June 10, 2017

Miniorange- SSO and multifactor authentication solution


MiniOrange authentication service combines something you know, or something you have with someone you are to reliably confirm your identity.

Many organizations protect cloud and enterprise application logins with a simple username and password. Entering these two pieces of information grants access to company databases, email accounts, and other sensitive information. But passwords are notoriously insecure. Many users choose weak passwords which can be easily guessed or cracked. Phishing attacks trick people daily into revealing their passwords, and users on unsecured networks (e.g. at Starbucks) can have their passwords sniffed. Malicious viruses and spy-ware can capture passwords and send them over the network to attackers.

Furthermore, it’s impossible to tell who has access to your user’s accounts, or even if anyone is accessing them illicitly. In the past year alone, attackers have compromised Sony, HBGary, and Gawker (and many more) by simply gaining knowledge of user’s passwords.

Clearly passwords are not enough for protecting important logins.

Using Two Factor Authentication

The most practical way to strengthen authentication is to require a second factor after the username/password stage. Since a password is something that a user knows, ensuring that the user also has something or using biometrics thwarts attackers that steal or gain access to passwords.

Traditional two-factor authentication solutions use hardware tokens (or “fobs”) that users carry on their keychains. These tokens generate one-time passwords for the second stage of the login process. However, hardware tokens can cost up to $40 each. It takes time and effort to distribute them, track who has which one, and replace them when they break. They’re easy to lose, hard to use, and users consistently report high levels of frustration with token-based systems.

Your choice of second factor

miniOrange authentication service has 15+ authentication methods.

  • One time passcodes (OTP) over SMS
  • OTP over Email
  • OTP over SMS and Email
  • Out of Band SMS
  • Out of Band Email
  • Soft Token
  • Push Notification
  • USB based Hardware token
  • Security Questions
  • Mobile Authentication
  • Voice Authentication (Biometrics)
  • Phone Verification
  • Device Identification
  • Location
  • Time of Access
  • User Behavior

You can choose from any of the above authentication methods to augment your password based authentication. miniOrange authentication service works with all phone types, from landlines to smart-phone platforms. In the simplest case, users just answer a phone call and press a button to authenticate. miniOrange authentication service works internationally, and has customers authenticating from many countries around the world.

Key Features

miniOrange Authentication service provides 15+ authentication methods and integrates with applications that do or do not support standards like SAML, OpenID, OAuth, WSFED etc. It also integrates with enterprise products that support legacy protocols like RADIUS. It also integrates with application servers like Websphere, Weblogic and Tomcat. In addition to that it integrates with Spring. It also can be used to augment authentication for products like Siteminder. Our product is available as a service on the cloud or it can also be installed on premise. The key features of our Strong Authentication Service are

  • 15+ authentication methods to choose from that fits all needs
  • Cloud-based authentication service – Pay per use (On-Prem option also available)
  • Ready support for Out of band authentication
  • Ready support for Phone/SIM/IMEI Authentication – No more phone fraud.
  • SHA 160/256 Algorithms for Secure Key generation
  • Global Real-time Delivery via multiple SMS / SMTP Gateways
  • Easy to Use
    • Push notifications
    • Out of Band Email and SMS
  • Supports Risk based Access with Device, Location, Behavior, Transaction or Custom based policies
  • Supports all possible Remote Logins ( Radius VPN,Website Protection, AD FS,Windows Logon )
  • Much lower total cost of ownership with Instant authentication set up and Flexible Licensing model
  • Performance & Reliability : 24 *7 availability
  • REST API based integration architecture which supports both Proxy or Agent based architecture
  • Very user friendly Web Administration Portal
  • Integration support
    • Cloud Integrations using Plug and play approach (SAML, OpenID, Oauth, ADFS, WS-Fed)
    • Enterprise integration including Proxy server integration like Websphere HTTP server, Siteminder, Weblogic/Oracle Server
    • Social Log in support – with Facebook, Google, Yahoo, LinkedIn etc.
Get In Touch