iDKI – Pramosa

CONCEPT

Simplified cost-efficient strong authentication solution based on the open FIDO U2F authentication specification
Using vendor-agnostic FIDO (U2F) security keys
Enable a single security key to protect multiple personal and corporate authentication from unlimited devices to unlimited services

Authentication over asymmetric encryption
Near-zero performance impact
Malware mitigation of multiple attack vectors
Protect mission critical systems, or deploy to every system within the organisation
Integrates with local as well as cloud-based Azure AD
Can run in standalone environments and Workgroups
Secure Windows 7, Windows 8 and Windows 10 logins
Native RDP authentication with asymmetric encryption and single sign-on
Enable U2F authentication to applications using our extensible API, through federation and ultimately provide single sign-on
Simple rapid deployment of server
Flexible deployment staging to avoid disruption to IT and users and the business
It help-desk zero-touch during enrolment
User self-service enrolment
User self-service for domain password reset against AD and local account password for Workgroup users – requires security key, mobile application or a registered mobile for SMS 2 factor authentication
Make use of U2F based OTP as a software-based deployment on Android (I don’t think we can really call this U2F based OTP, the method)
Secure companion Android fall-back application for host specific authentication in the event of a user misplacing their key (configurable)
SMS for host specific authentication in the event of a user misplacing their key (configurable)
Full audit log and reporting system of authentication events, changes, modifications and irregular user behaviour

Aid in compliance with the European GDPR (General Data Protection Regulation) by encrypting the authentication to sensitive data
Aid in compliance with the South African POPI Act (Protection of Personal Information Act, No 4 of 2013) by encrypting the authentication to sensitive data
Unphishable authentication due to asymmetric encryption during validation of identity
Online and offline mode authentication
Make it impossible for a Bot on an infected host to replicate
Make it impossible for malware to intercept in the case of a man-in-the-middle attack
Make it impossible to be fooled into unintentionally relinquishing ones credentials by website redirection
Simple security key fishbowl distribution
Decreased helpdesk load and cost via user self-service for password management
Enabling the emerging gold standard in authentication across the entire organisation
A single security key can be used in personal and corporate environments with zero security cross-pollination
Enables BYOK (Bring Your Own Key)
Rapid deployment and user integration
Additional authentication options via email, SMS or mobile Android application