SMS PASSCODE has an advantage over traditional two-factor authentication (2fa) solutions which as the term suggests are simply based on two factors; something you know (username and password), and something you have (a one-time-passcode). SMS PASSCODE looks at multiple factors surrounding each particular login. These factors include things such as session ID, network IP and geo-location, number of successful logins, type of system being accessed, time of login, and device being used. All of these factors add context that help determine the level of trust and whether the user should be authenticated or blocked.
SMS PASSCODE is adaptive, real-time, challenge and session-specific, and takes advantage of contextual information when validating the user, thereby protecting against identity theft and modern Internet threats.
SMS PASSCODE integrates seamlessly into Citrix products like Netscaler, Sharefile or even legacy Citrix webinterface.
- Challenge based
Unlike solutions relying on pre-issued passcodes SMS PASCODE only generates the passcodes once a challenge (username and password is validated) has been fulfilled.
- Real-time solution
All passcodes are generated in real-time at the point of login. No pre-issued passcodes. No seed files to be hacked.
- Session specific passcodes
All passcodes are locked to the session-ID of each particular login attempt for maximum security. This reduces the attack surface from being accessible from any device to a single device.
- GEO Fencing
Increase security by blocking access from high risk locations or regions.
- Contextual-based OTPs
The OTP time validation period and delivery form adapts based on the context of the user.
- Contextual user notifications
Users receive information about the GEO-IP location of their login to help identify possible man-in-the-middle attacks.
- Protection against brute-force attacks
SMS PASSCODE includes advanced brute force and denial-of-service attack detection and protection.
- Hardened security keeps your data safe
SMS PASSCODE passcodes are cryptographically strong random generated OTPs using FIPS-140 validated crypto modules and all communication between components is AES 256bit encrypted. SMS PASSCODEs platform itself is fully authenticoded and obfuscated.
- Automatic failover
Easily set up highly sophisticated failover mechanisms to ensure that the OTPs always arrive. The solution can even adapt between delivery methods based on the login context of the user, e.g. the location.
- Adaptive User Authentication
For even greater user convenience the solution can be configured to dynamically change the level of authentication needed based on e.g. where the users are located when logging in, what time they are logging in, and what network they are logging in from, and how many successful logins from a particular location. For example, if the user is logging in from a trusted location such as the comfort of their home (where they have logged in from before), then they will not be prompted for an OTP in order to authenticate. On the other hand, if they are attempting to log in while travelling i.e. from an airport lounge or hotel with a public Wi-Fi then an OTP would be mandatory to gain access.
- Simple user provisioning
SMS PASSCODE allows for one-click integration to Microsoft Active Directory (AD), but also supports any LDAP store without schema changes or extensions. Add new users on the fly as your business grows.