SolidPass provides a highly secure 2FA solution, combining a simple-to-use mobile application with a mandatory PIN, and additional security configurations such as challenge code and security question. The SolidPass System provides strict security measures both on the server side and mobile application side. Any information taken from the server or mobile application by an attacker remains useless due to the following strict security policies:

PIN

User enters PIN into the SolidPass Mobile Application, which generates an OTP to validate the requested transaction

Challenge Code

In this configuration, in addition to the PIN, the user enters the challenge code generated by the SolidPass Server and sent to the user via the current banking channel being used for the transaction (e-banking, m-banking, ATM). The SolidPass Server includes distinctive, transaction specific data in the challenge code, which is displayed to the user on the mobile, allowing the user to ensure that they are authorizing the exact transaction they intend to authorize,

Security Question

As a tiered security measure, SolidPass provides capability to include security questions with the challenge code

Strong Authentication

The SolidPass family of security tokens provides strong two-factor authentication. SolidPass helps organizations and entities to realize stronger authentication than a static username and password by providing two-factor authentication. The SolidPass security token is engineered to dynamically generate a one-time password (OTP). Potential uses of SolidPass include securing access to enterprise applications and vpn connections. The security token can also be used to authenticate users and sign transactions. This is especially useful for online banking and mobile banking security, where SolidPass can be embedded in a mobile banking application for seamless authentication.

SolidPass supports the following strong authentication methods:

• Event-based One-Time Password (OTP)
• Time-based One-Time Password (OTP)
• PIN control mandatory/optional
• Security Question
• Challenge Response
• Transaction Data Signing (TDS)
• Mutual Authentication

SolidPass can be used to prevent the following attacks:

• Phishing
• Pharming
• Man-In-The-Middle
• DNS Cache Poisoning
• Trojans
• Man-In-The-Phone
• Browser Poisoning