A fresh approach to 2FA: open, scalable, non-disruptive and flexibly priced

A revised risk management approach is driving legacy replacement:

  • The right solution to match different requirements: not a "one size fits all" mandate
  • Security vs Ease-of-Use: adoption rates slow when maximum security in every use case determines solution choice
  • Token vs Push Token: remote, offline or device-based authentication should be available
  • Openness for new Token technologies: vendor choices should be capable of integration with advances as they occur
  • Flexible licensing: SAAS, on premise and more to meet current demands and adapt to future requirements
  • Ultra scalable for B2C: many established 2FA offerings cannot manage the vast volumes of consumer profiles that telco, retail, banking and other industries must support

By using open standards like FIDO U2F and OATH, and abstracting the implementation of a specific token from the core management and handling of tokens, LinOTP can easily support a broad range of hardware and software tokens.

Read more here.

Modular, adaptable and futureproof for the needs you don‘t yet know

Time-to-market is critical for all companies, and given the velocity with which business moves today, an investment in a security solution should deliver initial results in weeks, not months or years. Automated installation and a modular approach that integrates existing authentication services to add MFA capabilities will help speed adoption of a new solution.

User adoption can be eased when additional authentication appears a natural progression from existing security systems. LinOTP addresses these types of demands by offering, for example,  a Token-Abstraction Layer and a Token-Database, which can even be secured by an HSM (Hardware-Security-Module) to support an extremely broad range of token-Types.

Equally, LinOTP caters for on premise as well as cloud implementations, which helps address the needs of clients who are concerned with data hosting and access regulations.

Disruption of existing systems is often a cause of friction and ideally, the existing IT landscape should not need to be disrupted or deinstalled. LinOTP's API-centric approach helps accelerate integration with existing tools, and reduces the need to revisit the existing technology infrastructure.

Read more here.

63% of breaches involved leveraging a weak, default or stolen password*

Data breaches are rapidly increasing in scale and frequency.

  • 29% increase in total cost of data breach since 2013**
  • $158 is the average cost per lost or stolen record**
  • 26% probability of a material data breach involving 10,000 lost or stolen records in the next 24 months***

Single passwords aren't helping.

They are complex to remember, often shared and easy for hackers to crack. The average user has to manage 26 passwords and shares the same password amongst 5 systems. Once one profile is accessed, criminals inevitably try credentials on other popular applications such as social media and email provider sites. The only way to safeguard customers and employees is by introducing additional forms of authentication.

Read more here.

* Verizon Data Breach Investigations Report (DBIR), April 2016
** Identity Theft Resource Center Breach Report, Dec 2015
*** Ponemon Institute Report, 2016


KeyIdentity 2FA Enterprise Platform

The KeyIdentity 2FA Enterprise Platform provides a secure, flexible, integrated and transparent set of products to allow you the deployment of 2FA the way you need it. The modular and futureproof design of the KeyIdentity 2FA Enterprise Platform enables  to integrate future authentication methods and technologies.

  • The KeyIdentity Secure Cloud and the KeyIdentity Smart Virtual Appliance provide secure, flexible and scalable authentication solutions for deployment and operation, on-premise and in the cloud.
  • The KeyIdentity Authentication Providers easily integrate 2FA in your Windows, macOS and Linux environments. Including exclusive features like Push-Token and Offline OTP. Augement your server and client desktops with futureproof, secure authentication tailored to your risk level.
  • The KeyIdentity Authenticator provides an easy to use and  secure solution for phone-as-a-token use cases, providing Push- and QR-Token for high usability, offline authentication and high security levels. The Keyidentity 2FA Enterprise Platform also  supports SMS based 2FA authentication.

 All products are based on the open source LinOTP core by KeyIdentity.

What does LinOTP’s API-first development mean for you?

LinOTP – the open source MFA solution – is developed with an API-first strategy in mind. For us at KeyIdentity this does not mean to dogmatically follow each and every REST guideline but to think about the easiest yet most flexible way of introducing new features to our API in terms of simplicity of integration … Continue reading What does LinOTP’s API-first development mean for you?

Read more

Is your password putting you at risk?

One major cause of data breaches is the stolen password. Once hackers have an email address and password, a world of possibilities are open to them. The dangers are not just limited to the account they have access to. Their hacker’s next steps usually include not only selling the details to other criminals but also … Continue reading Is your password putting you at risk?

Read more

FIDO U2F: what it is and how you can secure your web applications using LinOTP

This is the first part of a series of blog entries about FIDO U2F and how you can use FIDO U2F and LinOTP to secure your web applications. Kicking off, we would like to introduce you to FIDO U2F and explain the idea behind it. Following blogs will be about the protocols and how you … Continue reading FIDO U2F: what it is and how you can secure your web applications using LinOTP

Read more

"2FA: Safeguard the digital enterprise's brand and reputation"

Sales-Hotline: +49 6151 86086 - 277