Why Use Two-Factor Authentication?

With the growth of online business comes the undesirable byproduct of identity fraud and cyber attacks. The common method of authentication using a static password to log in to user accounts has become increasingly vulnerable to sophisticated methods of phishing, malware, and other types of attacks. To protect these accounts, users are encouraged to have a password that is difficult to guess and to change it frequently, but this may create more problems than it solves with increased user support for forgotten passwords and the cost to go with it. For more sensitive user information, such as banking accounts, this one-factor security method is also just not secure enough to safeguard user privacy and their confidential data.

The government has now issued new standards of security to combat the explosive and enormous cost associated with compromised accounts. By 2012, companies collecting and managing sensitive data are required to be compliant with the new security measures imposed by government agencies, such as the FFIEC and HIPAA. Among those security measures is the requirement for two-factor authentication, also call strong authentication, for organizations who handle sensitive user data, such as financial and healthcare institutions. Failure to comply with these standards may result in heavy fines as well as the loss of consumer confidence.

 DynaPass Patented Two-Factor Solution

DynaPass offers a U.S. patented ( #6,993,658), two-factor authentication solution that is compliant with new government standards for online security. DynaPass combines what the user knows (one-factor: standard login credentials) with what the user has (the second factor: a mobile phone) for true two-factor authentication. DynaPass works by opening an account for a short time, at the user’s request, and sends a dynamic One-Time-Password (OTP) to the user's cell phone for out-of-band authentication. Nothing needs to be installed on the user’s computer, and the user needs only a mobile phone or other compatible device. DynaPass offers easy integration with existing operating systems for a quick and cost effective security solution to protect today's confidential data.

 How It Works

1. User logs on to corporate servers. Authentication begins.
2. Once server authenticates individual user and their password, a One Time Password (OTP) request is sent to DynaPass
3. DynaPass authenticates the request, then creates and send an OTP via SMS
4. User receives OTP over their mobile phone.
5. Corporate application prompts the user for a one time password generated by DynaPass. This OTP may be restricted based on access rights and can limit the duration of the session.
6. The user enters the one time password. The corporate server then verifies that the assigned OTP is valid and issued to the specific user and will enable the user to login

 Features & Benefits

• Creation and distribution of One-Time-Passwords (OTP)
• On-request distribution of OTP to mobile phones and other devices
• Automatic enabling and disabling of user accounts
• Secret individual part of password (prefix)
• Automatic registration of mobile phone
• Different length of passwords
• Automatic distribution of dynamic passwords can be set on day and time
• Templates for defined rules in DynaPass
• Event logs
• Supports fault-tolerance and load balancing
• Sends OTP (SMS or E-mail) through a phone connected to DynaPass
• Sends and receives SMS through SMS center