Secure Virtual Private Network
Virtual Private Networks (VPN) provide a private channel or tunnel through the Internet to maintain security for organizations. A VPN offers an organization the same capabilities as private leased lines at much lower cost by using the shared public infrastructure. SolidPass integrates seamlessly with all major VPN vendors, including Aventail, Check Point, Cisco, Citrix, Juniper and Nortel.
The SolidPass System uses industry standard security in conjunction with one-time password (OTP) and other Two Factor Authentication (2FA) solutions to deliver a highly secure framework out of the box. SolidPass provides full security against untrusted downloads, malicious key logging, and phishing attempts. The server controls which applications its end users can download as well as the download source. SSL connections are supported and enforceable. In addition, SolidPass comes with the best-in-class two-factor authentication solution, called the SolidPass Mobile Application, which is more secure than traditional 2FA models. The implementation of the SolidPass Mobile Application also prevents Man-in-the-Middle (MitM) attacks and other real time attacks by establishing a challenge code that only the user would know. This way the user can easily check whether the transaction they are authorizing is a valid and secure transaction.
Benefits of the SolidPass Mobile Application
Users are more likely to recognize the loss of their mobile phone before they recognize the loss of a hardware token. This means that they are also more likely to recover a misplaced mobile phone before finding a lost hardware token. Therefore, as a result mobile phones have become a more reliable deployment method than hardware tokens. Essentially, the SolidPass Mobile Application is a more secure, more convenient and more cost-effective form of mobile security than any hardware tokens currently on the market.
The SolidPass System offers several features that hardware tokens cannot provide:
- SolidPass warns the user if the challenge code is coming from an untrusted source (e.g. a fake web-site)
- SolidPass shows transaction-specific information to the user on their mobile phone, so the user can verify exactly what is being authorized
- SolidPass protects users by asking security questions if required. If the user can’t answer the question, the application won’t provide a valid OTP.