Excalibur utilizes the mobile phone to act as a secure hardware token for any and all authentication and authorization needs inside of the enterprise.
Excalibur utilizes the mobile phone to act as a secure hardware token for any and all authentication and authorization needs inside of the enterprise. The ultimate goal is to move all forms of authentication and authorization away from passwords, replace them seamlessly with smartphone-based strong but user friendly multi-factor authentication. Excalibur unique value is in providing backward compatibility with all the applications, Operating Systems (OS) and services the enterprise uses today thus creating a bridge between the password-based present day and password-free future.
One of the core innovations of Excalibur is its ability to defeat all attacks on credentials (key loggers, phishing, social engineering) - Excalibur is able to automatically change password on each login. In the Excalibur user flow - the password is no longer entered by the user - the user never even knows the password, it is just a random string used in the background, seamlessly injected into the login process by Excalibur. The user instead just interacts with the mobile phone - using it to provide authentication factors as required by the security policy.
Excalibur is the only solution that completely mitigates risk of human element exploitation, the user is no longer the weakest point by creating a simple, convenient experience with no room for error or social engineering attacks.
Everything in Excalibur is self-service - by “freeing” authentication from passwords - unique novel authentication / authorization flows are possible - utilizing physical security and peer-verification - where your colleagues or manager can directly from their mobile phone verify that you are really you instead of having to wait for IT Security to react in case of any security incident / policy violation - thus allowing for stricter policies, yet dynamically adjusting to real life needs.