Products & Releases

Device-Based Mass-Market Authentication Rollout

Device-Based Mass-Market Authentication Rollout

LAS VEGAS, August 4, 2014 – If you are wondering whether cybercriminals are running out of ideas, the latest attack demonstrations and program vulnerabilities on display during this week’s Black Hat USA 2014, happening August 2-7 at Mandalay Bay in Las Vegas, NV make it clear the answer is an emphatic, "No."

Yet despite broad consensus that weak passwords are at the root of online security problems, we are far from a post-password society. To evolve, device-based mass-market authentication must be as easy to use and as transparent as SSL.

"The barrier to mass-market deployment of stronger authentication boils down to the impact on the user experience," said John Zurawski, vice president at Authentify, Inc.  “After all, security and convenience have historically had an inverse relationship. But we are turning that equation on its head by using device-based security. Smartphones are packed with features that can be used for strong authentication. What we have done is make that experience as simple, automated, and friction-free for mobile users as SSL or HTTPS is on the Web.”

At Black Hat USA 2014, Authentify is introducing xFA™ Smart Choice, an extension to its xFA device-based multi-factor authentication service.  In a BYOD world, an end user may or may not have a fingerprint reader, a gesture based keypad, or other device specific authenticators available.  xFA Smart Choice relieves the enterprise of having to implement their own programmatic way to automatically select or prioritize the authentication factors a user may or may not have available on their mobile device, an industry first.

The prioritization of available authenticators was developed based on Authentify’s extensive experience in mobile and device-based authentication including the protection of more than a trillion U.S. dollars in transaction value worldwide. Authentify’s customers include four of the five largest U.S. banks, two of the top three insurance companies in North America, and many of the Web’s top e-commerce sites.

Authentify’s xFA is an app and online service that turns mobile devices into the equivalent of a multi-function security token perfectly suited for BYOD applications.  Coupled to biometrics, knowledge-based authenticators, and finger swipe gestures, xFA also provides server-to-server class digital certificate-based security and optional QR code scan logins.

Suitable for access or transaction confirmation, xFA, which stands for “x” factors of authentication, uses an encrypted, out-of-band communication channel to effectively protect against the most difficult types of cyberattacks such as man-in-the-middle (MITM) or man-in-the-browser (MITB), where information is intercepted between the end user and the online account or service. It also provides strong multi-factor authentication supporting voice biometrics, both the Samsung Galaxy S5 and Apple iPhone fingerprint sensors, gesture/pattern matching, and other forms of secure messages. With xFA and the new Smart Choice API, enterprises and ecommerce providers, or their users, can automate device-based multi-factor authentication as needed for a given transaction.

Authentify xFA can be used by any online service provider or enterprise that needs strong protection at time of logon or any time in the transaction flow, but also needs a simple user experience. xFA provides greater protection from password exploits or breaches to financial services, e-commerce, medical insurance firms or any enterprise/SMB private networks, without losing productivity or inconveniencing users.

Authentify will demonstrate the convenience and power of xFA and Smart Choice device-based authentication at BlackHat 2014 in booth #358. The show floors hours are 10 a.m. to 7 p.m. on Wed. 8/6, and 10 a.m. to 5 p.m. Thurs. 8/7.

About Black Hat
For more than 16 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe, and Asia, and are produced by UBM Tech. More information is available at:

Editors' Choice
Ericka Chickowski, Contributing Writer, Dark Reading
Elizabeth Montalbano, Contributor, Dark Reading