Secure login for iPhone apps

DSwiss has launched DoubleSec, a technology that enables automated two-factor authentication on the iPhone for their password and data safe service DataInherit.

As well as being incorporated into the DataInherit iPhone app, DoubleSec will also be licensed to third parties such as financial institutions and insurance companies who wish to provide this additional level of security to their own iPhone apps.

Usernames and passwords are still the most common way of authenticating users on the Internet. However, to ensure that login details cannot be captured or intercepted, more and more online services are moving towards two-factor authentication. The 1st factor is something “known” such as a username or password while the 2nd factor is something “owned” like an iTAN, scratchcard or a mobile phone. In the case of DoubleSec users are provided with a secret token that is stored on their iPhone and is refreshed before each login.

The secret token is made available the first time that a user establishes a secure login to their account at www.datainherit.com and is then stored on the iPhone for use in future sessions. Ongoing login requests verify that the user trying to login is in possession of the iPhone linked to their DataInherit account by verifying the token before each login. The technology also blocks anyone trying to dishonestly access an account as they would need the username and password as well as the secret token stored on the user’s iPhone.

“Security and ease-of-use don’t have to be mutually exclusive. With DoubleSec we have developed what we believe to be the simplest method of secure authentication currently available for iPhone users,” commented Tobias Christen, CTO at DSwiss.