When it comes to multi-factor authentication technology, software-based solutions are often considered inferior to smart cards, tokens and other types of hardware. SyferLock has been trying to dispel these misconceptions with a software based authentication platform based around the PIN.
The company has been providing it’s software based authentication technology since 2007 and announced integration with Ping Identity Technology, says Chris Cardell, CEO at SyferLock. The company’s GridGuard authentication solutions can be deployed with Ping Federate identity bridge software.
SyferLock has seen a lot of interest from enterprises that have deployed hardware-based authentication technologies, Cardell explain. “Many legacy deployments are based on hardware and in some cases it’s not practical and we’re seeing companies move to software-based solutions,” he adds.
Software-based authentication can be cheaper because hardware doesn’t have to be purchased and distributed. Enterprises only have to purchase the software licenses.
SyferLock’s technology is based on a grid and PIN system. When a user registers they enroll a PIN and a position. For example, the PIN can be 2490 and the position can be upper left hand corner.
When the individual goes to login to the system they enter their user name and then look at the grid. But instead of entering 2490, they enter the numbers that are in the upper right hand corner of the 2490 boxes, 3347 for the grid pictured. The grid also changes with each login so the PIN entered each time is different.
While the grid is used in a typical deployment, enterprises can add security but having a full QWERTY keyboard shown and have the user enter the PIN for a grid and then have a password that they translated into a code as well. A smart phone application is available as well.
Even if an individual loses the laptop or smart phone, a fraudster wouldn’t be able to access the system unless they had both the PIN and position, Cardell says.
SyferLock has been deployed in various markets but health care is picking up with more requirements for strong authentication because of HIPPA, Cardell says.