SEATTLE -- AdmitOne Security (formerly BioPassword), the leading innovator of risk-based authentication software for preventing the fraudulent use of digital identities, today announced the availability of the AdmitOne Authentication Suite. The Suite delivers the most cost-effective multi-factor authentication solution that reduces enterprise risk while preserving the online experience. Through the strength of its factors for verifying a user over the Web, the AdmitOne Authentication Suite provides the benefit of a familiar user experience with unmatched fraud prevention.
Fraudulent use of digital identities has become a major risk for any organization. Financial institutions were the target of 92 percent of phishing attacks in December of 2007. Given the high profile of financial websites, it is not surprising that online attacks against banking organizations have soared 81 percent in the first quarter this year alone. What is surprising is the increasing scope of digital identity brokering and attacks in other industries. Earlier this year, security researchers uncovered a new web-based service containing security credentials for more than 8,700 websites belonging to Fortune 500 companies and government agencies that for a fee allowed criminals to infect vulnerable machines and then use them for their own purposes.
"Financial Institutions, for one, have a market mandate to protect customer assets from identity theft and other forms of fraud, while still providing easy access for legitimate customers," said Bob Egan, chief analyst at Tower Group. "Organizations that defend their sanctum with strong, nearly transparent customer security solutions, will secure access while protecting their brand reputation and preserving the customer experience."
The AdmitOne Authentication Suite links users to their digital identities using multiple factors, including keystroke dynamics, secure device signatures, one-time passwords and challenge-response questions. The Suite reduces risk and removes the most challenging security hurdles by combining requested authentication factors (a username and password) with in-band, observed factors (e.g., keystroke dynamics and device signature) to verify the user. The Suite assesses the risk of fraud to determine confidence level of the user's identity. If the confidence score is too low, additional authentication factors (e.g., one-time password to email or SMS) can be employed based on assigned policies. The Suite delivers robust web-based administration and reporting capabilities to allow IT and security personnel to monitor and act on anomalies indicating potentially fraudulent activity.
"Unlike most identity solutions that take months of complex integration, we share with AdmitOne the commitment to providing secure, easy-to-use identity solutions that deploy in days rather than months," said Andre Durand, chief executive officer for Ping Identity. "With AdmitOne authenticating users and Ping Identity providing single-sign-on secure access, organizations can leverage the mobility advantages of hosted applications, without worrying about the security implications of remote access."
Based on its ground-breaking keystroke dynamics technology that identifies users by the rhythm of their typing and the other risk factors in the platform, AdmitOne delivers authentication that cannot be shared, lost, stolen or forgotten, thereby minimizing the possibility that easily guessed, shared or stolen credentials will result in actual identity theft.
"AdmitOne is committed to providing cost-effective, easy-to-use software that delivers anytime, anywhere access, while preventing fraud and reducing risk," said Matthew Shanahan, senior vice president of marketing and strategy at AdmitOne Security. "The AdmitOne Authentication Suite provides a unique risk-based authentication solution that protects digital identities from fraudulent use without interrupting the user's normal log-in process or provisioning software to devices."
The AdmitOne Authentication Suite is designed from the ground up to reduce the complexity and cost of protecting digital identities for the virtual enterprise. The Authentication Suite is built on the AdmitOne Server platform which delivers a number of deployment, management and reporting benefits, including:
Unified Services Simplify Infrastructure: The AdmitOne Server unifies multiple authentication factors, policy management, a risk engine, reporting, and a repository into one platform, which simplifies the infrastructure by reducing the number of component technologies required for a solution. In addition these services can run in enforcement mode (i.e., authentication workflow active) or in monitoring mode whereby suspicious activity (e.g., unauthorized account sharing) can be detected and escalated.
Integrated Policy Management to Simplify Administration and Reporting: The AdmitOne Server's policy management federates multiple identity stores and access points into one secure repository, enabling organizations to easily create, manage, monitor and assess policies for multiple identity stores and access points into a single server. Administrators can point and click to set AdmitOne policies around the authentication workflow which is tailored to the user and the applications being accessed.
Standards-Based Integration Simplifies Installation: The AdmitOne Servers use LDAP, ADSI, and SQL to integrate to directories; SAML to integrate with access management and applications; and both SMS and SMTP for messaging.
Multi-Tenant, Peered Architecture Simplifies Operations: The AdmitOne Server employs a multi-tenant, peered architecture that allows IT organizations to segregate policies and data as needed while leveraging a common set of hardware.
Availability and Pricing
The AdmitOne Authentication Suite is now shipping and offers a cost-effective solution for securing access and reducing risk. The solution can be licensed on a per authentication or per identity basis.