2 Factor Authentication & Single Sign-on

2 FACTOR AUTHENTICATION

miniOrange 2 Factor Authentication Products ensure right set of eyes have access to your sensitive information sitting on the cloud or on-premise.

Overview

miniOrange authentication service combines something you know, or something you have with someone you are to reliably confirm your identity.

Many organizations protect cloud and enterprise application logins with a simple username and password. Entering these two pieces of information grants access to company databases, email accounts, and other sensitive information. But passwords are notoriously insecure. Many users choose weak passwords which can be easily guessed or cracked. Phishing attacks trick people daily into revealing their passwords, and users on unsecured networks can have their passwords sniffed. Malicious viruses and spy-ware can capture passwords and send them over the network to attackers.

Furthermore, it’s impossible to tell who has access to your user’s accounts, or even if anyone is accessing them illicitly. In the past year alone, attackers have compromised Sony, HBGary, and Gawker (and many more) by simply gaining knowledge of user’s passwords.

Clearly passwords are not enough for protecting important logins.

Using Two Factor Authentication :-

The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something or using biometrics thwarts attackers that steal or gain access to passwords.

Traditional two-factor authentication solutions use hardware tokens (or “fobs”) that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $40 each. It takes time and effort to distribute them, track who has which one, and replace them when they break. They’re easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.

Your choice of second factor

miniOrange authentication service has 15+ authentication methods.

One time passcodes (OTP) over SMS
OTP over Email
OTP over SMS and Email
Out of Band SMS
Out of Band Email
Soft Token
Push Notification
USB based Hardware token
Security Questions
Mobile Authentication
Voice Authentication (Biometrics)
Phone Verification
Device Identification
Location
Time of Access
User Behavior

You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms. In the simplest case, users just answer a phone call and press a button to authenticate. miniOrange authentication service works internationally, and has customers authenticating from many countries around the world.

Key Features

miniOrange Authentication service provides 15+ authentication methods and integrates with applications that do or do not support standards like SAML, OpenID, OAuth, WSFED etc. It also integrates with enterprise products that support legacy protocols like RADIUS. It also integrates with application servers like Websphere, Weblogic and Tomcat. In addition to that it integrates with Spring. It also can be used to augment authentication for products like Siteminder. Our product is available as a service on the cloud or it can also be installed on premise. The key features of our Strong Authentication Service are

15+ authentication methods to choose from that fits all needs
Cloud-based authentication service – Pay per use (On-Prem option also available)
Ready support for Out of band authentication
Ready support for Phone/SIM/IMEI Authentication – No more phone fraud.
SHA 160/256 Algorithms for Secure Key generation
Global Real-time Delivery via multiple SMS / SMTP Gateways
Easy to Use

Push notifications
Out of Band Email and SMS

Supports Risk based Access with Device, Location, Behavior, Transaction or Custom based policies
Supports all possible Remote Logins ( Radius VPN,Website Protection, AD FS,Windows Logon )
Much lower total cost of ownership with Instant authentication set up and Flexible Licensing model
Performance & Reliability : 24 *7 availability
REST API based integration architecture which supports both Proxy or Agent based architecture
Very user friendly Web Administration Portal
Integration support

Cloud Integrations using Plug and play approach (SAML, OpenID, Oauth, ADFS, WS-Fed)
Enterprise integration including Proxy server integration like Websphere HTTP server, Siteminder, Weblogic/Oracle Server
Social Login support – with Facebook, Google, Yahoo, LinkedIn etc.
Integration with Directories

miniOrange Authentication service supports integration with an AD using Active directory Federation Services (AD FS) and Active directory Light Weight Directory Services (AD LDS).

ADFS
AD LDS
miniOrange Authentication Solutions

In addition to the above, miniOrange provides ready to deploy solutions for the following

Google Apps Solution
Salesforce Solution
Dropbox Solution
Office 365 Solution
Freshdesk Solution
Bonusly Solution
Zendesk Solution
ThousandEyes Solution
Amazon Web Services(AWS) Solution
dinCloud Solution
Other Solutions

Single Sign On

miniOrange SSO (Single Sign On) product provides easy and seamless access to all enterprise resources with one set of credentials. miniOrange provide Single Sign On to any type of devices or applications whether they are in the cloud or on-premise..

Overview

miniOrange Single Sign-On (SSO) removes the need to repeatedly type usernames and passwords, which increases productivity and prevents many types of online fraud that is caused by using same or similar passwords across apps, tying in passwords in un-safe environments, password sharing etc. By enabling users to quickly and securely access applications, they can spend less time with technology and more time with their work.

Enterprise users regularly need to remember eight or more application passwords. Security best practices require those passwords be unique, strong and frequently changed. It’s no wonder enterprise users write them down, stick them to the monitor or just forget them.

miniOrange Single Sign-On (SSO) addresses these challenges by significantly reducing clicks and eliminating the need to remember or enter application usernames and passwords. Proven in enterprise environments around the world, miniOrange Single Sign-On can be used with all types of applications, saving enterprise users 15 minutes every shift, improving satisfaction levels and driving adoption.

how can we help you?

Contact us for a demo license or pricing.