Authentication Factors

Seamless & Secure Access for All Identities

Authentication Factors

young-woman-using-her-smartphone-city-04
Device
Fingerprints
young-woman-using-her-smartphone-city-11
PKI Signature with a Split Private Key
young-woman-using-her-smartphone-city-05
Time Management
young-woman-using-her-smartphone-city-12
Biometrics Provided by the Device
young-woman-using-her-smartphone-city-06
Geo-location
young-woman-using-her-smartphone-city-03
Proximity
young-woman-using-her-smartphone-city-09
Risk Engine
young-woman-using-her-smartphone-city-08
Geo-One Time Password (OTP)
young-woman-using-her-smartphone-city-10
Sign What you See
young-woman-using-her-smartphone-city-07
Multi-Layer Management

How Keypasco Works

The solution consists of

  • The Keypasco server – Borgen
  • One or several end-user’s devices
  • A dual-channel structure
  • The Risk Engine
  • Personal NFC device or NFC card for secure activation & recovery
  1. The Device Fingerprint properties on the end-user’s device are scanned and stored in the Keypasco server. Any personal device may be registered as part of the digital identity.

  2. The first channel is for communication between the end-user’s

    device and the service provider, mostly via a standard web browser (a potential risk factor if used solely).

  3. The second channel is for communication between the end-user’s

    device and the Keypasco server, where all data are encrypted.

Safeguarding Against Phishing:

Our system ensures that logins or transactions only function on confirmed devices in specific locations, tying each user’s Device Fingerprint to their geographical context.

Defense Against MitM and MitB Attacks:

Keypasco’s dual-channel structure and secure out-of-band notifications (Sign what you see) provide protection against these common threats, ensuring secure transactions even in compromised environments.

Battling Malicious Viruses:

Through secure out-of-band notifications (Sign what you see), Keypasco thwarts attempts by viruses and Trojans to compromise or replicate user devices, maintaining control and integrity over user accounts.

Protecting Against Device Theft:

With Keypasco’s proximity feature, user accounts remain secure even in the event of device theft or robbery, enhancing overall security and peace of mind for users.”

Device Fingerprints

Empower users with the flexibility to set their preferred login days and times on a weekly basis. Any unauthorized login attempts outside the designated time range will prompt warning messages, ensuring heightened security and user control.

To further secure our site, we use dynamic device fingerprinting and accumulated authentication data.

This multi-layered, constantly changing login profile makes it nearly impossible for hackers to breach.

Time Management

Empower users with the flexibility to set their preferred login days and times on a weekly basis. Any unauthorized login attempts outside the designated time range will prompt warning messages, ensuring heightened security and user control.

Sign What you See

Through device authentication, the user-specific verification details are presented to the user. If the user does not agree or declines, the authentication login will not be successful.

Proximity

Experience versatile authentication with the option of Bluetooth devices connected to your computer or NFC cards for mobile phone detection. Users can customize their preferred authentication factors for a secure login experience.

PKI Signature with a Split Private Key

Ensure heightened security with our patented decentralized private key storage design. We prioritize the protection of your private key by eliminating full storage on the user’s device, mitigating concerns about potential theft. Your device eigenvalues, PIN, and KeyPair are distributed and are not stored in their entirety in any single location, reinforcing the robust security of your authentication process.

Risk Engine

Powered by smart data mining of device properties by gathering and measuring sources: device, user, behavior, system, etc. This provides the rule engine with data: time, location, behavior, etc.

Keep track of devices from being jailbroken/ rooted etc.
Keep track of devices being jailbroken/rooted, etc. Create a blacklist of users and devices not compliant with the set rules.
Maintain a blacklist of users and devices not compliant with set rules. Set customizable rules and decision-making according to your needs.

Geo-location

Enhance transaction security with location-based authorization. The user’s current location is dynamically updated to ensure authentication success, enabling transactions exclusively through authorized devices at the user’s present location. This stringent measure adds an extra layer of protection to every transaction.

Geo-One Time Password (OTP)

Our system generates a new verification code every 60 seconds by combining geographical location, device features, and Oath standards for offline authentication, which ensures robust security

Biometrics Provided by the Device

Biometric authentication verifies identity using physical or behavioral traits such as fingerprints, facial features, voice patterns, and behavioral characteristics. By using these modalities, Keypasco offers enhanced security and convenience by eliminating the need for passwords or physical tokens.

Multi-Layer Management

Multilayer management oversees various security measures and authentication factors in a MFA system, including different authentication methods such as SMS, email, and biometrics. Keypasco ensures the right security level is applied based on data sensitivity, with flexibility for adjusting authentication requirements.