One Time Password System
If you are looking for an enterprise grade 2-factor authentication (2FA) or multi-factor authentication (MFA) product that can secure all commonly used business applications and also provides a wide range of authentication methods, then you are in the right place.
OTP system is a multi-factor authentication system that unifies a variety of authentication methods, protocols, solutions and user experience in a single platform. In addition to the MFA functions, OTP system also provides self-service Password Reset, Single Sign-On (SSO), Identity & Access Management (IAM) and Adaptive Authentication. It is one of the most powerful and flexible multi-factor authentication system in the world.
OTP system can be installed on premises or hosted in a private cloud, which means that you will have the total control of your own user authentication system, and that you will be able to keep your users’ identities and credentials in a safe place.
Unified Authentication Methods
OTP system supports almost every type of multi-factor authentication method that you have ever seen and wanted to use, covering all areas in knowledge-based (what you know), token & device based (what you have) and biometrics (what you are).
- OTP (One-Time Password) by SMS, email and voice call
- OOBA (Out of Band Authentication) by push notification, SMS and voice call
- OTP tokens, keyfobs and cards
- OTP apps, e.g., Google Authenticator etc
- Grid cards, proximity cards and smart cards
- USB keys FIDO U2F
- Keystroke Dynamics
- Biometrics, e.g. Fingerprint, Face & Voice recognition
- Device Fingerprint, Device ID, Device DNA.
Unified Authentication Solutions
OTP system can secure all commonly used enterprise and web/cloud applications with multi-factor authentication, covering VPN & RDP remote access, Windows, Mac and Linux OS Logon, Web & Cloud services as well as Outlook emails.
- VPN Login, e.g. Cisco ASA, Palo Alto SonicWall. WatchGuard, etc.
- Web Applications. e.g. Sharepoint, CRM, ERP, etc
- Cloud Service, e.g. Office 365, Google Apps, SalesForce, AWS, etc.
- Outlook Web Access, Zimbra mail, Lotus Notes mail
Unified Authentication Protocols
OTP system supports several authentication protocols that have been used by different types of applications, including LDAP, RADIUS, SAML, FIDO and OATH.
- LDAP: commonly used to provide a directory service for storing user information and to verify user credentials, i.e. usernames and passwords.
- RADIUS: a networking protocol that provides centralized Authentication, Authorization, and Accounting (AAA) services, commonly used by networking devices such as firewalls and VPN servers.
- SAML: an open standard for exchanging authentication and authorization data between parties, in particular, between an identity provider and a service provider. Commonly used by web & clolud applications to provide single sign-on (SSO).
- FIDO: a set of security specifications for strong authentication including multifactor authentication (MFA) and public key cryptography (PKI). Commonly used to replace password with device based authentication.
- OATH: a set of open authentication standards, e.g TOTP (Time-based One-Time Password) and HOTP (Event-based One-Time Password), which have become the de facto OTP standards supported by many multi-factor authentication products.
Unified Authentication Experience
Multi-factor authentication requires users to provide multiple credentials in the login process. It is inevitably more complex and time consuming than password only authentication. Typically, users often need to access different types of remote resources, services and applications, from various types of devices. For instance, you may need to connect to your corporate network remotely via VPN from your laptop, and you might also need to access your business emails from your smart phones. Therefore, the user experience in the multi-factor authentication (MFA) process is very important. A successful MFA product must provide an excellent user experience in such way that users do not see multi-factor authentication being inconvenient to use, or even reducing their productivity.
Unified Multi-Factor Authentication Platform
OTP system MFA platform includes a powerful risk engine that uses machine learning to evaluate the risk level of every login request in real time. It takes context into account, including user’s Geo location, IP addresses, network location, device information and time of day. Based on the risk score, a login request can be either blocked or escalated to a higher level of MFA process.
OTP system platform includes a SAML-based SSO server that enables users to sign on once then access multiple web and cloud applications without additional logins. It also supports desktop to web/cloud single sign-on by leveraging Microsoft’s Integrated Windows Authentication.
OTP system platform includes a secure, web-based self-service portal that enables users to remotely manage, change, reset their AD passwords, and to unlock their AD accounts. It can send password expiry notifications and securely automate the end-user password resets and account unlocks with SMS/E-mail verification code and/or security questions.
OTP system streamlines user management by integrating with existing user directory, such as LDAP or Microsoft Active Directory. Using a set of powerful rules, an enterprise is able to enforce intelligent access policies based on user geo location, ip address, network location, device information and time.
OTP system platform includes a powerful and flexible policy engine that allows you to customize the system to your exact requirements. For instance, you can determine what types of authentication methods are appropriate for any given user and/or for any given application.
OTP system logs all events and activities that can be utilized as an auditing, accounting and monitoring tool, and also used to generate reports to meet compliance requirements or assess cyber threats. Furthermore, administrators can be alerted in real time on important or critical events and activities by email or SMS messages.