SlideShare ist ein Scribd-Unternehmen logo

status

Als DOC, PDF herunterladen
P
pixeldemo

blip working

1 von 6
TriCipher Armored Credential System™ (TACS) Strong Authentication for SalesForce.com Integration Benefits you know (such as a password or PIN), TriCipher enhances SalesForce.com by something you have (such as an seamlessly adding multi-factor functionality authentication token), or something you are to the Username / Password method (biometrics, such as a retina scan, or currently used today. Organizations will fingerprint). Consumers are used to a multi continue to derive the benefits from factor authentication model with ATM cards SalesForce.com and will now have the - the PIN being something you know, the additional capability to transition their ATM card is what you physically have. organizations from weaker password protection to something much stronger. Employing Multi Factor authentication for use online, however, is much more Benefits challenging because it typically requires the user to carry or present something physical. Strong authentication for SalesForce.com that prevents identity theft and fraud Historically, traditional Multi-Factor authentication methods have been too hard Prevents man-in-the middle (MITM) and to deploy and manage for large consumer complex phishing attacks bases, due not only to the high costs associated with initial purchase, but also the Seamless integration with a transition path overhead of initial deployment, from weak password systems to strong lost/replacement, management and authentication customer support. Add to this the fact that many users are not yet ready or prepared Choose from an array of strong multi factor to deal with hardware tokens, scratch cards, authentication methods from the TriCipher client software downloads and extra Authentication Ladder. authentication steps, even if it protects their bank account and identity information. Compliance with stringent audit and TACS Solution regulations such as FFIEC, HIPAA, GLB, etc. The TriCipher Armored Credential System™ (TACS) provides a comprehensive Multi Factor Authentication infrastructure that can be used to address Multi factor authentication by definition is many of these risks. Its unique Multi-part the use of a combination of more than one credential and Flexible Factor technologies factor for the purpose of user enable a single infrastructure to issue authentication. A “factor” can be something credentials of different strengths. This
allows the enterprise to tailor the type of download strong authentication solution. In credential to the specific level of risk B2F, the 2nd factor in the form of an without having to deploy multiple costly encrypted cookie or a browser certificate is infrastructures. transparently given to the users’ browser. Also, as a part of the activation process, the The system architecture is designed to allow user selects an image or a secret text TACS to be easily deployed for external phrase they will recognize when they come Software as a Service (SaaS) applications back to the web site. TriCipher is unique in like SalesForce.com and also to protect this clientless offering by going up the internal web applications. Servicing some of ladder with the B2F Certificate option (as the highest volume financial services cookies are susceptible to certain attacks applications for demanding customers, and can be deleted or copied). TACS provides high reliability, availability and scalability. In addition B2F has advantages as: • Requires no change in user behavior. TACS provides a variety of Multi Factor The user is completely unaware of authentication options (see TriCipher the change and migration to his type Authentication Ladder below), allowing you of credential from a password-only to balance security, cost and ease of use system is transparent (even their based on the results of your risk password remains the same). assessment. • No client software. Browser 2 factor requires no client side software. • Phishing protection. Browser 2 factor protects against phishing attacks whose aim is credential theft. • Authenticate your web site. Showing a welcome message reassures the user that they have reached your site, not a phisher's replica. Device 2 Factor (B2F) strong authentication Perhaps the easiest to use, deploy and manage is using the login device as second factor. With this type of credential, the Browser 2 Factor (B2F) strong second factor is stored securely on the PC. authentication The user has nothing new to carry, but does The Browser 2 Factor rung of the TriCipher need a small piece of client side software, Authentication Ladder offers a zero
