Two Factor Authentication is an enhancement on the traditional login procedures for electronic systems, providing an additional layer of defense against unauthorised access to a Website, VPN, Banking Data or other sensitive electronic device.
With Token-Based Two Factor Authentication, an additional "token" is required along with the password. This token, also known as a "One Time Passcode", is either generated every time a user logs into a system, or every time a user logs in using an unrecognised device.
TNZ Group offers a Virtual Authentication solution, which means users authenticate using a telephone or mobile device (no physical dongle required).
Why you need Two Factor Authentication (2FA/TFA)?
Two Factor Authentication is quickly becoming standard practise in an age where computer hacking and electronic fraud is commonplace. It is a simple solution which can provide an unmeasurable degree of security and is a requirement of many governments and corporations around the world. More and more computer-savvy customers are requesting two-factor authentication solutions today.
The advantages of TNZ Group's Two Factor Authentication over Other Solutions
Token-Based Two Factor Authentication is a smart choice, as it requires a unique code to be generated every time a user logs in. This means an account can only be accessed by a person who has both the Username and Password credentials, as well as access to the user's registered mobile device.
Common security solutions only require a static second-factor, e.g. a second password. This is far less secure, as the second password does not change regularly enough to be effective and can easily be obtained at the same time the primary password is obtained. Other two-factor authentication solutions require a physical key-dongle or device which generates the second passcode, which lacks the convenience of a SMS based token for today's ultra mobile users.
How to integrate 2FA into your existing login procedures
For Token-Based Two Factor Authentication, your system passes us a unique Token along with the mobile device information, which we will push to the mobile device via SMS. Your system can optionally require that the correct Token is entered into the system within the required timeframe (Time-Based Token).
Email Based Transport supported (although not recommended due to delivery delays)
API Based Transport supported (HTTP, HTTPS, SOAP, etc)
High Speed of Delivery and Throughput
Integration with leading firewalls and security devices
How it Works
User logs into your system using "Username" and "Password".
Your system generates a Token and displays a Token challenge to the User (I.e. a screen showing an 'Enter Token' box).
Your system messages our system with "Username" and "Token" data (see Ways to Send for information on delivering the Token data).
Our system pushes a notification to the mobile device with the Token information.
The mobile user enters the Token into the Token challenge.
Your system accepts or denies the User login as appropriate.