Your SlideShare is downloading. ×
What is Two Factor Authentication
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

What is Two Factor Authentication

247

Published on

Two Factor Authentication implies the use of two independent means of evidence to assert an entity – “Something the user has”, “Something user knows”.

Two Factor Authentication implies the use of two independent means of evidence to assert an entity – “Something the user has”, “Something user knows”.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
247
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Concept Note – ArrayShield IDAS 2FAConcept Note – IDAS Two Factor Authentication What is Two Factor Authentication? Two Factor Authentication implies the use of two independent means of evidence to assert an entity – “Something the user has”, “Something user knows”. ArrayShield IDAS Two Factor Authentication Solution ArrayShield IDAS system provides a unique ArrayCard (Something user has) to each user and allows the user to select their pattern (something user only knows). Using these two factors of Authentication, user derives a dynamic password that changes for each transaction.Why Two Factor Authentication?Many organizations protect their infrastructure with a simple username and password. Enteringthis information grants access to organization’s sensitive data that is present in servers,databases, applications, email accounts, and other places. But it is widely acknowledged byInformation Security Experts that passwords are notoriously insecure. Many users choose weakpasswords which can be easily guessed or cracked. When password policies are enforced, usersend up noting down their passwords on Post-It notes, mobiles, email or on their laptops whichis serious security vulnerability. Phishing attacks trick users into revealing their passwords.Malicious viruses and spyware can capture passwords and send them over the network toattackers.All the above scenarios make it very difficult for organizations to protect their sensitive datafrom the hands of hackers and competitors. Organizations of all sizes from Fortune500 to SME,government have witnessed multiple hacking attacks recently that were caused by gainingknowledge of user’s password. The cause for concern is only magnified as the cost associatedwith a data breach has reached an estimate of $ 6.6 million. ArrayShield | info@arrayshield.com Page 1
  • 2. Concept Note – ArrayShield IDAS 2FAClearly passwords are not sufficient for protecting organization’s data: • Easy passwords can be cracked • Random passwords can’t be remembered • Same passwords are used at multiple places • Passwords that needs to be continuously changed are not user-friendlyAdditionally, government regulations such as Sarbanes-Oxley, PCI Data Security Standard, USData Breach Notification Laws and others have been put in place to protect access to corporatenetworks. Failure to meet requirements that call for the implementation of two-factorauthentication could result in regulatory fines and irreversible damage to a brand’s reputation.Security experts worldwide suggest the usage of a strong, two-factor authentication to protectorganizations assets. The same is also recommended by various compliances/certifications likePCI-DSS, HIPAA, SAS 70, ISO 27001 and others.How ArrayShield IDAS works?ArrayShield innovative two factor authentication system – IDAS provides a simple secure accessto enterprise applications. By using its innovative pattern based authentication it provides One-Time-Secret-Code for every login transaction without using any smart hardware. In IDAS everyuser is shown with a matrix on the login screen which is populated with random characters forevery transaction. User has to choose a pattern which is a sequence of cells in the matrix andshould register the same with the system prior accessing the ArrayShield IDAS Two-Factorsolution. A translucent card is provided to each user which has a similar structured matrix withtransparent and opaque cells and some random characters imprinted on the opaque cells. Eachcard is unique in terms of the position of the opaque cells and the characters imprinted onthem.At the time of accessing the application, user is shown with the randomly populated matrix as achallenge. The user overlaps the translucent card on the shown matrix and will key in thecharacters present in the chosen pattern in the same order. These characters form the One-Time-Secret-Code for the user for that transaction. The ArrayShield IDAS server verifies the usercredentials by comparing user’s registered pattern and the pattern values entered by the user.Access is given to the user if the user credentials are valid.ConclusionBy using ArrayShield IDAS Two-Factor authentication solution, organizations can enable secureaccess to their enterprise Applications. The solution will make organizations of all sizes andcomplexities protect from the malicious attacks happening on the enterprise applications. ArrayShield | info@arrayshield.com Page 2

×