the TACS ID Tool. The device 2nd factor Additional credential types provides strong protection against all types TACS provides for other credential types, of phishing including man-in-the-middle. including smart cards and using three or The client software also provides the more authentication factors. additional benefit of performing an optional security presence check before TriCipher Authentication Gateway authentication. Device 2 factor is often used (TAG) strong authentication for high net worth consumers, business The TAG is an integral part of the TriCipher banking customers, active traders, Armored Credential System (TACS), The administrators at individual branches (or at TriCipher Authentication Gateway (TAG) client companies) and channels such as acts as a services layer for web applications. mortgage brokers. The TAG reduces the time to deploy strong authentication, increases authentication Portable 2 Factor performance, and ensures the security of Portable 2 factor takes advantage of the the login process by providing a single security of multi-part credentials to use standardized strong authentication service commodity storage products or consumer for use by every application within an electronics as a 2nd factor for organization. The TAG, based on patent authentication. Users can choose something pending technology, manages the they carry already such as an MP3 player or authentication for every level of the USB memory stick, or the financial TriCipher Authentication Ladder including institution can issue something branded. passwords, browser cookies/certifications, The 2nd factor in this case is protected by PCs, portable devices, tokens, smart cards rolling key technology to defeat would-be and biometrics to provide a unified thieves. Portable 2 Factor provides strong authentication infrastructure. When users protection against all types of phishing log into any web application, they are including man-in-the-middle. The TACS ID handed off to the TAG to manage the entire Tool is required for this type of credential authentication process and verify the and provides the additional benefit of credentials of each user with the ID Vault. performing an optional security presence Once authenticated through the ID Vault, check before authentication. the TAG delivers a SAML token to the SaaS Armored Token 2 Factor solution like SalesForce.com which either Armored Token 2 factor protects one time validates the SAML assertion or passes it via password tokens from man-in-the-middle a back trusted channel to the TAG for re- attacks. This type of credential also requires validation and then provides the user the the TACS ID Tool and provides the option of appropriate level of access. a security presence check. Armored Token 2 How does the integration work? factor is often used to protect existing one time password deployments. The TACS solution consists of the TAG and the ID Vault. The solution can either be
hosted internal to the organization or as a 2) User then strongly authenticates to TAG. hosted service. TAG validates the users’ strong authentication credentials with the ID Vault. Users are initially given a strong credential before the single sign-on feature for 3) Once the TAG authenticates the users’ SalesForce.com is turned on. This involves strong credential, it submits the user id and batch loading the users into the TriCipher a SAML token (as password) to system and generating a one-time-use SalesForce.com. activation code that can be sent to the users via email, SMS or even a phone call. 4) SalesForce.com then validates the user id and then sends a SOAP/XML message with Based on the type of licensed user id and SAML token (the one we passed SalesForce.com Edition you may need to them in step 3) to a web service on the request SalesForce.com to turn on single TAG. sign-on (SSO) AFTER your users have registered for strong authentication. The 5) TAG then validates the SAML token and if Enterprise and Unlimited Editions are more valid it returns a SOAP/XML message flexible and allow you to turn on single sign- confirming the user authentication to on on a per user basis by creating a new SalesForce.com profile for SSO. You can turn on SSO before the users register and enable SSO 6) SalesForce.com then allows the user to individually for each user by clicking on a access (single sign-on) to their checkbox in SalesForce.com SalesForce.com application. Users go through a registration period where they login to the TAG and are given their second factor for strong authentication. On the cut-over day, single sign-on is turned on for the users and they are provided the HTTP link to login to SalesForce.com – this can be on an internal customer portal where users click on a URL to login to SalesForce.com securely. The process flow for the user to login to salesforce.com is as below: 1) User clicks on the URL for Strong Authentication to SalesForce.com. User lands on TAG and inputs their username. Users are now required to login to
SalesForce.com using TriCipher strong authentication. Users that try to go directly to SalesForce.com will not succeed as they are required to login securely via TriCipher. Summary The TriCipher solution gives organizations powerful, seamless and flexible strong authentication capabilities to secure access to SalesForce.com. Customers can further leverage this central authentication infrastructure to secure access to internal and external web applications. Contact TriCipher Headquarters: 750 University Avenue, Suite 260 Los Gatos, CA 95032 Phone: +1.650.372.1300 Fax: +1.650.376.8301 TriCipher US sales: Email: sales@tricipher.com Phone: +1.650.376.8326 Fax: +1.650.376.8301 TriCipher EMEA sales: Email: emea@tricipher.com Phone: +44 (0) 1223 451 075 Fax: +44 (0)1223 451 1
status

Empfohlen

test
testtest
testpixeldemo
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iCombat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iPrecisely
 
Two factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideTwo factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideNick Owen
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_briefHai Nguyen
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual AuthenticationPortalGuard dba PistolStar, Inc.
 

