‘My login details? Er, try the usual…they’re all the same anyway.’ 30 April 2013 –
We use telephony by allowing the Swivel Secure engine to use a voice channel to authenticate internet use.
This operates in the same way as the standard One-Time-Code (OTC) extraction process. Either a challenge is delivered to the user’s phone, with a response then being entered on the web page; or the challenge is delivered onscreen, with the response being entered on the phone. In both cases, the challenge can be PINsafe or PINless.
After entering their username and password details to start the authentication process to a VPN, Web or corporate application, the user receives a security string as a TURing image, embedded in the login page. They then receive an IVR (Interactive Voice Response) call to their registered phone number, requesting their One Time Code. The OTC is extracted from the security string using the Swivel protocol, and then entered using the phone’s keypad to complete the authentication of the session.
We also have a faster, pin-less option for use in low-risk environments, when a username and password are not strong enough. After the username and password have been entered in the login page, the user receives an IVR call requesting the user to press a specific key on the phone keypad to immediately authenticate the session.
A key, and unique feature, of our authentication platform is our patented one-time-code extraction protocol PINsafe. PINsafe combines the use of registered PINs with random 10 digit security strings that are sent to you either by browser, mobile app, SMS and telephone either on demand or in advance. You then combine these in your head to work out your unique one-time access codes, putting you at the heart of the strong multi-factor authentication process. Learn More