Mobile Authenticators Overview
Mobile authentication apps for Android and iOS that simplify two factor authentication (2FA) for corporate use cases.
Employees simply download the app and follow a self-service provisioning process.
Reduce the risk of unauthorized access by using two factor authentication (2FA).
Cut costs with an intuitive user experience and self-service activation.
Give employees secure access with one-time passwords or push notifications on mobile.
Meet regulatory requirements to protect access to corporate systems with 2FA.
Strengthen remote access security with two factor authentication
Employees can use their own mobile devices as a second factor for stronger authentication – no additional tokens or hardware necessary.
Getting started is easy. A self-service portal simplifies provisioning in three steps:
Enter a phone number into the portal
Download the OneSpan Mobile Authenticator or Mobile Authenticator ES from the Apple App Store or Google Play Store
Activate automatically using a QR code or manually with an activation number.
Increase employee productivity with an intuitive mobile authenticator
Employees can generate one-time passwords with a touch, enabling them to securely log in to applications using their mobile device. Users can simply authenticate with a fingerprint, Apple Face ID, or PIN along with a one-time password (OTP).
Or, remove the need to type altogether by sending the user a notification prompt on their mobile device and allowing them to authenticate through the prompt with a simple tap.
Protect against data breaches
Stolen credentials are the leading cause of hacking-related breaches, according to Verizon’s 2019 Data Breach Investigations Report.
Using two factor authentication significantly reduces the risk of being breached. OneSpan’s secure approach to mobile notifications mitigates malware attacks on OTPs sent via push notification – and is much stronger than other delivery methods that might send sensitive data in clear text.
In addition, device-binding options establish a tamper-resistant, trusted identity bound to a user’s device for enhanced security.
Meet regulatory requirements to protect sensitive data
The European Union Agency for Network and Information Security (ENISA) provides guidance to EU organizations on implementing the General Data Protection Regulation (GDPR). They recommend using security tokens, biometrics, and other methods to access systems that process personal data.
The Payment Card Industry Data Security Standard (PCI DSS) also requires entities that store, process, or transmit cardholder data to implement multi-factor authentication (MFA) or two factor authentication (2FA) for general user, administrator, and vendor access to the cardholder data environment.
Reduce the burden on IT staff
Reduce helpdesk and other administrative costs with a single, integrated system that manages the complete authentication lifecycle, including:
– Provisioning
– Creation
– Authentication
– Authorization
– Management
– Revocation
Further, employees can easily activate their mobile authenticator app without IT involvement or end-user training.
Mobile Authenticators Features
Mobile Authenticator
Bind the authenticator app to the registered user’s device to ensure that only the authenticator installed on the bound device will generate valid OTPs.
With a simple touch, allow users to generate a one-time password (OTP) for log-in.
Securely send a push notification to a user’s mobile device allowing them to easily log-in or trigger an additional layer of authentication with local PIN or fingerprint.
Allow users to authenticate themselves to the Mobile Authenticator app via a client-side/local or server-side PIN or fingerprint on devices that include a fingerprint biometric sensor or leverage Apple Touch ID and Face ID on iOS devices.
Server Integration and Support
OneSpan Authentication Server can be integrated with:
– RADIUS
– Microsoft IS-based applications (e.g., Outlook Web Access, Citrix StoreFront, or Microsoft RDWeb Access
– Any application using SOAP
In addition, there are further plug-ins available for third-party systems such as Juniper SBR and Microsoft ADFS.
OneSpan Authentication Server is available in the widest range of supported platforms:
– Windows Server
– Ubuntu
– RedHat distributions
– Vmware
– Hyper-V
– Citrix virtual environments
– Dedicated appliance formats
Support a wide range of ODBC-compliant databases for data storage and ships standard with MariaDB using OneSpan Mobile Authenticator. Store data related to authenticators and users in the ODBC database and sync with Active Directory Windows user information.
Administration & Management
With an intuitive self-management website, empower your end-users to manage their software authenticator without helpdesk support, thereby conserving valuable IT resources.
Facilitate remote management with administrative functions available through a web-based user interface. An overview of daily events and actions taken by your IT administrators is readily available.
Auditing & Reporting
The audit console provides the ability to automatically monitor incoming and outgoing events on the server. This data gathered by the audit console delivers the critical details required to successfully administer a remote access environment.
Extensive XML or HTML formatted reporting is provided for helpdesk troubleshooting, system and security auditing, and accounting purposes.
Deployment
With an on-premises deployment of OneSpan Authentication Server, you receive a comprehensive, centralized, and flexible authentication platform deployed on your premises. From there, OneSpan Authentication Server can deliver complete management of the authentication through a single integrated system.
OneSpan Authentication Server Appliance is available as a standalone solution. It is engineered for any enterprise seeking the power and simplicity of a dedicated appliance. The value in this approach is that it eliminates the need to install and maintain a software-based solution in your environment.