Empfohlen

test
testtest
testpixeldemo
 
Stronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsStronger/Multi-factor Authentication for Enterprise Applications
Stronger/Multi-factor Authentication for Enterprise ApplicationsRamesh Nagappan
 
Webinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSWebinar - Easy multi factor authentication strategies and PCI DSS
Webinar - Easy multi factor authentication strategies and PCI DSSonionid12
 
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iCombat Passwords on Post-Its with Multi-Factor Authentication for IBM i
Combat Passwords on Post-Its with Multi-Factor Authentication for IBM iPrecisely
 
Two factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideTwo factor authentication-in_your_network_e_guide
Two factor authentication-in_your_network_e_guideNick Owen
 
Pg 2 fa_tech_brief
Pg 2 fa_tech_briefPg 2 fa_tech_brief
Pg 2 fa_tech_briefHai Nguyen
 
Sp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideSp 29 two_factor_auth_guide
Sp 29 two_factor_auth_guideHai Nguyen
 
Contextual Authentication
Contextual AuthenticationContextual Authentication
Contextual AuthenticationPortalGuard dba PistolStar, Inc.
 
PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentRamesh Nagappan
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftHendrix Bodden
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based AuthenticationPortalGuard dba PistolStar, Inc.
 
Msk security non linear authenticaiton
Msk security non linear authenticaitonMsk security non linear authenticaiton
Msk security non linear authenticaitonmsksecurity
 
Access management
Access managementAccess management
Access managementVenkatesh Jambulingam
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]Hai Nguyen
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor AuthenticationPortalGuard dba PistolStar, Inc.
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Systems, Inc.
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions www.ijeijournal.com
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signifypjpallen
 
Identity Assertions Draftv5
Identity Assertions Draftv5Identity Assertions Draftv5
Identity Assertions Draftv5Salvatore D'Agostino
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Systems, Inc.
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokenspjpallen
 
Two-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless ApproachTwo-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless ApproachPortalGuard
 
Multifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxMultifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxgilpinleeanna
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor AuthenticationPing Identity
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Strong authentication implementation guide
Strong authentication implementation guideStrong authentication implementation guide
Strong authentication implementation guideNis
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
 

Weitere ähnliche Inhalte

Was ist angesagt?

PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentRamesh Nagappan
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_faHai Nguyen
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailarHai Nguyen
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftHendrix Bodden
 
Msk security non linear authenticaiton
Msk security non linear authenticaitonMsk security non linear authenticaiton
Msk security non linear authenticaitonmsksecurity
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]Hai Nguyen
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Systems, Inc.
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signifypjpallen
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Systems, Inc.
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokenspjpallen
 

Was ist angesagt? (16)

PIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environmentPIV Card based Identity Assurance in Sun Ray and IDM environment
PIV Card based Identity Assurance in Sun Ray and IDM environment
 
Securing corporate assets_with_2_fa
Securing corporate assets_with_2_faSecuring corporate assets_with_2_fa
Securing corporate assets_with_2_fa
 
Session 7 e_raja_kailar
Session 7 e_raja_kailarSession 7 e_raja_kailar
Session 7 e_raja_kailar
 
Enterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoftEnterprise Mobile Security for PeopleSoft
Enterprise Mobile Security for PeopleSoft
 
Context Based Authentication
Context Based AuthenticationContext Based Authentication
Context Based Authentication
 
Msk security non linear authenticaiton
Msk security non linear authenticaitonMsk security non linear authenticaiton
Msk security non linear authenticaiton
 
Access management
Access managementAccess management
Access management
 
2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]2 factor authentication 3 [compatibility mode]
2 factor authentication 3 [compatibility mode]
 
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...Hitachi ID Password Manager: Enrollment, password reset and password synchron...
Hitachi ID Password Manager: Enrollment, password reset and password synchron...
 
