password.

Identity & Access Management

Authentication Methods

Wireless LAN Security (RM12/2002)

Protect Yourself Against VPN-Based Attacks: Five Do s and Don ts

Wayward Wi-Fi. How Rogue Hotspots Can Hijack Your Data and Put Your Mobile Devices at Risk

AS emas emudhra Authentication Solution

Client-Server Architecture PlusUltra beyond the Blockchain

Client-side Defenses for Context-Aware Phishing and Transaction Generator Spyware

KASPERSKY FRAUD PREVENTION FOR ENDPOINTS

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Azure Multi-Factor Authentication. Technical Note

Pro s and con s Why pins # s, passwords, smart cards and tokens fail

WHITE PAPER. ENSURING SECURITY WITH OPEN APIs. Scott Biesterveld, Lead Solution Architect Senthil Senthil, Development Manager IBS Open APIs

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

Technical Bulletin, November 2014

hidglobal.com HID ActivOne USER FRIENDLY STRONG AUTHENTICATION

Last mile authentication problem

Web Cash Fraud Prevention Best Practices

White Paper. The Impact of Payment Services Directive II (PSD2) on Authentication & Security

Security Specification

Yubico with Centrify for Mac - Deployment Guide

Transaction Security Challenges & Solutions

Architecture Assessment Case Study. Single Sign on Approach Document PROBLEM: Technology for a Changing World

SECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi

Comodo Authentication Solutions Overview

Centrify for Dropbox Deployment Guide

The CISO s Guide to Deploying True Password-less Security. by Bojan Simic and Ed Amoroso

SECURE OFFICE OF THE FUTURE

Integration Guide. SafeNet Authentication Service. SAS using RADIUS Protocol with WatchGuard XTMv. SafeNet Authentication Service: Integration Guide

Safelayer's Adaptive Authentication: Increased security through context information

Level 2 Cambridge Technical in IT

Practice Labs Ethical Hacker

SurePassID ServicePass User Guide. SurePassID Authentication Server 2017

M2M / IoT Security. Eurotech`s Everyware IoT Security Elements Overview. Robert Andres

SafeNet Authentication Service

Frequently Asked Questions (FAQ)

MAESON MAHERRY. 3 Factor Authentication and what it means to business. Date: 21/10/2013

Transcription:

DualAuth Our logo is a stylized expression of the Chinese philosophy of Yin and Yang, applied to the online authentication process. We bring serenity and safety by including the needs of both the user and the server while excluding those who would cause harm.

We Believe: The market will soon require: Authentication without Passwords Use of Mobile as Authentication device Bi-Directional Authentication of both the User and the Server

Parent Company Introduction www.estorm.co.kr 17 Years of Company History Specialized in professional enterprise S/W development and provided SI services to the Financial Market Provided Cloud Solution to the NHIS company Provided Cloud Solution to the KB card company Created an integrated Groupware Filing Planner, now used by more than 20 companies Developing OTP solutions since 2013 Multiple patents for Mutual Authentication technologies Uses Mobile as authentication device In use by Korea Telecom, Lush Korea, and Namusoft Implementation in process with major banks 3

Award Winning Product Family DualAuth is a Human-Oriented Multi-Factor Mutual Authentication Solution Major Achievements: - Selected as a presentation company for Finovate, Fall 2016 New York and Hong Kong - One of 5 Finalists among 63 applicants in the Innovation in Cyber Security/Anti-Fraud category at Fintech Innovation Awards 2016 in London - Delivered Fintech Authentication Platform Service to KISA (Korean Internet & Security Agency) Fintech Security & Authentication Support Center in 2016. - Received the Republic of Korea Internet Grand Awards in 2014. 4

Limitations of legacy authentication One-way authentication only lets the service verify the User - A user cannot confirm the service is not fraudulent, because he/she does not get any information from the server - A service cannot confirm the user is not fraudulent, even though the user provides valid credentials. (Because it is just one-way authentication) - User account information can be easily hijacked by a hacker through social engineering attack and is highly vulnerable to real-time Man-in-the-Middle (MITM) Attack Password SMS Verification Code OTP Fingerprint Fake Service User Intercepting ID/PW and other credentials Service Enter ID/PW Enter ID/PW Ask credentials Enter credentials Ask credentials Enter credentials User Fake Service/user Service 5 Provide Service

