Situatie
ActivID AS authentication methods determine the verification process used to authenticate a user. ActivID AS supports two-factor authentication based on something a user knows (such as a password, a PIN, or memorable data in the form of security question answers), and something a user has (a physical authenticator such as an OTP token).
- Direct users can submit authentication requests directly to ActivID AS.
- Indirect users (such as end users) can be authenticated for ActivID AS through a direct user.
Solutie
Pasi de urmat
Static Passwords
Authentication is with a username and static credential, such as a password or PIN (also referred to as Username Password or UP Authentication). ActivID AS can manage multiple concurrent password policies. Each policy is configured as a Login authentication policy.
User name and password combination:
- Full − requires entry of the full password.
- Partial − requires entry of partial characters of the full password.
One-Time Password (OTP) Devices
A physical or software authentication device, such as a token or a smart card, that generates a one-time password (OTP). An OTP is valid for one authentication session only. It cannot be used to gain access a second time, even if captured.
Out-Of-Band Authentication with SMS or SMTP
Out-of-Band (OOB) authentication uses two independent networks to separate the authentication channel from the OTP delivery channels. This offers an additional layer of security, particularly against Man-In-The-Middle (MITM) attacks. For example, even if a fraudulent user gains all the security credentials to a user’s account, a transaction cannot be completed without access to the second authentication network.
Leave A Comment?