Two-factor Authentication
Two-factor AuthenticationTwo-factor Authentication
Two-factor Authentication
 
Hitachi ID Password Manager Brochure
Hitachi ID Password Manager BrochureHitachi ID Password Manager Brochure
Hitachi ID Password Manager Brochure
 
International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)International Journal of Engineering Inventions (IJEI)
International Journal of Engineering Inventions (IJEI)
 
Rsa Secur Id From Signify
Rsa Secur Id From SignifyRsa Secur Id From Signify
Rsa Secur Id From Signify
 
Identity Assertions Draftv5
Identity Assertions Draftv5Identity Assertions Draftv5
Identity Assertions Draftv5
 
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
Hitachi ID Identity Manager: Faster onboarding, reliable deactivation and eff...
 
Signify Software Tokens
Signify Software TokensSignify Software Tokens
Signify Software Tokens
 

Ähnlich wie status

Two-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless ApproachTwo-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless ApproachPortalGuard
 
Multifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxMultifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxgilpinleeanna
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor AuthenticationPing Identity
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...Entrust Datacard
 
Strong authentication implementation guide
Strong authentication implementation guideStrong authentication implementation guide
Strong authentication implementation guideNis
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignRajat Jain
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect DesignRajat Jain
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber lawDivyank Jindal
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
IRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor AuthenticationIRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor AuthenticationIRJET Journal
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iPrecisely
 
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMulti_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMeetsolanki39
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesSherry Bailey
 
Entrust IdentityGuard Mobile
Entrust IdentityGuard MobileEntrust IdentityGuard Mobile
Entrust IdentityGuard MobileEntrust Datacard
 
76 s201923
76 s20192376 s201923
76 s201923IJRAT
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxArchana833240
 
The Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM iThe Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM iPrecisely
 
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONSECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONProtected Harbor
 

Ähnlich wie status (20)

Two-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless ApproachTwo-factor Authentication: A Tokenless Approach
Two-factor Authentication: A Tokenless Approach
 
Multifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docxMultifactor authenticationMultifactor authentication or MFA .docx
Multifactor authenticationMultifactor authentication or MFA .docx
 
Multi Factor Authentication
Multi Factor AuthenticationMulti Factor Authentication
Multi Factor Authentication
 
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
IDENTITY PLATFORMS: How central, flexible, deployment of multiple authenticat...
 
Strong authentication implementation guide
Strong authentication implementation guideStrong authentication implementation guide
Strong authentication implementation guide
 
Multi Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect DesignMulti Factor Authentication Whitepaper Arx - Intellect Design
Multi Factor Authentication Whitepaper Arx - Intellect Design
 
Arx brochure - Intellect Design
Arx brochure - Intellect DesignArx brochure - Intellect Design
Arx brochure - Intellect Design
 
Internet Banking
Internet BankingInternet Banking
Internet Banking
 
Cyber security and cyber law
Cyber security and cyber lawCyber security and cyber law
Cyber security and cyber law
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forward
 
IRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor AuthenticationIRJET- Data Security with Multifactor Authentication
IRJET- Data Security with Multifactor Authentication
 
Cybersecurity Slides
Cybersecurity SlidesCybersecurity Slides
Cybersecurity Slides
 
Security 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM iSecurity 101: Multi-Factor Authentication for IBM i
Security 101: Multi-Factor Authentication for IBM i
 
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdfMulti_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
Multi_Factor_Authentication_against_Data_Theft_PPTDark_Blue_Brown.pdf
 
Nt2580 Final Project Essay Examples
Nt2580 Final Project Essay ExamplesNt2580 Final Project Essay Examples
Nt2580 Final Project Essay Examples
 
Entrust IdentityGuard Mobile
Entrust IdentityGuard MobileEntrust IdentityGuard Mobile
Entrust IdentityGuard Mobile
 
76 s201923
76 s20192376 s201923
76 s201923
 
E-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptxE-Lock AdaptAuth.pptx
E-Lock AdaptAuth.pptx
 
The Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM iThe Best Shield Against Ransomware for IBM i
The Best Shield Against Ransomware for IBM i
 
