Welcome to the 3rd generation in user authentication
- 1. SMS PASSCODE
3rd generation user authentication
Christian Larsen
Regional Manager, International
VirtualizationForum 2014
- 2. Why Stronger Authentication?
Simply because passwords are weak!
» Hackers preferred weapon 76% of network intrusions
exploited weak or stolen credentials (passwords)*
» You might already be a victim 66% of breaches took months or
years to discover*
» The small organizations cannot hide 31%of all targeted
attacks were aimed at businesses with less than 250
employees**
» The threat is only getting bigger - Cybercrime is the fastest
growing crime type in the world and targeted attacks grew by
62% from 2013 to 2014***
* Verizon Data Breach Investigations Report 2013
** Internet Security Threat Report 2013 (published by Symantec)
*** Internet Security Threat Report 2014 (published by Symantec)
Adaptive User Authentication 2
- 3. Why Stronger Authentication?
» We are already patching up, scanning and testing etc.
» Companies often put a great effort into updating,
patching, vulnerability testing etc.,
» but this way you only seal the windows, close the shutters
and the cat’s door…
» and if the wrong guy has a valid set of credentials, and
you do not have MFA, he walks in through the main
entrance…
» even without anyone discovering it! – So you might be
attacked without knowing!
Adaptive User Authentication 3
- 4. Stronger Authentication in 2014
» Today a password is not enough to ensure your
online identity, because it can be compromised in
many ways (key logged phished, bought, guessed
etc.)
» Therefore the providers of online services like
banking, e-mail, gaming, social media etc. now all
force or allow you to step up authentication
» And since almost everybody has a mobile phone,
the providers use SMS/Text for validation
» A user-friendly way of enabling Multi-Factor
Authentication on a global scale
Adaptive User Authentication 4
- 5. SMS PASSCODE
We are a technology leader in adaptive multi-factor authentication software.
We ensure employees can easily and safely access corporate networks and applications
remotely.
We provide IT/security managers with a cost-effective and easy-to-maintain offering that
secures remote access systems, including Microsoft, Citrix, Cisco and Juniper.
Adaptive User Authentication 5
- 6. The Evolution of Authentication
Technology
1st Generation 2nd Generation 3rd Generation
80-90’s
Hardware Tokens
+ Introduction of two-factor auth.
÷ High cost on tokens
÷ Distribution & administration cost
÷ An extra thing to carry
00’s
Mobile based solutions
+ Real-time multi-factor auth.
+ No hardware distribution
÷ Deployment of soft tokens / apps
÷ Regional SMS delivery challenges
Now
Adaptive User Authentication
+ Contextual intelligence layer
+ Policy-based trusted IPs
+ Multiple OTP options
+ Location aware dispatching
Our Heritage:
• Always been based on SMS, Always been real-time, Always been session based, No client software
Adaptive User Authentication 6
- 7. Two-factor vs. Multi-factor Authentication
» Two-factor Authentication (2FA) is merely
» Something you Know
» Something you Have (Token, Card, Finger, Phone etc.)
» Multi-Factor Authentication (MFA) simply adds more factors
» Your Connection (unique session identification)
» Your Location (Geographically)
» The Role/Rights you have (Group member i.e. consultant, employee)
» A valid Gateway/Point of entry
» Time of day (doors are open only between i.e. 8am and 10pm) etc.
Basic security:
Protects against 90’ies threats (key
loggers, guessed/ cracked/ bought/
borrowed passwords etc.) Plus - users
feel that their identity is protected.
Higher security:
Protection against also more modern
threats like Advanced malware, Session
hijacking, Phishing, Pharming, Man-in-the-
middle attacks etc.
New flexibility:
Access may now be controlled based on
i.e. Countries, IP-ranges, “Trusted
locations”, Time frames, Roles, Groups
and other factors.
Adaptive User Authentication 7
- 10. Why SMS PASSCODE
What makes SMS PASSCODE unique?
Makes Security Hassle-Free and
Painless for the User
Easy for IT to Implement,
Manage and Scale
Prevents Security Breaches with
Contextual Intelligence
Reduces Costs and
Improves ROI
Superior
User
Experience
Adaptive User Authentication 10
- 11. Flexible OTP Delivery
» Broad range of OTP delivery options
» Automatic failover
» Location Aware Dispatching
» OATH token support – allows use of both hardware- and App tokens
» Simultaneous use is possible
Adaptive User Authentication 11
- 14. In Good Hands
217
customers
in 21 countries were asked
Customer Satisfaction 2014
1%
40%
59%
0% 20% 40% 60% 80%
HIGHLY SATISFIED
SATISFIED
LESS SATISFIED
Likelyhood to recommend
SMS PASSCODE
5%
1%
38%
56%
0% 20% 40% 60%
VERY LIKELY
LIKELY
DON'T KNOW
UNLIKELY
“This project has been highly successful. Not
only have we realized substantial cost savings,
the users have also been very happy about the
change”
John Gudmann, Post Nord
“SMS PASSCODE is a great hassle-free product
and does exactly what we need it to”
John Owen, IT Manager, Day Group
“We have now regained control of the
authentication process. We know exactly who
receives access codes, when they use them to
log in, and from where”
Peter Warnier, CIO, DEME
Adaptive User Authentication 14
- 15. FREE 30 DAY TRIAL
www.smspasscode.com/free-trial
Adaptive User Authentication 15