As cyber crime continues to proliferate, organizations require enhanced protection of their digital assets and user community from unauthorized access, identity theft, and transaction risks. Use of advanced authentication factors for stronger, layered, or multi-factor authentication is increasingly becoming a generally accepted approach. However, key challenges remain when it comes to the ease of use, cost to purchase, deploy, and manage authentication solutions. Additional challenges arise with the need to provide flexible range of appropriate authentication options for different business requirements and user personalized choices.

AuthGuard® is a versatile authentication server providing, supporting, and managing multiple open and proprietary authentication methods through a single user interface. This approach enables an organization to use different forms of authentication based on its policies or users’ preferences depending on a particular identity, login environment, or purpose. AuthGuard® also gives the organization or end users simple means of using different authentication methods as its needs change.

AuthGuard® securely authenticates users over distributed network environments for Web, VPN, Citrix, online collaboration and mobile access to mass consumer providers, enterprises, e-commerce, cloud computing, SaaS, or On-Demand services. The authentication methods can be used from any access device such as computers, mobile devices, smart cards, VoIP terminals, personal media players, Point-of-Sale, ATM, set-top box, or touch screen displays, providing a common user experience.

AuthGuard® versatile authentication server offers a range of legacy and innovative authentication methods having scalable security, high usability, low total cost of ownership, and self-service capabilities.

Authentication options include enhanced password, pattern-based one-time PIN, one-time challenge one-time response, out-of-wallet questions, out-of-band, OTP, mobile soft client and mutual authentication.

These authentication factors, used alone or in combination, allow for one-factor, layered, and multi-factor authentication security. All are provided through a single product suite implemented in a multi-tenant architecture, enabling secure access of different authentication groups. This allows the personalization of the level of security and the ease-of-use particular to users’ needs or companies’ policies aimed at complying with Government, Financial, and Healthcare security standards.

AuthGuard® key capabilities include:

Advanced Authentication – In addition to legacy and enhanced passwords, AuthGuard® offers new advanced authentication methods overcoming two major deficiencies of static passwords: memorization difficulties and low security. To reduce memorization pressure and significantly improve ease of use, the patented technology utilizes virtual menus, dynamic grids, and pattern-based shared secrets, which facilitate easier recollection as opposed to remembering textual passwords. To enhance security, each method employs algorithmically and parametrically different implementation of the Random Partial Shared Secret authentication technology. It minimizes credentials’ entropy leakage and enhances credentials’ combinatorial capacity, which altogether manifests stronger protection against known attacks. The authentication server never challenges the user to provide the full credential. Instead, it requests only a random subset of the user’s credentials each authentication session. This one-time authentication challenge renders a one-time authentication response that cannot be reused if intercepted by an intruder.

These advanced authentication methods can be used as the single user authentication factor in any client-server networked environment embracing computers, mobile devices, or other terminals. AuthGuard® offers the high security found in hardware-based authenticators while preserving the cost-effective electronic mass deployment and the ease of use, typical of passwords.

Out-of-Band Authentication – AuthGuard® patent-pending, next-generation out-of-band authentication technology enhances credentials’ security by impeding authentication challenge observation or recording. AuthGuard® out-of-band technology allows splitting the authentication challenge either between two different communication protocols at the same computer platform or two different communication protocols at separate platforms, each associated with a communication device – for instance, a laptop login screen and user’s mobile device.

Layered and Multi-Factor Authentication – AuthGuard® allows for any combination of its legacy, advanced, out-of-band, and mutual authentication methods to provide layered or multi-factor authentication security on the same product platform.

Mutual Authentication – In addition to user-to-site multi-factor authentication, AuthGuard® provides for non-intrusive site-to-user authentication which enables strong mutual authentication enhancing security against phishing and pharming attacks.

Personalized Security – AuthGuard® integrates all capabilities into one authentication server allowing personalizing the level of security and the ease of use particular to the user’s needs or company’s policies.

