This system requires two forms of identification to access an account, ensuring heightened security measures.
This software is more secure than certificates since the PIN code is only stored on the server, making it less susceptible to offline passive attacks. Additionally, the software is easy to use since user enrollment is automated. Unlike other two-factor authentication systems, such as hardware tokens, the WiKID system is more extensible, just as secure, and simple to implement. A user requires both the token and the PIN code to log in, just like a hardware token.
The WiKID Strong Authentication System consists of the WiKID server, the WiKID token client, and a network client. Both the server and open-source J2SE PC client are written in Java. The software comes with added benefits, such as the ASP code for end-user self-validation, which makes it simple for new users to provision their WiKID token clients from trusted LAN credentials. The WiKID Citrix Web Interface plug-in enables the addition of two-factor authentication to Citrix Web Interface for remote access. Additionally, the WiKID server can integrate with any application using the wAuth COM object and Java component.
The WiKID token client is responsible for key generation, domain management, and one-time password requests. When a user wants to log in, they select the domain they want to log into, enter their PIN, and the client combines it with a single-use AES symmetric key. The PIN and single-use AES symmetric key are then encrypted by the client's private key, and the server decrypts the OTP request.
If the account is active and the PIN code is correct, the server generates the OTP and encrypts it with the token client's public key and the single-use AES key. The OTP is then sent to the user to log in to the service by passing the OTP and username back to the WiKID server for validation via a network client connection.
The software is perfect for securing extranet applications, internet-exposed intranets, online banking, SSH and other admin access. It is also suitable for use in multiple account and box management across multiple entities. WiKID supports multiple domains with a single client, which makes it an excellent choice for companies seeking to eliminate static passwords. Deploying WiKID in as many places as possible can help users reduce password overload.
Version 3.4: N/A