While much progress has been made in efforts to ease the way in which information is accessed and shared, a lot has been done by people to undermine the safety of these convenient transactions. Most existing systems rely on users’ knowledge of their passwords to authenticate them and grant them access.A point has been passed where access to certain key information, such as banking information, can no longer be safely secured by the use of something you know alone – in this case a password.
In response to this situation, Seamfix has designed VIO, to provide an extra layer of protection to systems. VIO is 2-way, 2-factor authentication system that converts mobile phones, PDAs or computers into token generators. VIO replaces hardware token one time password generators with mobile and desktop applications.
In this way in addition to requiring something users know, Seamfix is empowering you with a means to demand that they have something as well before they can authenticate – in this case a device e.g. phone, that can also function as a one-time-password (OTP) generator. In addition to letting you confirm that the user attempting to log onto the system is who they claim to be, it also allows users confirm that they are logging onto the right system, thus protecting them from phishing attacks.
How this works is that with VIO, users of a system may attempt to log on as usual with their username and password combination, at which point they will be prompted they will be presented with a PIN and asked to enter one. At this point they run VIO on their device, two PINs are generated – one that should match the one displayed to them and one which they are to enter, allowing them to authenticate the system and to in return authenticate themselves.
VIO provides protection against:
• Key logging.
• Phishing.
• Pharming.
• Spoofing.
• Man-in-the-middle attacks.
• Man in the browser attacks
|