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATIONSECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
SECURITY THE POWER OF MULTI-FACTOR AUTHENTICATION
 

status

  • 1. TriCipher Armored Credential System™ (TACS) Strong Authentication for SalesForce.com Integration Benefits you know (such as a password or PIN), TriCipher enhances SalesForce.com by something you have (such as an seamlessly adding multi-factor functionality authentication token), or something you are to the Username / Password method (biometrics, such as a retina scan, or currently used today. Organizations will fingerprint). Consumers are used to a multi continue to derive the benefits from factor authentication model with ATM cards SalesForce.com and will now have the - the PIN being something you know, the additional capability to transition their ATM card is what you physically have. organizations from weaker password protection to something much stronger. Employing Multi Factor authentication for use online, however, is much more Benefits challenging because it typically requires the user to carry or present something physical. Strong authentication for SalesForce.com that prevents identity theft and fraud Historically, traditional Multi-Factor authentication methods have been too hard Prevents man-in-the middle (MITM) and to deploy and manage for large consumer complex phishing attacks bases, due not only to the high costs associated with initial purchase, but also the Seamless integration with a transition path overhead of initial deployment, from weak password systems to strong lost/replacement, management and authentication customer support. Add to this the fact that many users are not yet ready or prepared Choose from an array of strong multi factor to deal with hardware tokens, scratch cards, authentication methods from the TriCipher client software downloads and extra Authentication Ladder. authentication steps, even if it protects their bank account and identity information. Compliance with stringent audit and TACS Solution regulations such as FFIEC, HIPAA, GLB, etc. The TriCipher Armored Credential System™ (TACS) provides a comprehensive Multi Factor Authentication infrastructure that can be used to address Multi factor authentication by definition is many of these risks. Its unique Multi-part the use of a combination of more than one credential and Flexible Factor technologies factor for the purpose of user enable a single infrastructure to issue authentication. A “factor” can be something credentials of different strengths. This
  • 2. allows the enterprise to tailor the type of download strong authentication solution. In credential to the specific level of risk B2F, the 2nd factor in the form of an without having to deploy multiple costly encrypted cookie or a browser certificate is infrastructures. transparently given to the users’ browser. Also, as a part of the activation process, the The system architecture is designed to allow user selects an image or a secret text TACS to be easily deployed for external phrase they will recognize when they come Software as a Service (SaaS) applications back to the web site. TriCipher is unique in like SalesForce.com and also to protect this clientless offering by going up the internal web applications. Servicing some of ladder with the B2F Certificate option (as the highest volume financial services cookies are susceptible to certain attacks applications for demanding customers, and can be deleted or copied). TACS provides high reliability, availability and scalability. In addition B2F has advantages as: • Requires no change in user behavior. TACS provides a variety of Multi Factor The user is completely unaware of authentication options (see TriCipher the change and migration to his type Authentication Ladder below), allowing you of credential from a password-only to balance security, cost and ease of use system is transparent (even their based on the results of your risk password remains the same). assessment. • No client software. Browser 2 factor requires no client side software. • Phishing protection. Browser 2 factor protects against phishing attacks whose aim is credential theft. • Authenticate your web site. Showing a welcome message reassures the user that they have reached your site, not a phisher's replica. Device 2 Factor (B2F) strong authentication Perhaps the easiest to use, deploy and manage is using the login device as second factor. With this type of credential, the Browser 2 Factor (B2F) strong second factor is stored securely on the PC. authentication The user has nothing new to carry, but does The Browser 2 Factor rung of the TriCipher need a small piece of client side software, Authentication Ladder offers a zero
