large-scale, cost-effective, progressive authentication and identify management solutions enabling...
TRANSCRIPT
Large-Scale, Cost-Effective, Progressive Authentication Large-Scale, Cost-Effective, Progressive Authentication and Identify Management Solutionsand Identify Management Solutions
Enabling Security, Efficiency and Collaboration through
Technology
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
2
Anakam - Company Summary
Leading provider of large-scale, cost-effective multi-factor authentication solutions – The Anakam Identity Suite ®
Integrated suite of identity management offerings; proven set of industry-leading products
Strong IP position with six patents pending
Initial focus on high-growth verticals (Government, Healthcare, Public Sector, Financial Services)
Heavily regulated industries where traditional authentication platforms do not adequately protect end user identity
Name brand customer wins across target sectors are driving tremendous business momentum
Highly experienced management team - Accenture, Oracle, Siebel, Symantec, Microsoft, IBM, Federal and DoD
Rapid growth in revenue and bookings
Founded in 2004; Product launched in 2006
Headquartered in San Diego, CA Federal HQ in Arlington, VA
Two FactorAuthentication
Identity Proofing
Identity Verification
Credentialing Gateway
On-Demand Identity
VPN Connector
Secure Collaboration
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
3
What is Authentication? Is it Necessary?
Authentication enables rapid, efficient communication and information sharing within organizations, between organizations, and with customers/users
Users Identity
Authentication confirms a user’s claimed Identity with a given level of Trust
Trust in Identity enables a number of critical capabilities for organizations
EntitlementsPermissions
Roles
Audit Trails
Security Safeguards
Organizational Control
Organizational and User Accountability
Risk Mitigation
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
4
4
Quick Second Factor Authentication Review
First or Single Factor Authentication Something you know: I.D./password
Second Factor Authentication for Online Applications Something you have: Hard token, soft token,
one-time password device, etc.
Similar to an Automated Teller Machine (ATM) Something you know: PIN code Something you have: Debit card
Second Factor Authentication is an effective mechanism to provide assurance of the identity of a person conducting an electronic transaction.
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
5
Traditional Authentication Approaches
Traditional Second Factor AuthenticationTraditional Second Factor Authentication
Authenticating network users with a user name
and password
Hard tokens, smart cards, USB devices, biometrics
Expensive to deploy and maintain
Burdensome on the individual to carry
Prone to loss, theft, and obsolescence
Actually don’t identify the identity of the user
Too administratively cumbersome for most applications, particularly citizen-facing portals with millions of users
If known by a perpetrator, he/she can easily compromise a single account or potentially an entire network
Has led to a need for second factor authentication for important/sensitive information
Single Factor AuthenticationSingle Factor Authentication
Ap
pro
ach
Ap
pro
ach
Ch
alle
ng
esC
hal
len
ges
Market Need
Strength of second factor authentication but with lower cost, flexibility
to provide progressive
authentication and greater
convenience
Current approaches to authentication do not meet the requirements of a large portion of the overall identity management market
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
6
How we meet this need
Upon successful completion of a first-factor challenge (username/password), Anakam.TFA® generates a random number passcode and distributes it to pre-registered end-user device(s) (cell phone, home phone, computer, etc.).
The institution’s server then waits for the user to enter a time-sensitive passcode to validate that the user still has the “what you have” portion of two-factor authentication.
Current capabilities include: Cell Phone Text Message (SMS) – One-time Pass code (True Two-Factor) Synthesized Voice (IVR) to Landline or Cell Phone – One-time Pass code
(True Two-Factor) Voice Biometric Retrieval – One-time Pass code (True Two-Factor) Email Account – One-time Pass code Personal Computer – Encrypted Device ID Out-of-Wallet Questions – Random Requests for Closely Held Knowledge
e.g., “Mother’s Maiden Name” Verification Link – Combats “Man-in-the-middle” Attacks Conditional challenges based upon: IP Geo-analytics, Behavioral
Analysis, and optional alternatives
Large-Scale, Cost-Effective, Authentication and Identity Management Solutions
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
7
On-line Authentication for the Masses
Large-Scale, Cost-Effective, Authentication and Identity Management Solutions
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
8
Demonstration
© 2010 Anakam® Inc.Anakam® Proprietary Information – Multiple Patents Pending
9
Questions