SDO Introduces cryptographic proximity validation for mobile push
Secret Double Octopus (SDO) has enhanced its Passwordless MFA platform to offer government- caliber identity verification to enterprises who need high-assurance login for privileged business and technical users. SDO’s new Proximity Assurance feature uses familiar mobile push notifications to cryptographically “pin” users to workstations without requiring additional hardware, smart cards, or re-architecting of apps and directors.
In the past, moving to high assurance authentication has meant changing the enterprise’s applications and identity infrastructure to support X.509 certificates commonly found in government PIV and CAC hardware authenticators. Most enterprises hesitate to adopt these approaches due to inflexibility, complexity, and expense. Modern systems like FIDO2 provide an option but mainly work with web apps.
“Combining the convenience of push with the added assurance of requiring users to be in close proximity to their desktop bulletproofs the login process without IT teams having to buy and manage extra devices or authentication apps,” says Shimrit Tzur-David, CSO of Secret Double Octopus. “This effectively brings government-caliber AAL 3 authentication to the enterprise without considerable added overhead.”
SDO’s Octopus Authentication Platform uses a wide range of alternatives to passwords including biometrics and advanced cryptography options that do not require expensive and inflexible smart cards or hardware FIDO2 tokens.
With the newly added proximity assurance, the Octopus Platform now enables the secure use of mobile push notifications, a technique that is simple and familiar to users. Proximity Assurance only unlocks the desktops when a request comes from a known user (verified via biometrics directly on the user’s phone) within proximity of the approved workstation. This added layer of verification ensures that the request is coming from an IT-approved user in physical possession of the authenticator and an approved workstation.
This capability enables businesses requiring high-assurance MFA, such as financial services, industrial critical infrastructure and healthcare, the option to use flexible notifications sent to their smartphones.
“These days virtually every industry sector integrates with federal network environments or requires that same level of confidence in their authentication process for other reasons,” Tzur-David adds. “Our new proximity assurance mobile push capabilities let enterprises secure their systems with the same high-assurance MFA outlined by NIST, CISA, and other government mandates and guidelines.”