Self-Service – AuthGuard® provides online self-service capabilities allowing users to select the login mode and security level; establish & set-up their account; and self-reset their credentials without contacting a help desk.

Back-End Encryption – AuthGuard® includes Crossecure™, a proprietary client-server session encryption key management system integrated with the authentication protocol, providing random session-specific symmetric encryption key. Also, AuthGuard® provides data encryption for RDBMS- or LDAP-based user stores. Integrated with SSL, the product also protects the content exchanged between client and server during the communication session.

Flexible Administration – The product’s powerful management console enables the entire product suite configuration, including the security and user session parameters. This administration utility also contains customizable user personal profile templates, automatic logout when exceeding a pre-set idle session time parameter, automatic account lockout after exceeding a pre-set number of incorrect authentication attempts, policies for online authentication credential setup, connection to SQL databases or LDAP directory services.

Easy Integration – AuthGuard® product is easy to customize and seamlessly integrate into an organization’s existing security, e-commerce, and operational infrastructures. It is a non-intrusive, zero footprint (no client download) technology which requires no additional hardware and works from any Internet connected platform.

AuthGuard® Benefits:

Strong login security
AuthGuard® enhances logon security to network resources, portals and applications.

Minimal nuisance factor
Ease of technology use, no impact on customers' existing systems, easy to customize, quickly and seamlessly integrates to existing infrastructure, reduces hassles and management challenges.

Powerful administration tools
Users' authentication credentials, account operations, security parameters, automated policies set up, and tool configuration parameters are managed with easy to use web administrative tools. AuthGuard® features a GUI-based administration console which gives you full centralized and delegated control over the networked environment. Easy to navigate, the AuthGuard®’s administration console provides powerful control panels and information windows that allow you to custom-configure your system to meet the network security needs of your organization.

Easy to deploy: reduces time and cost of deployment
Deployment is a unique capability of AuthGuard®, offering a dramatically easier, faster, and more cost-effective solution than most of other authentication vendors. Because the AuthGuard® solution can be electronically deployed to the masses in the same manner as passwords, it eliminates associated costs of any user authentication credentials deployment and distribution.

Account self set up and self reset capabilities
AuthGuard® allows new users to register themselves, choose an identity, and establish authentication credentials. The product also enables end-users to establish their personal profiles during their account set up. Personal profile template is customizable and designed by customer’s AuthGuard® administrator. Personal profiles are used as an additional security tier during authentication credentials online self reset. The web-based account setup and authentication credentials self reset functionalities greatly reduce administration and help desk assistance and costs associated with establishing and resetting user profiles, passwords and other authentication credentials.

Account integrity and audit capabilities
Each administrative action with any user account can be completed, stored, audited, and reported on.

Regulatory compliance support
AuthGuard® allows to segment users, infrastructure, resources, and user rights providing maximum flexibility in service delivery and compliance with internal or regulatory policies.

Scalability
AuthGuard® product was designed from the ground up to support the security needs ranging from low security protection with just one authentication factor to high security protection based on strong authentication enabled with several authentication factors. The product supports the needs ranging from small and medium size businesses to global enterprises and service provider sites supporting millions of users.

Authernative Professional Services provide consulting services to determine your company’s network security needs, custom development, technical support and other services to enhance or extend the functionality of the commercially available AuthGuard® application and Crossecure™ cryptographic module, or to integrate the AuthGuard® application and Crossecure™ cryptographic module into a customer’s enterprise.

Authernative will help determine your company’s authentication, identity & access management, encryption, and security needs, recommend technologies, and provide the resources and knowledge necessary to implement a customized solution. Our consulting services ensure that your company can provide reliable AuthGuard® authentication service and build better relationships with customers.

Authernative training can increase your effectiveness in using the AuthGuard® solution. Project rollout, train-the-trainer, regional sales meeting, and other programs are available and can be designed to meet your company’s requirements.