With Authernative’s Passline® pattern-based one-time PIN solution, the user’s credential is a secret pattern on a displayed grid. During each login session, the digital content on the grid is randomized and the user is prompted to enter the content from the randomly specified set of positions of his pattern. The result is a derived one-time PIN authentication response.
Passline® is a dynamic and interactive user authentication technology based on patented Random Partial Shared Secret Recognition algorithms to protect the user’s credential from compromise. The user is never challenged to provide the full credential, just a session-only random subset of the credential. This one-time authentication challenge renders a one-time authentication response that cannot be reused if intercepted by an intruder. Additionally, the grid and challenge randomization offers high combinatorial security while minimizing credential entropy loss. Even if someone has filmed or captured your input and/or steals or accesses your device, the thief cannot obtain your pattern within a pattern of scrambled numbers. Moreover, Passline’s scalable security parameters with its in-band, out-of-band, scrambled challenge, dual-secret and multi-factor capabilities secure the user’s secret credential from any known attack vector.
The login process also employs a highly secure FIPS 140-2 certified cryptographic module and the patented encryption key management system assuring high security level at credential entry devices and communication lines during every session’s user authentication process. Passline® credentials are also secure at the server side and the user stores which utilize patented encryption and distributed credentialing technologies to protect credentials from theft by cyber criminals or disgruntled internal administrators.
As a result, Passline provides higher security than traditional hardware token, SMS PIN, biometric or software-based authenticators while providing knowledge-based authentication, electronic mass deployment and the ease of use, typical of passwords.