  • 3. the TACS ID Tool. The device 2nd factor Additional credential types provides strong protection against all types TACS provides for other credential types, of phishing including man-in-the-middle. including smart cards and using three or The client software also provides the more authentication factors. additional benefit of performing an optional security presence check before TriCipher Authentication Gateway authentication. Device 2 factor is often used (TAG) strong authentication for high net worth consumers, business The TAG is an integral part of the TriCipher banking customers, active traders, Armored Credential System (TACS), The administrators at individual branches (or at TriCipher Authentication Gateway (TAG) client companies) and channels such as acts as a services layer for web applications. mortgage brokers. The TAG reduces the time to deploy strong authentication, increases authentication Portable 2 Factor performance, and ensures the security of Portable 2 factor takes advantage of the the login process by providing a single security of multi-part credentials to use standardized strong authentication service commodity storage products or consumer for use by every application within an electronics as a 2nd factor for organization. The TAG, based on patent authentication. Users can choose something pending technology, manages the they carry already such as an MP3 player or authentication for every level of the USB memory stick, or the financial TriCipher Authentication Ladder including institution can issue something branded. passwords, browser cookies/certifications, The 2nd factor in this case is protected by PCs, portable devices, tokens, smart cards rolling key technology to defeat would-be and biometrics to provide a unified thieves. Portable 2 Factor provides strong authentication infrastructure. When users protection against all types of phishing log into any web application, they are including man-in-the-middle. The TACS ID handed off to the TAG to manage the entire Tool is required for this type of credential authentication process and verify the and provides the additional benefit of credentials of each user with the ID Vault. performing an optional security presence Once authenticated through the ID Vault, check before authentication. the TAG delivers a SAML token to the SaaS Armored Token 2 Factor solution like SalesForce.com which either Armored Token 2 factor protects one time validates the SAML assertion or passes it via password tokens from man-in-the-middle a back trusted channel to the TAG for re- attacks. This type of credential also requires validation and then provides the user the the TACS ID Tool and provides the option of appropriate level of access. a security presence check. Armored Token 2 How does the integration work? factor is often used to protect existing one time password deployments. The TACS solution consists of the TAG and the ID Vault. The solution can either be
  • 4. hosted internal to the organization or as a 2) User then strongly authenticates to TAG. hosted service. TAG validates the users’ strong authentication credentials with the ID Vault. Users are initially given a strong credential before the single sign-on feature for 3) Once the TAG authenticates the users’ SalesForce.com is turned on. This involves strong credential, it submits the user id and batch loading the users into the TriCipher a SAML token (as password) to system and generating a one-time-use SalesForce.com. activation code that can be sent to the users via email, SMS or even a phone call. 4) SalesForce.com then validates the user id and then sends a SOAP/XML message with Based on the type of licensed user id and SAML token (the one we passed SalesForce.com Edition you may need to them in step 3) to a web service on the request SalesForce.com to turn on single TAG. sign-on (SSO) AFTER your users have registered for strong authentication. The 5) TAG then validates the SAML token and if Enterprise and Unlimited Editions are more valid it returns a SOAP/XML message flexible and allow you to turn on single sign- confirming the user authentication to on on a per user basis by creating a new SalesForce.com profile for SSO. You can turn on SSO before the users register and enable SSO 6) SalesForce.com then allows the user to individually for each user by clicking on a access (single sign-on) to their checkbox in SalesForce.com SalesForce.com application. Users go through a registration period where they login to the TAG and are given their second factor for strong authentication. On the cut-over day, single sign-on is turned on for the users and they are provided the HTTP link to login to SalesForce.com – this can be on an internal customer portal where users click on a URL to login to SalesForce.com securely. The process flow for the user to login to salesforce.com is as below: 1) User clicks on the URL for Strong Authentication to SalesForce.com. User lands on TAG and inputs their username. Users are now required to login to
  • 5. SalesForce.com using TriCipher strong authentication. Users that try to go directly to SalesForce.com will not succeed as they are required to login securely via TriCipher. Summary The TriCipher solution gives organizations powerful, seamless and flexible strong authentication capabilities to secure access to SalesForce.com. Customers can further leverage this central authentication infrastructure to secure access to internal and external web applications. Contact TriCipher Headquarters: 750 University Avenue, Suite 260 Los Gatos, CA 95032 Phone: +1.650.372.1300 Fax: +1.650.376.8301 TriCipher US sales: Email: sales@tricipher.com Phone: +1.650.376.8326 Fax: +1.650.376.8301 TriCipher EMEA sales: Email: emea@tricipher.com Phone: +44 (0) 1223 451 075 Fax: +44 (0)1223 451 1