Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

9/7/2016
05:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

iovation Acquires LaunchKey, Combines Global Fraud Intelligence and Transparent Authentication with Dynamic Multifactor Authentication

Branded for the business, the combined solution gives organizations a path to the future of authentication, while giving their customers more trust and confidence than ever before

PORTLAND, Ore and LAS VEGAS, Nev – September 6, 2016 – iovation, the leading provider of device-based solutions for authentication and fraud prevention, today announced the acquisition of multifactor authentication company LaunchKey. The acquisition of LaunchKey brings together three proven next-generation technologies—LaunchKey’s interactive multifactor authentication (MFA), iovation’s transparent device-based authentication and iovation’s global fraud database. The move also marks the launch of the new iovation LaunchKey MFA solution, a powerful and flexible all-in-one toolkit that gives businesses the right authentication method for every touchpoint in their customer’s journey, including online, mobile, call center and in-person.

LaunchKey MFA is the first service to allow businesses to enable their consumers to select the authentication and authorization methods they prefer, while businesses can dynamically change the amount of authentication required from their customers, at any given time. Having this type of flexibility on both sides of the equation is very unique to the iovation and LaunchKey solution. Here’s how it works:

1.      Businesses select the authentication factors to make available to consumers, including slide authentication, fingerprint verification, PIN or circle codes, Bluetooth® device proximity, and many other factors of authentication.

2.      Consumers link their mobile devices and choose their preferred authentication methods for any given account.

3.      Businesses push real-time authentication requests to consumers to obtain their authorization for remote login and logout, real-time transaction approval, and on-demand identity verification for websites, mobile apps, kiosks, and other online applications.

4.      As warranted, businesses can dynamically adapt the level of authentication required of consumers in real time, allowing for a frictionless experience for low risk activities, and requiring stronger authentication for higher risk activities like a wire transfer.

“With LaunchKey, iovation now has a decentralized mobile authentication platform for dynamic multifactor authentication and real-time authorization. iovation will enable organizations to control authentication requirements while giving their customers the ability to choose where, when and how they want to be authenticated,” said iovation CEO Greg Pierson. “Organizations can augment their existing username and password-based authentication process or do away with passwords completely, and leverage the mobile device their customers already own, plus any number of additional authentication factors.”

The combination of LaunchKey MFAwith iovation’s existing Customer Authentication service will create something that’s entirely new: a SaaS-based, adaptive, risk-aware, authentication suite with enough flexibility and strength to satisfy both security teams and user experience designers. This Dynamic Authentication suite provides precise recognition of whether or not a user’s device is known, how much it can be trusted, and what form of step-up authentication businesses require. Multiple user-friendly multifactor authentication options can be selected, based on the range of external threats, such as bad ISPs, TOR browsers or VPNs, or device-centered risks like rooting, jailbreaking, emulating, or tampering.

Today, iovation LaunchKey MFA enables real-time remote authorization through consumer mobile devices, and supports multiple methods of authentication including:

●     Device —Turn the consumer’s device into an additional factor of authentication.

●     Slide—Push a transaction request right to a consumer’s mobile device, letting them slide a virtual switch to authenticate or authorize in real time. 

●     Fingerprint Scan—Leverage the device's fingerprint scanner for biometric verification.

●     Bluetooth Device Proximity—Verify that one or more Bluetooth® devices (e.g. Apple Watch® or a FitBit®) is within proximity to the consumer.

●     Geofencing—Create location constraints about where transactions and logins can originate from.

●     PIN Code—Verify the consumer's knowledge of a code stored securely on the consumer's device.

●     Circle Code - Prompt the consumer to input a circular numberless code similar to a physical combination dial lock.

●     Multi-Party Authorization —Now any business can require that one or more individuals must simultaneously authenticate and authorize to obtain access or authorize an action.

●     Tokens or SMS — Leverage time-based one-time passwords for legacy and offline authentication, or use LaunchKey MFA alongside other methods already employed, homegrown or otherwise.

“Easier and more secure do not often go together, but that’s precisely what we’re doing for consumer authentication. iovation will now enable organizations to control authentication guidelines while giving their customers the ability to choose where, when, and how they want to be authenticated,” said Geoffrey Sanders, CEO of LaunchKey. “If desired, organizations can do away with passwords completely, replacing them with the consumer’s mobile device plus any number of additional authentication factors.”

Las Vegas-based LaunchKey has been recognized as one of the hottest startups in identity and access management (IAM). Gartner, the world's leading information technology research and advisory company, recently named LaunchKey a cool vendor in IAM[1], noting: “The innovative approach to authentication offered by LaunchKey demonstrates that this company is disruptive to traditional authentication approaches and an effective alternative to other out-of-band (OOB) authentication methods."

For more details about iovation LaunchKey MFA, go to https://www.iovation.com/launchkey-mfa.

 

About iovation

iovation protects online businesses and their end users against fraud and abuse, and identifies trustworthy customers through a combination of advanced device identification, shared device reputation, multi-factor authentication and real-time risk evaluation. More than 3,500 fraud managers representing global retail, financial services, insurance, social network, gaming and other companies leverage iovation’s database of more than 3 billion Internet devices and the relationships between them to determine the level of risk associated with online transactions. The company’s device reputation database is the world’s largest, used to protect 16 million transactions and stop an average of 300,000 fraudulent activities every day. The world's foremost fraud experts share intelligence, cybercrime tips and online fraud prevention techniques in iovation's Fraud Force Community, an exclusive virtual crime-fighting network. For more information, visit iovation.com.



[1] Gartner, Inc., 2015 Cool Vendors in IAM, Anmol Singh, April 22, 2015.

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.