Authentify unveils out-of-band authentication service
08 March, 2012
category: Corporate, Digital ID, Financial
Authentify introduced 2CHK – spoken as two check – an Out-of-Band authentication service for securing IT remote access and identities as well as online and mobile banking and ecommerce.
Here’s how it works. The end user activates an app on their smart phone or PC and links it their company login account or identity directory using voice or SMS-based out-of-band authentication.
Once this is done, the 2CHK app is “always on” and maintains a secure channel to Authentify’s authentication service. The enterprise or Web app provider can then use this second channel and the 2CHK app to securely login or let them confirm high-risk actions, such as creating a new system administrator account.
2CHK aims to compliment IT or online and mobile banking security by providing a separate app and out-of-band channel that, due to layers of encryption, the company claims it cannot be defeated by man-in-the-middle and man-in-the-browser attacks.
The app also aims to add convenience. Customers see transactions in the 2CHK app and can confirm or reject them. This contrasts with other Out-of-Band implementations that send a one-time password number using a phone call or text message, which the customer then re-enters separately in the login window, or online or mobile bank app.
Authentify is targeting online banking and ecommerce providers as well as enterprise IT security applications with 2CHK.
The 2CHK transaction authentication service is available and Authentify offers the service to customers for fixed annual subscription fees.