Is leveraging a mobile authenticator app for your users on your identity and access management roadmap? The ability for organizations and IT security teams to ensure requests to access resources like portals or applications are initiated by legitimate users is critical. At the same time, the experience users have when initiating a login request is equally important. A key element for organizations to strike the delicate balance between security and convenience is providing users with the modern tools they need to simply and securely login.
The SecureAuth Authenticate mobile authenticator app delivers the strong security organizations require and the ease-of-use users expect. The app provides several multi-factor authentication options making it seamless for users to efficiently validate their identity during the login process. The SecureAuth Authenticate app supports Apple iOS (iPhone & iPad) and Android mobile devices (including Chromebooks) making it an ideal solution for enterprise environments. And the app can be used as an authenticator for non-corporate resources such as LinkedIn or Gmail, for example.
The SecureAuth Authenticate app provides the following verification options:
- Time-based Passcodes
- Push Notification One-time Passcodes
- Push-to-Accept / Symbol-to-Accept
- Fingerprint or facial recognition biometrics
Mobile Authenticator App: Making the Case for Passwordless
Providing users the ability to login and access resources using a mobile authenticator removes friction and increases security for an organization. With the SecureAuth Authenticate app, organizations can go passwordless. The mobile device (something you have) can be used as the first factor in the authentication process. And any of the authentication options in the app (something you know) can be used as the second factor in the authentication process delivering strong security and a great user experience.
Here is an example of a passwordless use case highlighting Symbol-to-Accept:
- A doctor is on-call and receives communication that she is needed at the hospital to see a patient for whom she is not the primary physician.
- As the doctor makes her way to the hospital, she has her iPad and iPhone. She wants to review the patient’s file on her iPad prior to her meeting with the patient.
- The doctor uses her iPad to login to the application she needs.
- The application hosts private data and requires multi-factor authentication.
- The doctor’s iPad is a recognized device. Because the iPad is trusted, the next step in the workflow policy is a second factor via the SecureAuth Authenticate app.
- For this second step in the process, the doctor had previously selected to use Symbol-to-Accept as her preference. And so, the iPad displays a unique symbol.
- The ‘symbol’ is sent to her mobile device (in this case her iPhone) and is displayed along with three other symbols.
- The doctor “taps” the correct symbol on her iPhone matching the symbol displayed on her iPad.
- The “selection” is communicated back to the application to verify the doctor’s identity.
- The doctor is successfully authenticated and is granted access to the app on her iPad enabling her to prepare for the patient visit.
Using the mobile authenticator app, the authentication process for the doctor was convenient, secure, and seamless taking only a few seconds to gain access to the resource she needed. By using Symbol-to-Accept as a second authentication factor:
- Security is strengthened, and data protection is improved
- Experience is exceptional creating happy and productive users
- No password removes risk from phishing attacks and credential stuffing
- Password resets are eliminated reducing Help desk costs
Success Begins with a Vision
From a security and user experience perspective, implementing a passwordless approach to authentication via the SecureAuth Authenticate mobile app makes good business sense. The mobile authenticator app reduces friction, eliminates threat vectors, improves efficiency, and lowers operating costs. As the attack surface expands with more and more SaaS, cloud, and mobile services being accessed every day, security teams need to up their game to protect the enterprise.
The SecureAuth Authenticate app makes it easy for organizations to deploy passwordless capabilities for unique users, user groups, and resources. And with three convenient self-service MFA enrollment options, setting up a smart phone is fast and easy for users and lowers costs for an organization. It’s time enterprise organizations start integrating passwordless access into their login workflows to improve the user experience and combat the malicious actions of cyber-criminals.
SecureAuth and the SecureAuth Authenticate Mobile App provide the flexibility, ease-of-use, and security organizations and their IT teams need to deliver a best-in-class user experience while safeguarding valuable resources, user identities, and the enterprise.
Learn More: SecureAuth Authenticate App