authshield lab- 2 factor authentication solutions
Post on 30-Dec-2015
67 Views
Preview:
DESCRIPTION
TRANSCRIPT
AUTHSHIELD™ – TWO FACTOR AUTHENTICATION
“The threats from within are increasing on a daily basis. 78% of all information security breaches happen internally”
INNEFU LABS“Information Security at it’s best”
ABOUT US
Information Security R&D Organization specializing in creating unique technologies and products
All technologies are indigenous and have been evaluated and approved by multiple Government Agencies
Empanelled with DRDO for providing - Two Factor Authentication Social Media Monitoring Link Analysis and Pattern Recognition
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
CONTD.
More than Six years of experience in Information Security
Served key clients in Private and Public sector
Unique and Innovative technologies including – AuthShield - Two Factor Authentication Chronos – WhiteListing Ani-Virus Innsight – Social Media Analysis InteleLinx - Link Analysis and Pattern Matching
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
PATENT PENDING TECHNOLOGIES
AuthShield 2FA – One Touch Authentication integrated with Mail
solutions including POP / IMAP protocol
One Touch Authentication integrated with Database update queries for workflow management
04
/19
/23
5
Priv
ate
and C
onfidentia
l - INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
SSOME OF OUR GOVERNMENT CLIENTS
Delhi Police
JK PoliceMinistry of Home AffairsIndian Army
Ministry of Defense
National Investigation Agency
AP Police
UP Police
National Technical Research Organization
Chandigarh Police
SOME OF OUR CORPORATE & PSU’S CLIENTS
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
HACKER’S - POINT OF ATTACK
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
METHODS OF ATTACK
Targeted Phishing
SIM Cloning
Viruses
Trojans
Mobile Hacking
Map the physical identity of the user to the server (Two Factor Authentication)
Identify the user based on – Something he knows (user name / password)Something in the users possessions
DIFFERENT TOKENS
Soft Soft TokenToken
SMS TokenSMS Token
Push TokenPush TokenMobile TokenMobile Token
Hard Hard TokenToken
USB USB TokenToken
ONE TOUCH AUTHENTICATION – EASE OF CONVENIENCE
Application installed on Smart Phone to receive ‘Push’ notifications from AuthShield Server
Anytime a user wants to log in, AuthShield server sends a ‘PUSH’ Notification to the app installed on user’s mobile phone
CONTD. Notifications contains the following info –
IP Address making the request Date Time Location
User has the option to Approve / Deny the request
In case the user ‘Approves’ the request, user is automatically validated
User ‘Does NOT’ see or enter the OTP in any application
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
ADVANTAGES
Hackproof Tokens - Protect against Hacking attacks against systems as well as Mobile phones
No effect by server access
User gets to know if his credentials have been compromised
Uses the fast growing smart phone industry in the country for validating users
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
OUR OTHER TOKENSPriv
ate
and C
onfidentia
l -INN
EFU
LAB
S
•Indigenous Token
•Customizable as per client’s requirements
•Generates a new password after every 96 seconds
• Indigenous Token
• Customizable as per client’s requirements
• Available for all smart phones
CONTD.Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
• Indigenous Token
• Desktop Token available on all OS
• OTP sent as a SMS
• Options to chose between alpha-numeric / numeric passwords
MANAGEMENT PANEL
Complete Management control with the Client’s IT Team
Management Portal to Add / Delete users Associate a Token with a User De-associate a Token with a
User Lock a lost Token Transfer a Token to another
User
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
CASE STUDIES“Information Security at it’s best”
UNIQUE CASE STUDIES
Database Queries - Workflow Management
Mail Solutions
SAP GUI and Net weaver
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
INTEGRATION – WITH POP/IMAP
2FA integration with Mail servers – Web Interface Desktop Clients (Microsoft Outlook etc) Smart Phones
Seamless integration
Prompt for OTP generation – Only when IP changes Specific duration of time passes
PUSH Notification to replace OTP
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Mail Servers
Back End Servers
12
36 6
6
5 4
6
User enters User Name and Password in his POP/IMAP Client and
forwards to Load Balancer
2FA INTEGRATION WITH POP / IMAP
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
DATABASE QUERIES – WORKFLOW MANAGEMENT For specific users, when they fire a Database query –
A PUSH notification is generated and sent to the reporting manager
The notification contains details on – User making the request Details on the request
The query is only processed if the reporting manager approves the query
The same architecture can be replicated from Database to any other workflow
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
SAP GUI INTEGRATION
2FA integration with SAP – SAP Netweaver and SAP GUI
User enters – User Name OTP and Password
User Name and OTP are authenticated by AuthShield Server
User Name and Password are authenticated as normal
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
SAP Servers
12
3
5
4
User enters User Name and OTP + Password in
SAP GUI
2FA INTEGRATION WITH SAP
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
INTEGRATION POINTS FOR BANKING INDUSTRY
Internet Banking
Credit Card Transaction Validation
Critical Intranet Applications including Core Banking Solutions
Login to Remote Servers
Mutual Funds Accounts
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
INTERNET BANKING SOLUTION
Client wanted Two Factor Authentication with – Reset Password Options
Source Code available with the Client
Changes made to the Authentication Module of the client application – Innefu’s 2FA API’s were integrated with the application Users were provided One Time Password via SMS any
time a user needed to reset his password
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
WHY GIVE US A CHANCE!
S.no Features AuthShield Others
1 One Touch Authentication
2 PKI Token using smart Phones
3 Reusable response based on IP and time duration
4 Indigenous Tokens thereby offering co-branding opportunities and instant turnaround time
5 Customization as per client’s requirements
6 Superior support at cheaper costs
7 Unparalleled experience of working with large Government clients
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
SPREVENT IDENTITY THEFT!! –
COUNT ON
THANK YOUQUESTIONS WELCOME
INNEFU LABS PVT. LTD
www.innefu.com
+91-11-47065864 / 66
contact@innefu.com, info@innefu.com
Priv
ate
and C
onfidentia
l -INN
EFU
LAB
S
top related