A Password is not Enough
The most commonly used technique for authenticating computer users is based on the verification of the user-id and its associated "static" password. This static password can be used multiple times until it is explicitly changed by the user. Not to mention the accidental leaking of the static password by its owner, individuals and organizations are facing the increasing risks in losing their password as the result of malicious acts of the intruders and hackers. This can be in the form of fake email ('phishing'), fake web sites and all kinds of active and passive hacking attacks. One of the commonly used hacking methods plants a "spyware" into the victim’s client device to steal identity secrets of the victims. Keystrokes and mouse movements can also be captured by the “spyware” without the user noticing it.
To improve the access security of computer systems and online services, two-factor authentication has become the norm. Under this two-factor authentication scheme, users are provided with two means for their identification. The first factor is referred to as “what you have”. It is typically issued in the form of a physical token to the user, for example: a card or a small electronic device. The other factor is referred to as “what you know”. It can be a unique ID and/or a static code that the user has to memorize.
AT.Pass is a two-factor authentication solution based on the use of one-time passwords that are generated on-demand using software tokens installed on the user’s tablets, smartphones or other mobile devices. Compared to the traditional hardware-based token solutions, AT.Pass greatly reduces the initial acquisition cost and the subsequent maintenance cost. Purchase cost and administrative cost for the issuance and re-issuance of hardware tokens can be eliminated
- Unique secret for each token generated from the authentication server
- API integrates with RADIUS and OpenID services. Web Service API's also available
- Combination of SHA-1, SHA-2 and proprietary algorithm for OTP generation
- Challenge mode authentication also available
- Configurable for active-active and load-balancing operation for maximum reliability