In today’s world, Cyberspace has become the main avenue for businesses to prosper, but as always, each new path to the Promised Land is wrought with hardships that must be overcome in order to reap the rewards. For companies to succeed and grow in the 21st century an Internet presence is a must, but many risks are associated with putting your information out there on display that deter and delay the development and growth of many good concepts and ideas.
ProtectID Overview
PATENT No.: US 7,870,599 B2
ProtectID® is a “Out-of-Band” multi-factor authentication platform designed to authenticate individuals and
employees, “and/or” authorize transactions in real-time. ProtectID can be integrated into many types of
environments i.e. remote access (VPN), domain access, website access, risk-mitigation and transaction
based systems.
ProtectID® can be installed locally on premise, or accessed through our “Cloud Service.” ProtectID’s
advanced authentication redundancy feature minimizes password/device related help desk calls by
providing users a backup authentication method, this mission critical benefit delivers Return on Investment,
the very first day the system is installed.
ProtectID's Authentication Methods
The following Out-of-Band authentication methodologies are supported:
ProtectID “Out-of-Band” Methodologies
- Entering a # (pound sign) when phone rings
- Entering a PIN into phone
- OTP is delivered on-screen, phone rings, user inputs OTP into phone
- OTP is sent to a phone via SMS, OTP is entered online
- OTP is delivered to phone via text to speech, OTP is entered online
- OTP is sent via email, OTP is entered online
ProtectID Token Methodologies
- Hard Token - Key fob, USB Key, Wallet Card
- Soft Token – iPhone/iPad, BlackBerry, Desktop, J2ME
ProtectID Features
- Transaction Verification – stops Man-in-the-Middle attacks by confirming the transaction details
- Step Up Authentication for Oracle OAAM and RSA Adaptive Authentication
- Secures IPSec/ SSL VPNs and Citrix networks via RADIUS and Citrix interfaces
- Secures Microsoft applications including OWA, Sharepoint, ISA Server and ASP.Net
- Secures Web and SSO applications including CA SiteMinder and RSA ClearTrust
- Secures Cloud applications including Google Apps, Salesforce and Tricipher’s
GuardedID Overview
Though PC users are worried about spyware that tracks web site visits, and crashes their PCs, there are
more insidious threats out there. A more powerful breed of spyware can log keystrokes (including passwords
and credit card numbers) and send that information to criminals. This type of software is called a keylogger.
What is a keylogger ?
A keylogger is a type of surveillance software that has the capability to record every keystroke you make
and is logged to a file (usually encrypted). A keylogger can record instant messages, e-mail, and any
information you type at any time using your keyboard. The log file created by the keylogger can then be sent
to a specified receiver. Some keylogger programs will also record any e-mail addresses you use and Web
site URLs you visit.
A keylogger can be inserted into a victim’s computer via several ways. It can be carried by a virus or
spyware. It can come as an attachment in an e-mail. For example, the Corporate IT Forum spam email
contains a website link, the clicking of which, causes a keylogger to be loaded into the computer. It can even
be embedded in an mp3 file or delivered via a XSS (Cross Site Scripting) attack.
Why is current anti-virus software ineffective ?
All anti-spam and anti-virus tools are based on scanning a computer for files with a particular signature. The
database containing signatures of known bad files have to be continuously updated. The major caveat in this
approach is the existence of the signature of a known problematic file. Spammers and criminals are
currently deploying sophisticated software which dynamically changes the file signature. Therefore, antispam
tools are no longer effective against keyloggers. Also, there is significant time between detecting a
new keylogger on the Internet and the anti-keylogging signature being updated on anti-virus/spyware
software. This time gap can take a month to a couple of months.
How GuardedID protects users
GuardedID uses a different approach to defend against keyloggers. Rather than trying to detect keyloggers,
it takes a preventive approach. It takes control of the keyboard at the lowest possible layer in the kernel. The
keystrokes are then encrypted and sent to the browser via an “Out-of-Band” channel bypassing the
Windows messaging queue. GuardedID has a built in self-monitoring capability. This prevents it from being
bypassed by other software. If GuardedID is tampered with in any way, it will warn the user of the breach.
|
 News and EventsWide World of Stocks covers StrikeForce Technologies, a Datanet2000 Partner |
