Automated, Real-time, Multi-factor Authentication
Authentication is a key component in the overall security and privacy apparatus. To make the access easy and pleasant for their clients, many organizations, such as banks, have lowered the barriers in claimant’s authentication. For enterprises with sensitive information, authentication of employees for remote access is typically conducted by providing the employees with a special USB key, or a fab, which contains their identity. This is neither convenient, no safe, as the person may misplace the authenticating device and it may fall in the wrong hands. Another popular class of authentication techniques rely on sending an SMS to claimant’s smart phone, which should be entered manually into a second device, typically a computer. This has its own problems, in terms of being a frustrating experience for the users, as well as in terms of security as the SMS message may be hijacked in its path to the claimant’s phone. Even worse, the person may lose his/her smart phone, which may fall into the wrong hands. In the so-called “SIM swap attack”, individuals call the operator customer service and by answering some questions manage to transfer a phone number that belongs to their victim into their own handheld. Mobile operators, naturally, want to keep their customers happy by providing a speedy service, accordingly, they typically do not put too much pressure on their clients to answer multiple security questions. Similar to the banks, this leniency results towards customers cause them significant waste of resources in long run. Cynorix has solved most of these shortcomings by developing a multi-factor authentication technique in which the loop between authenticating server and client’s device(s) are closed automatically in real time, and monitored to detect suspicious delays (more than 1/4 second) which could be indication of hacking attempts, in which case some additional steps are taken to guarantee rightful clients are authenticated and hackers are detected. This goal is achieved by adapting the complexity of the authentication procedure to the situation at hand, for example, checking client’s bio-metric signatures, or by asking the client to enter his/her password or answer some security questions. Cynorix technology further enhances the reliability and security in authentication by assigning a signature as a secret credential to each of the client’s devices (devices that are used as a factor in the authentication). These signatures are updated after each authentication instance, and devices (including authentication server) mutually check each other’s credentials. Among other benefits in terms of enhancing the security, this operation guarantees that legitimate owner is protected from “SIM swap attack”. In summary, Cynorix multi-factor authentication provides a convenient and pleasant experience by automating the authentication process, while guaranteeing complete protection from hackers.