One time QR codes – SecurEnvoy tokenless authentication just got easier
Date: Feb 10, 2014
SecurEnvoy has updated its Server Engine and released version 7.2. A key part of this version is its patent pending “One Swipe” technology, with which users can authenticate themselves with a simple to use one time QR code and authenticate even if they do not have mobile phone reception or an Internet connection. The user’s mobile phone displays a single-use QR code which the user simply photographs via a webcam.
The latest version allows a “One Swipe” registration button to be integrated into any HTML-based login screen.
The server engine forms the core of all SecurEnvoy solutions that are based on the principle of tokenless two-factor authentication. This approach makes additional hardware tokens and the like superfluous. Instead, users make use of their smartphones, tablets or laptops for this purpose: in order to login, a user requires personal login details as well as a passcode that is dynamically generated by the server engine. The latter is sent by a text message, e-mail, soft token app or voice call.
This method forms the basis for the SecurEnvoy range of products, which includes SecurAccess for secure remote access, SecurPassword for password resetting, SecurICE for authentication in case of emergencies and SecurMail for secure e-mail transmission.
QR code used to confirm identity
With “One Swipe”, SecurEnvoy has revolutionised the login experience making it easier to use than a password with all the added security of two factor authentication, even when they have no mobile phone reception and no Internet connection. In such cases, a user can simply enter a PIN into a soft token app, after which the device generates a single-use QR code. This is then photographed by the user with a webcam on a PC, tablet or laptop, thereby confirming the identity of the user.