Multi Factor Authentication: Protecting digital assets & delivering a better customer experience
Enterprise biometric security – Eye recognition, Solus Connect & PINlock. Just like taking a Selfie and then entering an ATM pin.
Biometrics as part of your security strategy
Fingerprint, voice, facial scanning are all technologies becoming increasingly common place. Finding an accurate, secure and user friendly biometric solution that works for all your users is however challenging. As an added complication it can be difficult to make the connection to your authentication layer, most biometrics are device only with limitations on integration with your back office systems.
Solus uses Eyeprint ID, a patented software only biometric. Eyeprint ID uses an existing 1+ MP enabled smartphone or tablet device to image and pattern match the unique blood vessels in the whites of the eye. The user experience is akin to taking a selfie, is 99.99% accurate and extremely scalable. Eyeprint ID is the only biometric that protects your data with a high entropy encryption key – equivalent to a 50-character complex password.
An Eyeprint can never be lost, stolen or intercepted because it’s scrambled and encrypted locally – it never leaves your device. Eyeprint ID generates a stable high entropy key calculated at each login, and not stored on the device. Critically it also uses “liveness detection” for anti spoofing therefore it’s impossible to use a photograph or video to impersonate the user.
The Solus Platform
For decades organizations have faced the dilemma of balancing the security of their application with providing an acceptable user experience. Information breaches seem to be occurring on a monthly basis which is damaging to the organization in respect of reputation, lost revenue and can, in some cases, have regulatory impacts.
The Solus Platform provides single, (1FA) two factor (2FA) and multi-factor (MFA) authentication for users and enterprises. This authentication is typically based upon an individual’s ‘eye print’, a scrambled multi-digit PIN or both.
Users are able to use their existing iOS or Android device which means they no longer need to rely on a dongle, token, fingerprint or card reader.
Solus Connect provides the integration between devices such as Android or iOS smartphones and corporate back office systems. It can authenticate against typical third party providers such as Active Directory/LDAP or to a native application through the development of adaptors. Solus Connect can also be the primary authentication source in situations where third party authentication is not available or desirable.
Solus Connect provides a multi-tenanted service allowing more than one organisation to share the same instance. It can be hosted within a public cloud such as Microsoft Azure or in a corporate data centre creating a dedicated on-premise solution.
Solus Connect includes a simple workflow system to perform specific tasks. These tasks could be to authenticate a user or to poll a back office system such as active directory for any new users.
Workflows enable Solus Connect to be very adaptable helping it meet the needs of each organisation in respect of their processes and procedures.
Workflows are made up of activities. Some workflows may only have one or two activities where others could have several.
Typical use cases
Native or web based apps used in banking, eCommerce, Telco and citizen access to e-services are just some of the examples where organisations use Solus to increase security for both consumer and employee access. Solus can be used in conjunction with username and passwords during login or within an application where the user is wanting to transact or request access which might represent a higher risk such as when a user wants to approve a new account payee or add funds above a certain threshold. Solus is flexible enough to enforce authentication within any stage of the user journey.
Solus’s most simple secure system revolves around our patented scrambled PIN pad. For users, logging in becomes a seamless, quick and familiar process.
It can be used on websites, mobile websites, and mobile apps.
Here’s how your customers can use Solus to authenticate their ID and access your content:
|Users can select a 4 digit PIN (or you can assign them one) when they first register or subscribe to your site|
|Whenever users want to access some restricted content on your site (think: a subscribers-only section), they simply verify their credentials so you can grant access to subscription only users|
|To authenticate their ID, they need to enter their PIN on the graphical, scrambling PIN pad that pops up on top of the webpage. This is the Solus PINpad that authenticates users within seconds, while lending a wall of safety against hackers|
|All users need to do is tap or click on their PIN digits on this scrambled PINpad. This PIN entry works the same way as an ATM PIN entry — the only difference is that the PINpad is scrambled to foil several types of fraud|
|Consumers securely enter their PIN while staying on your webpage (they are never redirected to any third-party site)|
|We make sure that their information matches. If everything adds up, their authentication is completed and users are instantly steered to their desired webpage|
Behavioural Authentication (Smartphone and Desktop)
Solus partners with BehavioSec a leading provider of authentication and verification solutions through behavioural biometrics, to create complete and trustworthy communications. The solution monitors and analyses behaviour in real time based on the interactions with a mobile device or a desktop/laptop workstation by combining that with other forms of authentication, like device identification and EyePrint.
Combining behavioural biometrics into your digital channel means you can achieve three strong pillars of multi-layered security:
- Something the customer has; e.g. the eyes
- Something the customer knows, like a PIN
- Something the customer does, meaning physical characteristics or behavioural patterns
How does it work?
Each individual has a unique rhythm. Passwords can be stolen or accounts compromised but nobody can steal your ‘moves’ because they’re largely second nature behaviours that are almost impossible to mimic. BehavioSec uses measurable data created by that behaviour to verify that the person using an account is the authorized individual. It gathers this data passively during the actions the person is already performing, such as typing a user name and password or entering a PIN code, and compares this to previous sessions.
Using the Mobile SDK is easy and will allow your app to learn each user’s behavioural biometrics. Within 7 to 10 sessions, sometimes even fewer, BehavioSec becomes accustomed to the user and will use this information to assign a risk value at each login or transaction event. This can be used with your existing solutions to authenticate, assess risk, or signal the type of anomaly that triggers a step-up verification event.Solus Connect provides the integration between devices such as Android or iOS smartphones and corporate back office systems. It can authenticate against typical third party providers such as Active Directory/LDAP or to a native directory through the development of adaptors. It can also be the primary authentication source in situations where third party authentication is not available or desirable.