CONCEPT
- Simplified cost-efficient strong authentication solution based on the open FIDO U2F authentication specification
- Using vendor-agnostic FIDO (U2F) security keys
- Enable a single security key to protect multiple personal and corporate authentication from unlimited devices to unlimited services

KEY FEATURES
- Authentication over asymmetric encryption
- Near-zero performance impact
- Malware mitigation of multiple attack vectors
- Protect mission critical systems, or deploy to every system within the organisation
- Integrates with local as well as cloud-based Azure AD
- Can run in standalone environments and Workgroups
- Secure Windows 7, Windows 8 and Windows 10 logins
- Native RDP authentication with asymmetric encryption and single sign-on
- Enable U2F authentication to applications using our extensible API, through federation and ultimately provide single sign-on
- Simple rapid deployment of server
- Flexible deployment staging to avoid disruption to IT and users and the business
- It help-desk zero-touch during enrolment
- User self-service enrolment
- User self-service for domain password reset against AD and local account password for Workgroup users – requires security key, mobile application or a registered mobile for SMS 2 factor authentication
- Make use of U2F based OTP as a software-based deployment on Android (I don’t think we can really call this U2F based OTP, the method)
- Secure companion Android fall-back application for host specific authentication in the event of a user misplacing their key (configurable)
- SMS for host specific authentication in the event of a user misplacing their key (configurable)
- Full audit log and reporting system of authentication events, changes, modifications and irregular user behaviour


KEY BENEFITS
- Aid in compliance with the European GDPR (General Data Protection Regulation) by encrypting the authentication to sensitive data
- Aid in compliance with the South African POPI Act (Protection of Personal Information Act, No 4 of 2013) by encrypting the authentication to sensitive data
- Unphishable authentication due to asymmetric encryption during validation of identity
- Online and offline mode authentication
- Make it impossible for a Bot on an infected host to replicate
- Make it impossible for malware to intercept in the case of a man-in-the-middle attack
- Make it impossible to be fooled into unintentionally relinquishing ones credentials by website redirection
- Simple security key fishbowl distribution
- Decreased helpdesk load and cost via user self-service for password management
- Enabling the emerging gold standard in authentication across the entire organisation
- A single security key can be used in personal and corporate environments with zero security cross-pollination
- Enables BYOK (Bring Your Own Key)
- Rapid deployment and user integration
- Additional authentication options via email, SMS or mobile Android application

