SMS PASSCODE3rd generation user authentication

Christian LarsenRegional Manager, International

VirtualizationForum 2014

Why Stronger Authentication?Simply because passwords are weak!

» Hackers preferred weapon 76% of network intrusions exploited weak or stolen credentials (passwords)*

» You might already be a victim 66% of breaches took months or years to discover*

» The small organizations cannot hide 31% of all targeted attacks were aimed at businesses with less than 250 employees**

» The threat is only getting bigger - Cybercrime is the fastest growing crime type in the world and targeted attacks grew by 62% from 2013 to 2014***

Adaptive User Authentication 2

* Verizon Data Breach Investigations Report 2013

** Internet Security Threat Report 2013 (published by Symantec)*** Internet Security Threat Report 2014 (published by Symantec)

Why Stronger Authentication?» We are already patching up, scanning and testing etc.

» Companies often put a great effort into updating, patching, vulnerability testing etc.,

» but this way you only seal the windows, close the shutters and the cat’s door…

» and if the wrong guy has a valid set of credentials, and you do not have MFA, he walks in through the main entrance…

» even without anyone discovering it! – So you might be attacked without knowing!

Adaptive User Authentication 3

» Today a password is not enough to ensure your online identity, because it can be compromised in many ways (key logged phished, bought, guessed etc.)

» Therefore the providers of online services like banking, e-mail, gaming, social media etc. now all force or allow you to step up authentication

» And since almost everybody has a mobile phone, the providers use SMS/Text for validation

» A user-friendly way of enabling Multi-Factor Authentication on a global scale

Adaptive User Authentication 4

Stronger Authentication in 2014

SMS PASSCODE We are a technology leader in adaptive multi-factor authentication software.

We ensure employees can easily and safely access corporate networks and applications remotely.

We provide IT/security managers with a cost-effective and easy-to-maintain offering that secures remote access systems, including Microsoft, Citrix, Cisco and Juniper.

Adaptive User Authentication 5

The Evolution of Authentication Technology

Adaptive User Authentication 6

Hardware Tokens

+ Introduction of two-factor auth.

÷ High cost on tokens

÷ Distribution & administration cost

÷ An extra thing to carry

80-90’s

Mobile based solutions

+ Real-time multi-factor auth.

+ No hardware distribution

÷ Deployment of soft tokens / apps

÷ Regional SMS delivery challenges

00’s

Adaptive User Authentication

+ Contextual intelligence layer

+ Policy-based trusted IPs

+ Multiple OTP options

+ Location aware dispatching

Now

• Always been based on SMS, Always been real-time, Always been session based, No client software

Our Heritage:

1st Generation 2nd Generation 3rd Generation

Two-factor vs. Multi-factor Authentication

» Two-factor Authentication (2FA) is merely

» Something you Know

» Something you Have (Token, Card, Finger, Phone etc.)

» Multi-Factor Authentication (MFA) simply adds more factors

» Your Connection (unique session identification)

» Your Location (Geographically)

» The Role/Rights you have (Group member i.e. consultant, employee)

» A valid Gateway/Point of entry

» Time of day (doors are open only between i.e. 8am and 10pm) etc.

Adaptive User Authentication 7

Basic security:

Protects against 90’ies threats (key

loggers, guessed/ cracked/ bought/

borrowed passwords etc.) Plus - users

feel that their identity is protected.

Higher security:

Protection against also more modern

threats like Advanced malware, Session

hijacking, Phishing, Pharming, Man-in-

the-middle attacks etc.

New flexibility:

Access may now be controlled based on

i.e. Countries, IP-ranges, “Trusted

locations”, Time frames, Roles, Groups

and other factors.

Valued Partnerships

Adaptive User Authentication 8

Market Proven Technology

Adaptive User Authentication 9

Why SMS PASSCODEWhat makes SMS PASSCODE unique?

Adaptive User Authentication 10

Makes Security Hassle-Free and Painless for the User

Easy for IT to Implement, Manage and Scale

Prevents Security Breaches with Contextual Intelligence

Reduces Costs and Improves ROI

Superior User

Experience

Flexible OTP Delivery

Adaptive User Authentication 11

» Broad range of OTP delivery options

» Automatic failover

» Location Aware Dispatching

» OATH token support – allows use of both hardware- and App tokens

» Simultaneous use is possible

Platform Diagram

Adaptive User Authentication 12

Demonstration

Adaptive User Authentication 13

In Good Hands

Adaptive User Authentication 14

217 custo

mers

in 21 countries were asked

1%

40%

59%

0% 20% 40% 60% 80%

LESS SATISFIED

SATISFIED

HIGHLY SATISFIED

Customer Satisfaction 2014

1%

5%

38%

56%

0% 20% 40% 60%

UNLIKELY

DON'T KNOW

LIKELY

VERY LIKELY

Likelyhood to recommend SMS PASSCODE

“This project has been highly successful. Not only have we realized substantial cost savings, the users have also been very happy about the change”

John Gudmann, Post Nord

“SMS PASSCODE is a great hassle-free product and does exactly what we need it to”

John Owen, IT Manager, Day Group

“We have now regained control of the authentication process. We know exactly who receives access codes, when they use them to log in, and from where”

Peter Warnier, CIO, DEME

FREE 30 DAY TRIAL

www.smspasscode.com/free-trial

Adaptive User Authentication 15

Keeping you safewithout spoiling the ride

Questions?

Adaptive User Authentication 17