Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) Methods

• Open Standards
  • FIDO Universal Authentication Framework (UAF) and Universal Second Factor (U2F)
  • OATH Event-based (HOTP), Time-based (TOTP) and Challenge-Response (OCRA)
• Proprietary Standards
  • MasterCard SecureCode Dynamic CVC, VISA Verified By VISA Dynamic CVV, American ExpressPay, Discover, JCB Speedy and 3-D Secure 1.0, 1.1, 2.0

Multi-Factor Authentication (MFA) Tokens

• Hardware Tokens
  • FIDO UAF and U2F devices ” FIDO devices on Amazon
  • OneCard All-in-One Converged Credential with HID physical access and One-Time Password (OTP) Display Cards
  • OTP Keyfobs and Mini-Keyfobs.
  • OTP USB flash drives
  • .NET™ and Java™ smart cards
  • All SurePassID hard tokens
  • Third party tokens
• Software Tokens
  • Mobile OTP and Desktop OTP (SurePassID Mobile Authenticator, Desktop Authenticator, Google Authenticator)

Secret Key Management

• SurePassID Proprietary, FutureX HSM, SafeNet HSM, nCipher HSM, Townsend HSM
• Active Directory/LDAP Integration
  • Direct user importing from Active Directory/LDAP, or from csv/txt files
  • Map SurePassID groups to Active Directory groups
  • Automatic synchronization between SurePassID users and external Active Directory/LDAP (adding users, updating users, deleting users)
  • No Active Directory schema changes required
• Ease of Deployment
  • Cloud-based Software-as-a-Service (Amazon AWS®, Microsoft Azure®, etc.)
  • Virtual machine (VMware®, Hyper-V®)
  • On-premises server (Windows Server 2008®, 2012®, 2016®)

24X7X365 Operations

• Fault tolerant.
• Ease of Integration
  • APIs and SDK for rapid integration into cloud, web and mobile applications.
  • Virtual machine for Microsoft Hyper-V® or VMware®.
  • One-click integration with Microsoft Active Directory® or OpenLDAP.
  • Built-in Secure Single Sign-On (Secure SSO) for SAML 2.0 applications.
  • ADFS 2.0 support for Federated Identity integration.
  • Low impact on IT resources.

Multi-Tenancy

• Logically partition clients, devices or company sub-organizations within a single server image.
• Scalability
  • Dynamically add resources for peak load or growing numbers of users/authentications.
  • SurePassID Authentication Servers can be clustered globally or geographically positioned yet maintain a global view.
  • Designed to support tens of millions of users and devices.

Ease of Administration

• Browser-based system available on any device platform.
• Customizable alerts.
• High level of automation, centralization and integration.

Localization & International Support

• Supports any language. A new language can be added by uploading a single new language file. The site automatically changes based on the user’s localization.

Mix or Match Authentication/Multiple Credentials Per User

• A single user account can have multiple tokens attached to it. SurePassID does round robin authentication against all tokens attached to a user account upon login.

Audit Trail

• Dynamically integrate with Windows Event Log or other centralized system.
• Customizable event log tracking.
• Export via .csv.

Compliance Ready

• Healthcare – HIPAA/HITECH and HITRUST CSF option.
• Banking, Financial Services, Payments – PCI DSS option.
• Government – FIPS 140-2 Level 3, PCI DSS, FISMA and NIST 800-53 option.
• Aerospace & Defense – FISMA and NIST 800-53 option.

Integration into existing Network Operation Center (NOC)

White Label Option