Protect against SIM abuse, Phishing and Password Attacks
Our software is designed to protect your web sites from both credential phishing attacks, session hijacking, SIM hacks, as well as weak or written down passwords. It authenticates users using biometrics on the user's mobile devices. Our protection against SIM hacking is because we do not use SMS. A nice side effect of this is that you can authenticate while in flight or at sea where SMS messages are rarely available.
A very positive side effect of integrating our software into your platform is that the user sign-in experience comes down at most two taps, and as little as one, on their mobile device instead of a password, SMS or email code they have to wait for and enter. More secure and a better user experience? Win-Win! Try our demo for yourself to see how easy the process is.
You can also send just regular notifications with our system with your apps or web site. No need to develop that code for yourself.
Fully GDPR compliant!
Made For the CISO and Web Developers
Quick and Simple
Fast API Interface
Value Priced
Fully Documented
Full End-to-End Excryption
Biometric based — No SMS to be Hacked
Robust and Redundant Infrastructure
No codes to copy and paste — two taps and you're done.
You Don't Want to be One of These Guys
SIM Hack
SIM swapping: the simple way that hackers took over the SEC’s X Account
Just after the stock market closed on January 9, the U.S. Securities and Exchange Commission posted on X (née Twitter) that it had approved exchange-traded funds, or ETFs, that included the cryptocurrency bitcoin. It was a massively important, potentially market-moving announcement, and one that was hotly anticipated by crypto fanatics, professional traders, and casual investors alike.
There was only one problem: The SEC never posted that announcement—someone else did.If X used our authenticator then the SIM doesn't matter. Biometrics matter. SIMs don't.
Phishing
Financial Platform Payoneer Blames Account Hacks On Phishing Campaign
Just after the stock market closed on January 9, the U.S. Securities and Exchange Commission posted on X (née Twitter) that it had approved exchange-traded funds, or ETFs, that included the cryptocurrency bitcoin. It was a massively important, potentially market-moving announcement, and one that was hotly anticipated by crypto fanatics, professional traders, and casual investors alike.
There was only one problem: The SEC never posted that announcement—someone else did.If they used our authenticator then phishing wouldn't matter. "Here's my password. Now what are you going to do?" Passwords would have been meaningless if our software was used.
Weak Passwords
Weak Password Causes Disaster For Spain’s No. 2 Mobile Carrier
Orange España, Spain’s second-biggest mobile operator, suffered a major outage for three hours on Jan. 3 after an unknown party obtained a “ridiculously weak” password and used it to access an account for managing the global routing table that controls which networks deliver the company's Internet traffic, researchers said. The hijacking began when the party logged into Orange’s RIPE NCC account using the password 'ripeadmin'. The RIPE Network Coordination Center is one of five Regional Internet Registries, which are responsible for managing and allocating IP addresses to Internet service providers, telecommunication organizations, and companies that manage their own network infrastructure. RIPE serves 75 countries in Europe, the Middle East, and Central Asia.
If RIPE used our authenticator they would have been protecting their customers against using weak passwords.
How your Users Use It
1Download
Your user downloads our User Authenticator App from either the iOS store for iOS-based devices or from the Google Play Store for Android based mobile devices.
2Register Your Device
The user registers their device using your site which will either display a QR code or email them the QR code. The choice is yours.
3Use it!
Your users will then be challenged with a biometric gatekeeper from our App upon log-in to your system.