Telephony
This operates in the same way as the standard OTC extraction process. Either a challenge is delivered to the user’s phone, with a response then being entered on the web page; or the challenge is delivered onscreen, with the response being entered on the phone. In both cases, the challenge can be PINsafe or PINless.
After entering username and password details to start the authentication process to a VPN, Web or corporate application, the user receives a security string as a TURing image, embedded in the login page. They then receive an IVR (Interactive Voice Response) call to their registered phone number, requesting their One Time Code. The OTC is extracted from the security string using the Swivel protocol, and then entered using the phone’s keypad to complete the authentication of the session.
We also have a faster, pin-less option for use in low-risk environments, when a username and password are not strong enough. After the username and password have been entered in the login page, the user receives an IVR call requesting the user to press a specific key on the phone keypad to immediately authenticate the session.
Our authentication platform allows telephony access to a wide variety of applications including VPN, web, cloud and desktop.
