Using OAAM and ProtectID® together, companies can defend against the latest online threats, including account takeover schemes and man-in-the-middle attacks to restore trust in Internet transactions. The combined offering utilizes advanced authentication and fraud prevention to evaluate risk and alert organizations in real-time to potential fraud threats. In addition, the OAAM/ProtectID® solution enables companies to employ a range of security options, including “Out-of-Band” phone authentication, to meet diverse user requirements or upgrade to higher levels of protection as threats increase without reinvesting in infrastructure. Enterprise Security Officers prefer two-factor authentication all the time. Consumers are happy with simple ID/Password authentication, thereby finding a workable solution has been a challenge for companies.
The Oracle Adaptive Access Manager (OAAM) combined with StrikeForce’s ProtectID®, meets this challenge. Heightened regulatory requirements (e.g. FFIEC and The Red Flags) recommend adopting strong two-factor authentication for the higher risk transactions. Gartner recommends “Out-of-Band” authentication as a necessary layer to prevent Identity Theft. The regulations explicitly discuss the use of One Time Passwords (OTP) delivered via phones or similar devices in addition to utilizing “Out-of-Band” strong authentication. The ProtectID® strong authentication platform provides these services (which is the reason the partnership with StrikeForce was developed). Many of these enterprises also want two-factor authentication for their employees (which OAAM and ProtectID® also solves in combination and separately).
The ProtectID® platform is an implementation or “Cloud Service” of the OOB Authentication methodology providing strong authentication via a number of different authentication technologies. Currently the platform supports the following strong authentication methodologies:
“Out-of-Band” methodologies:
- Entering a fixed PIN in a phone
- Entering One Time Password (OTP) in a phone
- Sending an OTP to a phone via SMS
- Sending an OTP to a phone via text to speech
- Sending an OTP via email
Token methodologies:
- Hard Token OTP (key fob that displays OTP when a button is pressed)
- Soft Token OTP (OATH compliant software) that can reside on a PC or a Black Berry or PDA or J2ME compliant cell phone.
Value of ProtectID® to OAAM
A ProtectID® and OAAM combined solution delivers an advanced security proposition to combat the growing threat of consumer identity theft and fraud on the Internet. The combination of OAAM’s real-time fraud prevention and ProtectID’s real-time two-factor “Out-of-Band” authentication platform, provides financial institutions, online retailers, health care companies and other businesses with a robust arsenal of security tools for protecting consumers from fraud, for accurate identification of employee access, and all while complying with industry security guidance’s and regulations.
Therefore, with the combination of OAAM and ProtectID®, the client benefits from a Return On Investment (ROI) and compliancy with regulatory requirements (FFIEC, Red Flags and others), with minimal inconvenience to the most important person, the end user. The majority of transactions authenticated should pass the OAAM fraud prevention process. For those transactions that are detected and flagged as potentially fraudulent, OAAM would then automatically invoke ProtectID® to perform a two-factor strong authentication for the consumer, which minimizes the expensive help desk process and thereby provides greater satisfaction and cost savings. This total fraud prevention solution is a win/win for the company and its clients. ProtectID® could also be used for password resets, high dollar value online transactions, remote log on, etc.
Interfacing ProtectID® with OAAM
ProtectID® appears as a web service to a web site that implements both OAAM and ProtectID® and allows for step-up or other requests for strong 2-factor “Out-of-Band” authentication based on the risk level determined by the Company and or OAAM.
OAAM only employs step-up authentication when it’s truly needed so end users are not being inconvenienced.
Following is a link to allow you to test “Big Bank” showing an example of how ProtectID® can be integrated with OAAM for the best all around total solution (fraud mitigation with 2-factor “Out-of-Band authentication) with options and flexibility. Just sign on with a user name and it will ask you to register and allow you to test the Best complete compliant authentication solution available and all from Oracle:
http://d.oobauth.com:8888/sample/
For more information please contact:
Mark L. Kay, CEO
StrikeForce Technologies, Inc.
marklkay@strikeforcetech.com
www.strikeforcetech.com
(o) 732-661-9641
No comments:
Post a Comment