As our world has migrated to a collection of digital, cloud-based services, we have become more reliant on usernames and passwords, along with various forms of multi–factor authentication (MFA). The stakes in authentication are high, as it serves as a gateway to valuable data used to access both workplace and personal services. Regardless of how secure the services may be, their weak link — and primary target point for hackers — is usernames and passwords.
Passwords: The weakest link in the chain
Since a chain is only as strong as its weakest link, many organizations employ some method of second-factor to validate user identities from clear text SMS with One Time Passwords (OTP) to secret questions to Knowledge Based Authentication (KBA) to smartphone applications with push notifications.
All of these forms of MFA are built on the original username and password paradigm. At ShoCard, we believe the best way to increase the security of authentication is to eliminate usernames and passwords altogether.
Think of the comparison of combustion-based gasoline powered vehicles to electric vehicles. You can improve a combustion engine to consume less gasoline per mile so that it is more reliable, requires fewer oil changes, and has reduced transmission issues. However, with the introduction of electric vehicles, the combustion engine-related issues are all eliminated, like oil changes, timing belts or transmissions. The removal of usernames and passwords altogether provides a similar result in the way of strengthened security – there is no need to make them more secure as they simply no longer exist.
Replace the weakest link
ShoCard offers a distributed solution where users’ identities are entirely stored on a mobile device, and authentication codes in the form of digital certificates are placed on an independent data source – the immutable blockchain. Each mobile device is equipped not only with private keys that never leave the device and the user’s identity information, but also geo-location and facial images for true-biometric authentication.
Together, OneLogin and ShoBadge provide a seamless authentication method for the user along with comprehensive management of applications and services. With ShoBadge, a user is authenticated through a four-factor authentication process, and is enhanced with two additional optional factors:
- The geo-location of the individual based on their GPS location.
- A selfie of the person behind the device which proves their identity during a login attempt.
The impact: Enhanced security AND user experience
The result for the user is that they can simply scan a QR Code and never have to type in a username or a password. Behind the scenes, a true multi-factor authentication process occurs.
ShoBadge eliminates the need for a central database of identity data, which is often targeted by hackers. If a phone is stolen and a hacker is able to enter a pin or fake a TouchID/FaceID equivalent on the app, they still cannot bypass the true-biometric validation where a live selfie is captured and compared with a registered identity that was previously certified on the blockchain.
This joint solution by ShoCard and OneLogin provides a unique experience that is easier to use and more secure than any other enterprise product that exists. This combined identity management offering was designed around YOU.
Check out our ShoCard partner page for more information about the integration.