The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something thwarts attackers that steal or gain access to passwords. Traditional two-factor authentication solutions use hardware tokens (or "fobs") that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $125 each. It takes time and effort to distribute them, track who has which one, and replace them when they break. They're easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.
YOUR PHONE IS YOUR TOKEN
miniOrange leverages the mobile phone as the second factor. It's a device that people already have, know how to use, and notice when it's missing. Using an existing device reduces deployment and training costs, and improves the end-user experience of the entire system. miniOrange Security works with all phone types, from old phones to smartphone platforms.
Mobile computing is relevant to the user authentication market in two ways:
It provides a new form factor for authentication tokens (phone-as-a-token authentication methods).
It provides a new kind of endpoint and context in which users must authenticate,
Either - To the endpoint
Or - From the endpoint
We predict increasing use of biometric authentication for access to enterprise networks or high-value Web Applications from smartphones or tablets.
Contextual authentication will likely also play a significant part in mobile-apt user authentication. We also note that adopting significantly different user authentication methods for different kinds of endpoints will be unsustainable in the midterm to long term because the burden on enterprises and users alike will be too great.
Thus, mobile-apt methods must also be "PC apt". Combinations of X.509 credentials on the endpoint, low-friction biometric modes and contextual authentication will likely fit the bill.
If you are looking to provide two factor authentication for mobile banking, the usual authentication methods of using OTP over SMS etc, will not work because the transaction is initiated through a mobile phone.
To complicate things further, the mobile interface is different from the traditional browser interfaces. They are small and the user can not do a lot of things on the mobile interface.
miniOrange provides a range of authentication methods that can work separately or with each other and are most suitable for transactions that are initiated through a mobile phone.
PIN - This is similar to a password and this is something the user remembers and enters when prompted.
Device ID - miniOrange can identify a device fingerprint behind the scenes and can use that to ensure that a particular request is coming from a particular device only.
Location - miniOrange can restrict the use of mobile banking based on the users geo-location. Users outside that location get their entry restricted.
Time of access - miniOrange can ensure that users have access to mobile banking only within a specific time period during a day, if specified by an administrator using a policy.
Voice - Voice based or voice biometric authentication is one of the strongest authentication methods that is backed by years of research. We can take your voice print and verify whether its you who has initiated the transaction.