iKeyPass...Unbreakable Password Security
Transcript of iKeyPass...Unbreakable Password Security
INDUSTRY PROBLEM
LinkedIn SWIFT LastPass Yahoo! Mail eBay Google JP Morgan
Chase
52% of existing data requiring protections is vulnerable
Highly vulnerable industries
Your Company can be the Next Target!
“ONE OF THE MOST COMMON AND DANGEROUS
SECURITY MISTAKES IS USING THE SAME PASSWORD ACROSS
MULTIPLE ACCOUNTS”
VICTIMS OF THE DOMINO EFFECT
THE MOST COMMON PASSWORDS:1. 1234562. password3. 12345678
“If hacked, it can cause a “domino effect,” allowing all accounts with the same password to be breached.”
73% of online accounts use duplicated passwords*
*Source: Telesign
iKeyPass is the ONLY technology that eliminates duplicate passwords altogether!
iKeyPass offers a “break proof” Online User Authentication solution – perhaps the safest identity/access management solution in the industry.
Our technology solution:
A user defined dynamic passcode
Based on unpredictable variables
No token, no mobile device and no fingerprints to deal with
* Anywhere *Anytime * Any device *
Immune to MITM attacks
Feature set compliant with NIST SB800-171
SOLUTIONS
Current Solutions Static Usernames / Passwords Complicated password rules User ID Confirmation with
questions pre-defined by business
RSA Tokens OTPs requiring additional device Computer generated codes Device recognition Pattern recognition / Trusted 3rd
party alliance
iKeyPass Solution Almost “break proof” online user
authentication solution. Dynamic Passcodes Based on unpredictable / changing
variable Defined by User No communications over the wire Dichotomy of Servers No RSA tokens. No mobile devices.
No biometrics * Anywhere *Anytime *Any device Immune to MITM attacks
USER ACCEPTANCE Millennials and Gen Xers have the highest interest in two-factor authentication.
7 in 10 Millennials and Gen Xers (18 to 49) want an extra layer of protection.
TECHNOLOGY
User
Business Server
iKeyPass
Prompt/ Passcode
Changing Variable,Publicly Available
• Dow Jones Closing• Stock Symbol• Weather Hi/Low• Systems Time• First word of NY TimesU
ser’
s Cho
ice
Formula+, -, x, /, ^2, %
Factor0,1,2,3,4 or 2nd variable
Access Code
Use
r D
efin
ed
IP: USPTO: US2015/0163218 A1.
PCT: US2014/065851
Authentication
Requests Access
SEPARATION OF LOGIN PROCESS
User Business Server iKeyPass
1. Sends Username
5. Sends passcode for authentication
2. Sends associated Pseudo ID for passcode
3. Returns current base value and passcode for
prompt OR only passcode for no-prompt
6. Verifies with Result (Auth. Code) & Allows /
Disallows
4. Sends current base value, if applicable
APPLICATIONS
Online User Accounts (Web-based)
Online Software & SaaS Web Mail Password Managers (SSO) Cloud (data storage) Internet of things (IOT) /
Devices
iKeyPass RSA TokenOne-time Password
(OTP)
Device Recognition
Pattern Recognition
Trusted Parties
AlliancesBiometrics
Provider Defined / Computer generated X X X X X N/A
Requires Additional Device X +$$ X +$$ X +$$
Transmits over wire X X X X X X
User Defined N/A
Level of Complexity User defined Preset Preset Preset Preset Preset Preset
Device Independent
Unpredictable
Multi level security (for SSO)Multitier / Multidimensional
COMPETING SOLUTIONS
SAMPLE SITE
√
Does not replace current login process or UI Provides Optional third-factor authentication At user discretion / user defined
OFFER
Stand alone, Independent layer of Security for your Customers
Does not replace current UI or login process Free integration of iKeyPass Authenticator – No NRE Six months free trial with no obligations