SMS authentication service & mobile tokens

There are basically four types of tokens – something one possesses:

  • Hardware token: little devices that users carry along
  • Software token: active plugins in browsers (e.g. applet, ActiveX)
  • Mobile tokens: mobile application for Smartphone
  • SMS token: SMS sent to mobile phone (SMS authentication service)

Validating mobile or software tokens is quite similar to hardware token devices, from an authentication point of view. However, when looking at the requirements from a broader perspective there are significant differences. Software and mobile token generators are mostly obtained from a third party store, such as the Apple iStore for iPhones, and need to be linked to a user at the application provider side before being useful for authentication purposes.

TrustBuilder will take care of the complete usage cycle, ranging from validating the user’s identity, registration, activation and ongoing administration of the mobile token, to validating the token at authentication time. Its workflow based policy engine will allow to easily integrate with existing security assets in the organization, lowering the barrier significantly from a cost and time-to-market perspective.

In addition, once a user has been authenticated, TrustBuilder allows to easily extending the user’s identity with context aware information, such as attributes or dynamic role assignment, in order to manage access to applications and resources, effectively addressing the security risks of mobile and online applications.

TrustBuilder supports most Tokens out-of-the-box (see list). A mobile App TrustFactor provides a unique combination of authentication and transaction validation for the most popular platforms.

Business benefits

  • Cost-effective 2-Factor security
  • In line with user’s preferences
  • Rapid deployment and fully automated user enrollment
  • Centralized approach reducing costs and increasing control.

Please contact us if you have any questions about our mobile tokens and sms authentication service.