Products
Anakam.TFA®
|
Cost-Effective True Two Factor Authentication
“Allow remote access [to personally identifiable information] only with two-factor authentication where one of the factors is provided by a device separate from the computer gaining access.” Office of Management and Budget Memorandum M-07-16
Overview
FAQs
|
Anakam developed our flagship two-factor authentication solution to equip our customers with a cost-effective means of providing flexible and strong authentication to very large scale, diverse audiences both inside and outside of their infrastructure. With Anakam's innovative approach, you can offer security and privacy to all of your customers, business partners, and employees with no hardware tokens or smart cards to distribute or software to download. Once you have implemented Anakam.TFA® Two Factor Authentication, the opportunities to transform the enterprise are extensive – with trust established in the identity of the end user, you are now able to move those transactions to the Web to reduce costs, improve quality, and improve customer service.
Flexible Authentication Channels
Anakam.TFA® Two Factor Authentication delivers authentication through devices your customers and stakeholders already own instead of issuing them costly hard-tokens or cards that can be complex and costly to manage. Anakam.TFA® uses flexible authentication channels to offer a variety of solutions for the strong authentication of your customers. We leverage existing devices such as cell phones, home phones, office phones, voice biometrics, and email to deliver an out-of-band (OOB) expiring one-time passcode (OTP) that confirms that the person possessing the device is the one attempting to access your systems.
Integrates with Existing Infrastructure
Anakam.TFA® Two Factor Authentication integrates easily into existing infrastructures since we interoperate, through standards-based interfaces, with the leading identity management, access management, directory services, and single-sign-on infrastructures in the market today. The first factor solutions (username/password) already in your environment simply call the Anakam software that sits behind your infrastructure firewall to conduct the two-factor transaction. Anakam handles the issuance and validation of the passcode to the appropriate end-user device through text messaging, voice delivery, or voice biometric retrieval and then notifies the requesting application of success or failure of the transaction.
A: Two-factor authentication is an authentication process in which the user provides two independent means of identification, one of which is “something you know,” and the other is “something you have” or “something you are.” The “something you know” is typically the combination of a username plus a password. The Anakam Platform achieves the second factor through the use of devices that users already have such as mobile phones, landline phones or something “connected to their physical self” like their biometric voiceprint. None of these items require hardware or software distribution to end users which make it cost effective for large-scale audiences. Q: What makes the Anakam Identity Suite® different?
A: The Anakam platform provides customers with a versatile, two-factor platform that can meet and adapt to the changing needs of authentication requirements for an organization. Anakam facilitates the ability to provide multi–channel, two-factor authentication, risk-based authentication, and identity proofing in one combined platform. The Anakam platform gives customers the flexibility to apply the right approach to each security requirement for their user base. Q: Why not use hard tokens?
A: As digital workforces grow in popularity, managing hard tokens is difficult. Also, as more portals are developed for consumers and patients, hard tokens are impractical and costly to distribute. Q: What is the difference between Voice Biometrics and Voice Recognition?
A: Voice Recognition is the process of comparing a voice sample with a stored, digital voice model, or voiceprint, for the purposes of establishing or verifying the user’s identity. Voice Recognition is a type of voice biometrics, but voice biometrics can also include other techniques, such as one-to-many or many-to-many voiceprint matches. The Anakam Platform also uses Speak Recognition which recognizes who is speaking versus Speech Recognition which recognizes what is being said. Q: Do I need to install client-side software?
A: No. The Anakam Platform does not require the installation of any client-side software, which creates a ubiquitous environment where authentication can be deployed to any type of external business partner or consumer while also reducing the cost of internal software distribution and management. Q: Do I need to install a new username and password control system or access manager?
A: Anakam recognizes that most of our customers have existing solutions to manage the core identities of the individuals in their enterprise. Many enterprises actually have a variety of such tools on an application basis. Consequently, we designed our product to interface directly with almost all of the large-scale, standards-based provisioning, access management, and directory services applications. Examples include IBM, Sun, CA, Microsoft, Oracle, and open source solutions. Anakam complements these applications and does not require you to replace them. Q: What is an authentication channel?
A: The Anakam.TFA® platform delivers the one-time passcode through either SMS (text messaging to pre-registered cell phones and pagers), IVR (voice to pre-registered landline or mobile phones) or email channels. Q: What Directory Services does the Anakam Platform support?
A: The Anakam Platform supports standards-based LDAP providers. Examples include IBM, Sun, CA, Oracle, Microsoft, and Open LDAP. Anakam also provides interfaces for relational database (custom) directories as well as locally-configured RADIUS accounts on the Anakam.TFA® Server. Q: What is eMail Verification Link?
A: This is one of the methods that the Anakam.TFA® system uses to prevent man-in-the-middle attacks. The Anakam.TFA® software sends an email directly to the end user which contains an image (a button) or a link (a URL). When the user clicks on the image or link, the Anakam.TFA® server performs a series of checks on the connection to validate that the computer cannot be the man-in-the-middle. If the user passes validation, a new browser session automatically opens on the user's computer and gives them access to your site or application. Q: What is SMS?
A: SMS is a communication protocol allowing the interchange of short text messages between the Anakam® and mobile phones. The SMS capability is a communication channel within the Anakam.TFA® Platform that sends a FIPS 140-2 validated One Time Password (OTP) to the user as a log in credential during the second factor requirement. This channel is “Out-of-Band” to the use of the log-in device and is used after the first factor credentials have been established to validate that the user is still holding their pre-registered device. Q: How does the Anakam Platform support Access Management products?
A: Many of the Access Management products provide the critical identity management hub, but often need a way to authenticate users for access to critical resources. The Anakam Identity Suite® integrates directly with the major Access Management products to provide a comprehensive Identity and Access Management Solution, and allows the flexibility to authenticate users based on the changing needs within the security policies set within these products. Q: What is IVR?
A: IVR is a telecom technology that allows a computer to detect voice inputs between the Anakam IVR Service Provider and any telephone. The IVR is a communication channel within the Anakam.TFA® Platform that sends an outbound automated voice call to deliver a FIPS 140-2 certified One-Time Password (OTP) to the user as a login credential during the second factor requirement. This channel is “Out-of-Band” to the use of the login device and is sent after the first factor credentials have been established. Q: What is PhishAvert®?
A: PhishAvert® is a User-to-Site verification capability within the Anakam Platform and is used to protect against Phishing attacks by allowing the user to confirm that they are at the correct site before they enter their credentials. Site verification is achieved when the user confirms their identity via the use of a secret phrase. Q: What is Device ID?
A: Anakam Device ID uses a risk-based authentication approach that takes information from the user’s device and network data and creates a risk assessment to determine if the user is valid based on the first credentials being issued. The system uses IP analytics comparison of network information collected during previous login attempts as well as location-based authentication challenges via IP geo-location technology all working to protect against a wide range of online fraud threats including man-in-the-middle attacks.