wwpass multi-factor authentication - how it works
DESCRIPTION
WWPass provides a multi-factor authentication solution that dramatically improves authentication security while completely eliminating the need for usernames and passwords. Using patented technologies, user credentials are invisible to hackers and the credential data is encrypted, fragmented, and dispersed for retrieval only with the consent of the user.TRANSCRIPT
![Page 1: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/1.jpg)
WWPass Multi-Factor AuthenticationHow It Works
Joe McDonald July 2014Product Marketing [email protected]
![Page 2: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/2.jpg)
User Visits WebsiteClicks On ‘Login with WWPass’
![Page 3: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/3.jpg)
1. User initiates log on using WWPass
I Want To Logon
Service ProviderWebsite
PassKeyUser
![Page 4: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/4.jpg)
PassKeyUser
Service ProviderWebsite
SSL certificate
1. User initiates log on using WWPass2. Site requests authentication with WWPass
![Page 5: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/5.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued
Authenticated
Here’s your s
ession ticke
t:
Ticket: @
spfe:4567
![Page 6: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/6.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user
Website is valid. Here’s your session ticket:Ticket: srh123@spfe:4567
![Page 7: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/7.jpg)
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey
PassKeyUser
![Page 8: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/8.jpg)
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate
PassKeyUser
![Page 9: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/9.jpg)
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate7. User is prompted to enter access code
PassKeyUser
********
![Page 10: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/10.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate7. User is prompted to enter access code8. The user authenticates with WWPass
PUID + access code
Authenticated
Here’s your secrets
![Page 11: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/11.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate7. User is prompted to enter access code8. The user authenticates with WWPass9. User requests session key
What is the session key
PUID+SessionTicket
Session key
![Page 12: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/12.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate7. User is prompted to enter access code8. The user authenticates with WWPass9. User requests sessions key10. User shares session key (for this session only)
Here’s the session key for our data
![Page 13: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/13.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWPass2. Site requests authentication with WWPass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate7. User is prompted to enter access code8. The user authenticates with WWPass9. User requests session key10. User shares session key (for this session only)11. Site requests credential data from WWPass
Get data usin
g sessi
on key
![Page 14: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/14.jpg)
PassKeyUser
Service ProviderWebsite
1. User initiates log on using WWpass2. Site requests authentication with WWpass3. Site is authenticated and a unique one-time session ticket is issued4. Ticket with service provider ID (SPID) is sent to the user5. User is prompted to present the PassKey6. User is prompted for consent to authenticate7. User is prompted to enter access code8. The user authenticates with WWPass9. User requests session key10. User shares session key (for this session only)11. Site requests credential data from WWPass12. WWPass provides encrypted credential data to application
Here’s the encry
pted data
F7A5B3
![Page 15: WWPass Multi-factor Authentication - How It Works](https://reader036.vdocuments.site/reader036/viewer/2022062514/557ddc73d8b42a4e358b4929/html5/thumbnails/15.jpg)
User Is Securely Authenticated Access Is Granted