Changing the Concept of Authentication DualAuth Concepts are: - Mobile phone as authentication device - Mutual Authentication (Bi-Directional) between User and Service (UA & SA) - Multi-Factor, Multi-Channel, and User-Verifying Patented and Unique - We created Service Authentication to bring safety and serenity to the User - The Service first presents Service OTP to the user to show the service is valid - The user compares the Service OTP code with mobile-generated OTP code - There is no way of hijacking the Service OTP code because nothing but the metadata is sent thru the mobile network Verification By User Service Authentication by User User Service User Authentication by Service 6

Strong Security DualAuth is stronger than any other S/W based Authentication solution - App protected from forgery, replication, and hacking - Device Authentication (e.g. PIN or F/P) can be added for stronger user authentication. (FIDO) - The Service OTP code is generated separately by using the metadata in the mobile device - The Context for generating the User OTP is delivered securely via App Push - Seed is combination of variables including Private key, Time, Carrier IP, Push ID, and Session ID - Even if metadata is intercepted, the possibility of generating the valid OTP code is almost zero - DualAuth is the only solution for protecting the service from Real-Time MITM Attack - DualAuth can run on the TEE (TrustZone) to provide equivalent security to H/W OTP Hash value/ Fingerprint/PIN Mobile Carrier IP Address Service OTP Metadata Mobile Client DualLogin Private Key x Time x Carrier IP x Push ID x Session ID Encrypted User OTP Session ID Auth Server Private Key x Time Push ID 7

FIDO Integration Any User Authentication module can be used within DualAuth Web Browser (PC) Customer Service Web Server (Service) Push Server * Integrated RP-Client App/Browser +RP-Client Service Authentication using OTP User Authentication using FIDO OTP Server + RP Server * Integrated RP-Server FIDO Client (Mobile) ASM APIs UAF APIs UAF Protocol FIDO UAF Server Mgmt. Console ASM ASM FIDO Infrastructure Authenticato r (Fingerprint) Authenticato r (PIN) FIDO Metadata service Mobile 8

Product - DualLogin Alternative to User Password - User only types in his/her User ID (No passwords at all!) - User compares two OTP codes one from the service and another generated in the mobile - Once user approves the service OTP code, the next steps are done automatically in the background - No memorizing or typing is required - Just one-touch is enough for authentication - For higher security, device authentication such as fingerprint can be added - This easy and simple login can be integrated with SSO (Single Sign On) 9 DualLogin Demo: https://youtu.be/buruayg9dus

Product - DualCheck Alternative to SMS/ARS 2 nd verification - For the 2 nd step of verification, Service presents Service OTP code first - User verifies that the Service and User OTP codes are the same - DualCheck provides higher level of security than SMS/ARS methods - Memorizing or Typing the code is not required for the user - A single touch completes the authentication process - Device Authentication (e.g. PIN) is available and is also integrated with FIDO - Lower cost than SMS/ARS verification 10 DualCheck Demo: https://youtu.be/8hwa9a6mxpq

Product - DualOTP Alternative to H/W OTP (Dongle) - The Service OTP code is first presented to the user - User compares both OTP codes - on the mobile and in the web service - After the Service is verified, the User Authentication process occurs - The transaction-based, data-signed OTP mode prevents memory hacking attack. - Anti-hacking solution prevents use of duplicated phone. - Offline mode (Airplane Mode) can provide same security as a H/W dongle. 11 DualOTP Demo: https://youtu.be/9jx8ckkpj5e

Product Family Comparison and Summary Target Alternative to H/W OTP Alternative to SMS/ARM Verification Alternative to password Use Case Provides strong 2-step verification for login to the service or financial transaction. Can be used for the transaction-based OTP Provides easy login Good for VPN authentication Secure Data-Signed OTP Airplane-mode OTP One-Touch Authentication / Login No need to memorize or type codes. Features Context-based Service Authentication + User Authentication Mutual, Multi-Factor, Multi-Channel, User Verification Higher Security, Easier Use, Lower Cost 12

Let us help you win bids Easy integration with your preferred authentication technology Cloud or Radius Server based installation Flexible partnering or VAR arrangements Customer-specific exclusivity available 15

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback