Swivel Secure, the emerging name in two-factor authentication has announced the release of the latest version of its award winning software PINsafe v3.1 which now includes an option to work with the standard Windows login Gina. This latest release also includes extended support for LDAP and Active Directory as well as number of new features designed to ensure maximum flexibility and
PINsafe is a PIN-based strong two-factor authentication system which generates a one-time code (OTC) for each login attempt without the need to deploy user devices or client side software and can be used to add increased security for network access and Web-based applications.
The addition of the Windows Gina extends the functionality of the system to secure access for local applications whether from inside the firewall or disconnected from the network and replaces the standard Windows user ID and password login procedure.
The system works by sending a random ten-digit security string to the user through either a cellular transport to a mobile device or SSL link to an Internet browser. The OTC is generated by extracting digits from the string using the PIN as a positional reference. PINsafe v3.1 will enable enterprises to have a consistent strong authentication protocol for all types of user without the need to deploy and manage the distribution of physical tokens.
In addition, the extended support for Active Directory significantly improves the management of client credentials and eliminates the burden of double administration, synchronization or data importing. With v3.1 system administrators can opt to link with an existing user database or utilize the XML repository that is included with the software.
Users of PINsafe can be set up using just one or a combination of the standard interface options based on corporate security policies and access privileges. PINsafe v3.1 extends this flexibility to enable customized interfaces to be developed for specialist applications or individuals with specialist needs. This includes full integration with other 3rd party authentication technologies. Interface options include the dual channel transport in the form of SMS text messaging, SMTP routing and GPRS download to a Java based device.
Alternatively the system can use a single channel transport via an SSL tunnel to display the security string on the login page when requested. To prevent capture by OCR Trojan spyware the security string is displayed as an obfuscated image which is randomly generated from a set of irregular fonts and random backgrounds.
PINsafe was launched in 2003 in response to market demand for a more cost effective option to the established-token based solutions and is rapidly gaining recognition on a worldwide basis. The PINsafe technology is designed to integrate with all the industry standard network security systems including providing a strengthened authentication protocol for a range of SSL VPN and thin client solutions which Swivel sees as a key target market for the PINsafe technology and where it is forecasting to take a significant market share.
In addition to the corporate B2B market, Swivel is also seeing significant interest in PINsafe from the banking and financial sector as a low cost, scaleable solution to ID theft and Phishing attacks which is costing the financial sector billions through organized fraud.
The product is available as a locked down Linux appliance or as software only for Windows, Linux and Solaris servers and is priced at between GBP 62.50 and GBP 0.78 per user depending on volume for a perpetual licence.