B32Trust’s B-Authenticated leaps ahead of competition by releasing the first multi-factor strong mutual online authentication and transaction validation system.
One-way authentication systems are no longer sufficient as they are compromised by hacking techniques such as phishing and man in the middle attacks. B-Authenticated incorporates an Anti-Hacking environment (Sandbox + Intrusion Prevention System), Out-of-Band channels and PC forensics technologies into an effective no-hardware security system that gives consumers the ability to securely connect to their bank or perform safe online transactions.
Government agencies such as USA’s FDIC and Central Banks are mandating regulations and publishing guidelines to eliminate Identity Theft. According to FDIC, “Fraudsters are taking advantage of (1) bank reliance on single-factor authentication (i.e., using only one type of credential, such as a single static password) for remote access to online banking, and (2) the lack of e-mail and Web site authentication to perpetrate account hijacking identity theft.”
The key difference offered by B-Authenticated is that the authentication is mutual. The second entity (usually a business) is also authenticated, whereas in a “one-way” authentication, only the user is authenticated. B-Authenticated does not rely on users to determine the validity of commercial sites.
To fight against the latest hacking techniques, B-Authenticated is structured using a Sandbox model, which also integrates an intrusion prevention system that protects the users against Man-in-the-Middle attacks. B-Authenticated is immune to Man-in-the-browser attacks as it is not a browser application. It provides a secure Out-of-Band communication channel between the legitimate user and B32Trust server.
B-Authenticated is compatible with any authentication device in the market and makes authentication methods such as login/password, smart cards, key fobs, USB tokens and biometric readers immune to phishing and hacking attacks. B-Authenticated is a portable system which you can use to lock and unlock your electronic identities and financial details, anywhere you go and with any PC you use.
B-Authenticated resides in the notification area (system tray) and communicates with you by popping-up messages to guide you through the authentication process.
In case of a fraudulent attempt to use your credentials, not only is the fraudster stopped, the transaction details and PC Forensics (IP Address/Geolocation) of the computer that originated the fraudulent transaction are also gathered by B32TRUST. B32TRUST can also inform you of such attempts in real time.
B-Authenticated allows you to signal to B32TRUST if you are connected to the internet and performs PC Forensics on your machine. When you want to connect to your bank or pay an online merchant, the bank or the merchant also extracts PC Forensics which it will forward to B32Trust together with its own unique credentials. B32Trust authenticates the business entity prior to validating your credentials via its proprietary process. If you have not signaled your connection to the internet to B32Trust or if any PC characteristics do not match, the authentication is rejected.
For the first time, users can control their electronic identities and financial data. With B-Authenticated, users can now tell commercial sites “Don’t allow this user to access my account or use my debit/credit card details, because I’m not even logged on!” OR “Don’t allow this user because his IP Address/Geolocation does not match mine!” says Cedric Pariente, CEO of B32trust.