Greater Identity Assurance  With Additional Authentication Factors

Limitations of Single Factor Authentication

Many organizations continue to rely solely upon “single factor” or “first factor” authentication in the form of a standard login (username and password). This practice persists despite the fact it provides little in the way of security, as passwords can be easily shared, copied or stolen. The reliance on passwords also places a significant burden on the user as a result of policies that require “strong passwords”. Given the many requirements, it is not surprising that users often ignore or cleverly take steps to circumvent these policies.

Password based authentication schemes also do little in the way of solving the problem of attribution. Attribution is the process of assigning specific biological characteristics or behaviors to a particular individual. In the physical world an individual passes credentials, for example a picture ID card or badge - to another individual in the role of verifying authority. Digital credentials are much more difficult to access, and usually require complex methods and expensive scanning tools.

This presents an obvious question. If single factor authentication does little in the way of providing assurance that you are who you say you are, why does it remain the single most common form of security for a majority of online applications? The answer is simple: cost and complexity. There are a number of “second factor” or "two factor" authentication solutions available in the market, but, they come with a significant price tag, considerable integration and management headaches, and require behavioral changes that quickly move them from viable option to non-starter.

The Delfigo Difference

Delfigo's DSGateway solution differs from the options mentioned above in that increases security with a true multi factor solution using keystroke ID and device ID, without any of the distribution and maintenance headaches, and with a lower total cost of ownership.

Multi Factor Authentication = Greater Identity Assurance
DSGateway utilizes identity factors from each of the three factor categories: 1.) personal - something you know; 2.) technical - something you have, and 3.) human - something you are. The system captures and consumes 14 separate identity attributes including keystroke (flight time, dwell time, key-to-key, reflective time), device (agent, operating system, monitor resolution, browser type, browsers size) and geospatial (timestamp, IP address, location, hostname, proxy IP). DSGateway evaluates each user transaction, assigns a Confidence Factor, and transparently provides the appropriate level of system access.

No Hardware/Software Requirements = Lower TCO
DSGateway does not require the distribution of any hardware (tokens, smartcards) or download/installation of any software. This typically results in savings of over 40% in helpdesk and maintenance costs when compared to a token based two factor authentication solution.

No Required Changes In User Behavior = User Convenience
Users simply type their password and they are enrolled in "silent mode". There are no additional steps added to login or transaction procedures; there are no help desk training requirements; and there are no requirements for installation of supplementary software or regular software updates that would be reflected in an increase in support costs.