PINgrid is a revolutionary authentication technology that takes advantage of the mind’s hard-wired ability to remember patterns and shapes. It uses this handy common evolutionary inheritance to provide a very robust, but brilliantly simple-to-use, logon system – and in the same breath removes the need for users to carry things like key fobs, tokens or remember multiple passwords or PINs.
How it Works
PINgrid can be used as a 6×6 or 8×8 grid. A 6×6 grid contains 2.1 billion possible pattern combinations which represents a highly secure environment suitable for most deployments. If you need extra strength security to protect highly sensitive documents or critical company information or assets, then an 8×8 grid is available containing 68.7 billion possible pattern combinations.
- Patented, award-winning technology
- 1.5 and 2 factor authentication
- NO hardware tokens!
- Securely logon on Windows Desktops while in or out of the office
- Native transaction signing / validation capabilities
- Emergency Override Access
- Secure access to internal & Cloud-based applications
- Free Soft Token download from all major mobile app stores
- Real-Time or Pre-Send token delivery via SMS or e-mail
- Active Directory or LDAP database storage (no schema extensions)
- RADIUS & Web Services interface for universal integration
- Helpdesk identity validation
- Highly competitive pricing and flexible licensing options
- Simplified user provisioning (thousands in an hour)
- Web-based Operator portal for IT Helpdesk day-to-day operations
- User self-service portal and password reset
- FIPS 198 & 180-3 compliant
Find out how PINgrid matches up to it’s competitors when it comes to features and platform coverage.
Use pre-configured themes or customise PINgrid to suit branding or personal preferences.
Download links for our authentication server software, soft tokens, software development kits and documentation.
Frequently Asked Questions
How is PINgrid better than traditional 2FA?
Traditional 2 factor tokens can be used by anybody in possession of the token. Furthermore the PIN, the something you know, is divulged in full during each login. As such, something you have & something you know should read something somebody has & something anybody knows.
In a PINgrid 2 factor scenario, the something you have is only of use for the intended user as it doesn’t display a usable code, just a challenge grid. As the numbers in the grid are generated specifically for the intended user’s device and can only be used with their pattern, it is only usable by the person it was intended for. Therefore, the something you have cannot be used by anybody else even if they are in possession of it. The something you know is the pattern which is never divulged during a login and thus remains only something you know. As such, something you have & something you know logic holds true.
How does PINgrid provide transaction verification / transaction signing?
PINgrid can be used to securely verify transactions by simultaneously authenticating the user performing the transaction, and verifying key transaction data in a single step. This technique is fundamentally different from traditional OTP solutions which only authenticate the user at the point of the transaction but do not verify the transaction details. The result is that the transaction details could be tampered with in transit even when a valid OTP is used.
PINgrid’s secure transaction verification requires a 2 Factor soft token which allows the user to enter key transaction information, e.g. an account number, onto their offline smart device in order to display a challenge grid. PINgrid will use key transaction information within the mathematical process used to generate the numbers in the grid, and the transaction processing server is able to perform the same calculation based on the transaction data it actually received. If the transaction data were to be maliciously modified in transit, the server would calculate different numbers to what the user saw when entering their code. Thus the code will not be valid and the server will decline the transaction. This type of technology is key to defeating online banking attacks such as “Operation High Roller” and is natively available within the PINgrid SDK’s.
How do the PINgrid soft tokens work?
The PINgrid soft tokens are standalone apps which do not require any data connectivity to function. This is ideal when users are in areas of low signal or international roaming. The hardware ID of the device running the soft token is registered on the server against a user account. The hardware ID is typically an IMEI number or an equivalent unique hardware moniker. The hardware ID is partly used to calculate token seed value. The seed is then combined with the current time of the device to produce the numbers in the grid.
To add extra security to the seeding process, Mutual Device Assignment (MDA) can be used. MDA is a two way process of pairing a user account to a two factor device. The device is linked to the user account via a hardware ID. Conversely a user account is linked to a soft token via a 10 character remote seed value. The Remote Seed value is derived from the actual 256bit user seed stored by the server. Both the soft token and the server will use the hardware ID & Remote Seed values when calculating the seed used to generate the numbers in the grid. Unlike fixed seed systems, MDA allows for simple re-keying of a hardware device in case a seed is compromised. Similarly, if a hardware ID is somehow compromised the remote seed value is still unknown.
What Intellectual Property does PINgrid use?
While the basic concept of authenticating via pattern is not new, the components that make up PINgrid are. The elements have been developed by Authlogics with the design goal of achieving a high security bar while keeping the user experience as simple as possible – something which many solutions fall short on. The intellectual property behind PINgrid is fully owned by Authlogics and is backed up by an approved patent application and registered designs. It has been independently reviewed and penetration tested with highly positive results. Authlogics actively encourages the usage and integration of PINgrid by 3rd parties and provides the usage rights under a straight forward licence agreement.
PINgrid is a technology that is protected by a collection of UK and European registered intellectual property rights including approved patents, Registered Designs and Trade Marks. All of the listed IP is fully owned by Authlogics.
Patent: PINgrid is an embodiment of the patent approved technology “ArrayAuth” filed under UK Application Number GB1101803.3 (EU listing)
Designs: The “PINgrid Grid” is a Registered and Published design approved by the European Office for Harmonization in the Internal Market which is The Trade Marks and Designs Registration Office of the European Union – Design number: 002043687-0001.
The PINgrid grid is also a Registered and Published design approved by the UK Intellectual Property Office under the registration number: 4025618.
Trade Mark: The “PINgrid Logo” is a Trade Mark registered with the UK’s Intellectual Property Office under Trade Mark: 2615621.
Download our fully functional Authlogics Server evaluation today and experience PINgrid for yourself.