Secfense Authenticator, an invisible evolution in user access security

Secfense Authenticator lets you use your phone for strong online authentication 02

From now on, thanks to the Secfense Authenticator mobile application, a smartphone can also be a convenient method of authentication on any application in the organization. The new technology revolutionizes the login process, which will no longer require employees to enter an inconvenient and unsafe – because easy to intercept – password.

Secfense Authenticator

Authentication is the process of confirming a user’s identity online. If a user verifies their identity using more than one factor, it is called multi-factor authentication (MFA). Currently, the most effective standard of online authentication is the FIDO2 standard, which, according to the assumptions of the creators, allows you to easily authenticate with a smartphone that you use every day. FIDO2, however, is not only a convenience but also what everyone cares about the most today – security that protects access to applications thanks to the use of cryptography.

– Companies that take the protection of their resources seriously should enable multi-factor authentication for every user who has access to sensitive data – says Tomasz Kowalski, CEO, and co-founder of Secfense. – But be careful, to make sure that the security cannot be bypassed, the code generated on the phone or sent via SMS is not enough. Today, intruders can deal with such methods. Organizations should introduce authentication based on the FIDO2 standard.

So why, if there is such an open and effective authentication standard, companies still struggle to secure their employees’ accounts with multi-factor authentication? The biggest problem is still the implementation. MFA implementation is difficult, burdensome, and costly. Moreover, if a company owns hundreds of applications, mass deployment of MFA on all of them is practically impossible. Effect? One of the best authentication methods, the FIDO2 standard – although designed in April 2018 – after more than four years it is still a nice-to-have addition in many organizations instead of being a universal way of securing all users’ identities online.

– At Secfense, we noticed this problem and we developed a solution called User Access Security Broker (UASB), thanks to which, in an automated manner, without interference in the code, companies can secure any application in the organization using multi-factor authentication – says Tomasz Kowalski.

UASB has already been used by BNP Paribas Polska, among others.

Passwordless in an organization

Secfense has just developed another facilitation for its customers – Secfense Authenticator, which allows organizations using UASB to now use FIDO2 authentication on any application without the need to purchase any additional equipment.

Imagine a large organization with hundreds or thousands of employees. Every day they use several or a dozen applications, most of which are protected only by a password. Most companies that are aware of online threats have already implemented MFA on at least some of their applications. However, very few of them have managed to do this on all their applications. This was done, for example, by Google and Twitter. Moreover, their MFAs are based on the strongest standard, namely FIDO2.

– It can be said that User Access Security Broker opens the path to mass use of MFA in business, and the Secfense Authenticator application additionally allows you to reach for the strongest standard called FIDO2 – says Tomasz Kowalski – This happens without generating costs related to employing programmers, without the cost of purchasing hardware keys and without any impact on the smoothness of the operation.

Secfense Authenticator lets you use your phone for strong online authentication

Too expensive, too much, too hard

The use of a telephone as an authentication device not only improves security but also significantly optimizes costs. If the user would like to secure his account in Google services using cryptography, he can do so by adding the so-called cryptographic key. The problem, however, is that the Google service requires two physical keys to be added at once (in case the user lost or broke one). The cost of one key is on average $50, so if we want to cryptographically secure our account on Google, we have to pay $100 for it. Organizations wishing to ensure such a high level of security for their employees were therefore faced with astronomical costs caused by physical security keys.

– The FIDO2 standard enables the use of smartphones owned by employees, and Secfense along with the application for the phone – Secfense Authenticator replaces the keys and allows each application in the organization to ‘understand’ this standard and allow users to use it – adds Kowalski.

Cryptography for the Masses

Secfense is also working on a version of the Secfense Authenticator application – for individuals. For now, the application works wherever the User Access Security Broker is implemented.

The open-source version of the Secfense Authenticator application will ensure that wherever a given program allows the use of cryptographic authentication (usually referred to as “the ability to use the U2F key”, i.e. the ancestor of the FIDO2 standard), there will be an option of cryptographic security without the need to buy hardware keys. We are talking about many social media platforms, mailboxes or cryptocurrency exchanges.

Unnoticeable revolution

A new way of securing users when logging in is a kind of invisible evolution, or rather an unnoticeable revolution. Why? Because a year or two ago, the norm was to unlock phones with your finger (making patterns on the keyboard) or typing pins. Today, most of us unlock the screen by scanning our faces.

The natural course of things is that soon, in the same way, we will log into applications that currently require inconvenient and unsafe – because easy to intercept – passwords.

Read More

Testimonials

Before investing in Secfense, we had the opportunity to talk to its existing clients. Their reactions were unanimous: wow, it’s so easy to use. We were particularly impressed by the fact that implementing their solution does not require the involvement of IT developers. It gives Secfense a huge advantage over the competition, and at the same time opens the door to potential customers who so far were afraid of changes related to the implementation of multi-factor authentication solutions.

Mateusz Bodio

Managing Director

RKKVC

Even when the network and infrastructure are secured enough, social engineering and passwords can be used to gain control of the system by attackers. Multifactor authentication is the current trend. Secfense addresses this and allows you to build zero trust security and upgrade your current systems to passwordless applications within minutes, solving this problem right away,” said Eduard Kučera, Partner at Presto Ventures and cybersecurity expert – former Director in hugely successful Czech multinational cyber security firm Avast.

Eduard Kučera

Partner

Presto Ventures

One of the biggest challenges the world is facing today is securing our identity online. That’s why we were so keen to have Secfense in our portfolio. They make it possible to introduce strong authentication in an automated way. Until now, organizations had to selectively protect applications because the deployment of new technology was very hard, or even impossible. With Secfense, the implementation of multi-factor authentication is no longer a problem, and all organizations can use the highest standards of authentication security.

Stanislav Ivanov

Founding Partner

Tera Ventures

We are faced with new challenges every day. We must always be one step ahead of the attackers and know what they are going to do before they do it. We are convinced that the User Access Security Broker will bring security to a new level, both for those working at the office and from home. For us, working with Secfense is an opportunity to exchange experience with developers who put great value on out-of-the-box thinking.

Krzysztof Słotwiński

Business Continuity and Computer Security Officer

BNP Paribas Bank Poland

Two-factor authentication is known to be one of the best ways to protect against phishing; however, its implementation has always been difficult. Secfense helped us solve that problem. With their security broker, we were able to introduce various 2FA methods on our web applications at once.

Dariusz Pitala

Head of IT

MPEC S.A.