Deviceless OTP Authentication
Very often companies want to avoid using passwords to reduce risk, however, the perceived complexities and costs of deploying a Multi-Factor Authentication system has stalled progress.
Deviceless OTP is the perfect middle ground you’ve been looking for as it delivers a One Time Passcode without the need for a separate physical device or a password.
Traditionally all OTP systems were two-factor solutions where the OTP code was displayed on a token of some sort and the first-factor was usually a static PIN or password. In contrast, Deviceless OTP authentication does not require a static PIN, password or second-factor device at all. Instead, a challenge is displayed directly on the login screen to which only the user would know how to respond; their response is a One Time Pin.
Deviceless OTP authentication bridges the gap between the convenience of passwords and the complexity of physical tokens. By simply replacing a password-based login with Deviceless OTP authentication you remove the threat of key loggers and malware trying to steal PINs and passwords, and users are less likely to fall victim to phishing attacks.
- Rapid deployment and user enrolment
- No hardware tokens or software apps needed
- No password needed
- Integrate directly into a web page or app
- Remove threat from Phishing and key loggers
- Risk and cost appropriate security
- Convenient access to internal & Cloud-based applications
- Seamless step-up to Multi-Factor when needed
- No SMS/TEXT message delivery delay or cost
Our Deviceless Authentication Technologies
PINgrid is a pattern based authentication type that uses a grid of numbers combined with a user defined pattern to generate a One Time Pin. The pattern is the ‘something you know’ factor during the logon process, making this authentication type ideal for deviceless OTP authentication solutions.
PINphrase is a familiar language based authentication type where users provide single characters from an answer to a well known question. Because the answer is not divulged by the user during the logon process it can be used as a deviceless OTP authentication solution. Users who have used online banking may already be familiar with this authentication type.
Frequently Asked Questions
How is Deviceless OTP authentication better than a password?
Passwords are a single factor of authentication which are easily forgotten and users often write them down on post-it notes or reuse them on multiple systems. They are easily stolen via malware, phishing and key loggers to be used at a later time by hackers. When you type in a password you have given it away as it could be intercepted at any time and should no longer be considered secret.
Deviceless OTP authentication does away with the static nature of passwords entirely. This thwarts malware, phishing and key loggers as a stolen code is of no further use once it has been used. Crucially, unlike a password, the “secret” the user knows is not given away during a logon.
All this is achieved without the need for a second-factor device.
Is Deviceless OTP authentication as secure as Multi-Factor Authentication?
Technically speaking, no, Deviceless OTP authentication is not as secure as Multi-Factor Authentication, however, it is much more secure than password-based 1FA and may be more appropriate than Multi-Factor Authentication in certain situations.
Deviceless OTP authentication is an ideal middle ground of increased security over passwords without the sledgehammer approach of adding MFA everywhere. It is ideally suited to situations where some protection is needed to lower value assets, however, convenience and user experience is also a critical factor. Furthermore, it can be deployed very quickly as there are no tokens to manage or enrol so the added benefits can be realised immediately instead of leaving systems at risk for a longer period until MFA can be deployed.