Delfigo Security - Strong Authentication

  • Increase font size
  • Default font size
  • Decrease font size
Home Products


DSGateway's SoMoCloud® mobile authentication platform evaluates 11 individual identity attributes to assign a risk score or Confidence Factor, enabling security policies that transparently provide the appropriate level of system access based on defined rules. This is a significant improvement in security over the common single factor (username/password) or PIN approach. Delfigo's strong mobile authentication adds additional layers as all three-factor categories (personal, technical, human) are covered, thereby exceeding the current standard for multi factor authentication and substantially strengthening the overall security of mobile access for cloud based services.


DSGateway™ Versatile Authentication Platform

DSGateway is a versatile authentication platform that utilizes multiple authentication factors, including keystroke and device identification, to validate the credentials of each user and protect confidential data from unauthorized access. Delfigo's flexible authentication solutions rely on the DSGateway platform, the industry's only intelligent authentication option that combines strong authentication with advanced cognitive capabilities to uniquely answer the question, "Are you who you say you are," when a user accesses a system.

Greater Identity Assurance

DSGateway evaluates 22 individual identity attributes to assign a Confidence Factor (CF), and transparently provide the appropriate level of system access. This is a significant improvement in security over the common single factor (username/password) approach.  With DSGateway all three factor categories (personal, technical, human) are covered meeting and exceeding the current standard for DSGateway™: Intelligent Authentication Platform"multi factor authentication" and "strong authentication". 1

DSGateway's decision engine captures and consumes the following:

  • keystroke (flight time, dwell time, key-to-key, reflective time)
  • device (agent, operating system, monitor resolution, browser type, browser size)
  • geospatial (timestamp, IP address, location, hostname, proxy IP, georegion, country code, region code, city, area code, county, latitude, longitude, timezone)

Lower Total Cost Of Ownership

DSGateway does not require the distribution of any hardware (tokens, smartcards) or download/installation of any software. This typically results in savings of over 40% in helpdesk and maintenance costs when compared to a token based two factor authentication solution.


Delfigo has removed many of the challenges that frequently inconvenience users and increase overall support costs. There are no required changes in user behavior. Users simply type their password and they are enrolled in "silent mode". There are no additional steps added to login or transaction procedures; there are no help desk training requirements; there are no requirements for installation of supplementary software or regular software updates; and there are no requirements to have a cell phone available at all times.

Versatile Authentication Technology

Delfigo recognizes that customer needs vary considerably when it comes to authentication management.  There are specific security and compliance requirements, there are different levels of risk, and for many there are operational efficiency concerns that require implementation along side of existing identity management and authentication solutions. DSGateway utilizes open standards to provide greater interoperability and flexibility for our customers. The event driven security architecture enables integration of primary and secondary authentication methods, based on risk of activity or transaction, with minimal difficulty. This puts greater control in the hands of the customer in determining how they apply their overall authentication budget and where they deploy solutions to address distinct business needs.

  • Open Standards and Web Services
    DSGateway supports open standards and web services to ease integration and create interoperability with existing systems and software. SOAP, WS-Security, SAML, XML, HTTP, SSL. Open to Security Models - User/Password Credentials, Kerberos tickets, X.509 certificates.
  • Versatile Authentication Platform
    • Supports a broad range of standard protocols including Remote Authentication Dial-In User Service (RADIUS), Lightweight Directory Access Protocol (LDAP), Terminal Access Controller Access-Control System Plus (TACACS+), Kerberos and Security Assertion Markup Language (SAML).
    • Solution can be delivered as on-premise, behind the firewall or as a service (SaaS)
    • Natively supports .NET, JAVA, PHP and C/C++, and integrates with legacy applications and databases (Hibernate DAO is used to provide database transparency - code is agnostic to any change in database vendor)
    • Capable of working in combination with a variety of authentication methods: Keystroke Biometric Authentication; Device Authentication - (agent, operating system, monitor resolution, browser type, browser size); Geospatial ID - (timestamp, IP address, location, host name, and proxy IP); Out-of-band (OOB) authentication methods - One time passwords (OTP) delivered via email or Short Message Service (SMS); Knowledge-based authentication methods - Challenge Response Questions (CRQ)


1. Authentication in an Internet Banking Environment, Federal Financial Institutions Examination Council, August 15, 2006. "By definition true multifactor authentication requires the use of solutions from two or more of the three categories of factors. Using multiple solutions from the same category would not constitute multifactor authentication."


"We have a significant investment in Citrix, and when BioPassword was no longer a viable solution for strong authentication, we found Delfigo Security's DSGateway. Delfigo offered us a certified Citrix Ready solution. The DSGateway solution captures multiple authentication factors and provides an easy to use administrator module to manage our users. We believe this is an important upgrade that will prove valuable in better understanding how our users access our systems."

Seth Roberts 
Citrix Administrator

"With Delfigo's technology integrated into cardiology's clinical care system we are approaching the typical challenge of addressing physician productivity with compliance mandates in a manner different than we were initially approaching it. With the patent-pending security architecture, we will be able to uniquely identify system and record level access.  The administrator functions give us the ability to manage system access at the group level in a configurable way."

Dr. Steve Colan
Associate Director for Clinical Operations
Children's Hospital Boston