Solutions including one-time-password (OTP) generator tokens, do not offer the same level of protection as the ArcotID against attacks such as the man-in-the-middle attack. The ArcotID secure software credential provides protection against common Internet threats and several futuristic attacks that are becoming popular among fraudsters.
W H I T E P A P E R
How Arcot Solutions Protect
Against Internet Threats
Whitepaper
March 2008How Arcot Solutions Protect Against
Internet ThreatsWhitepaper
W H I T E P A P E R
Arcot protects and verifies INTRODUCTIONuser identities and enables Arcot is a leader in protecting and verifying digital identities. Some of the largest andsafe, secure business most successful companies in the world, including financial institutions, pharmaceuti-processes. cal companies, and retail businesses rely on the company's software-only solutions toprevent online fraud and identity theft.We protect organizationsfrom a number of Internet Arcot provides strong authentication and digital signing solutions that are easilythreats, including deployed, low-cost, and extremely scalable. Our ubiquitous client installs invisibly andattacks than can defeat runs on a wide range of platforms, making it easy to protect customers as well asother authentication employees and partners from identity theft and fraud. For the first time, organizationstechnologies. can transparently protect their sign-on process from fraud, without changing userbehavior and or requiring expensive hardware. Arcot's software-only strongauthentication enables We also enable paperless business processes by eliminating the 'print and sign' stepyou to protect your users and delivering audit-ready digital signatures. By adopting digital signing, organizationswithout changing their can reduce their business costs, enable innovative services and shrink their environ-behavior, or requiring mental footprint.expensive hardware. ArcotID SecurityAt the core of our solutions is the ArcotID. The ArcotID When authenticating using an ArcotID, the authenti-We provide the right is a secure software credential that combines protec- cation server first sends down a "challenge", which isbalance of cost, tion for digital identities like that of a hardware smart a random string. When the ArcotID user provides theconvenience and strength. card with the ease of use, ease of distribution, and correct password, the private key in the ArcotID islower costs for deployment and maintenance. The used to sign this "challenge" to create the correspon-ArcotID can reside on the local desktop or carried in ding "response". Only this "response" is sent back toany persistent memory device, such as a USB memo- the authentication server for verification. The pass-ry stick. The ArcotID resists brute force attacks using word used to derive the private key is never storedpatented Cryptographic Camouflage technology to anywhere or transmitted to the server. By providingprotect a user's digital ID from attackers. The technol- the challenge/response sequence in addition to twoogy has been vetted academically by security experts factor authentication, Arcot can uniquely protect busi-1and practically by Fortune 500 companies. nesses and customers from Man-in-the-Middle attacks.
Organizations can use the ArcotID for two-factor While highly secure, the ArcotID features an easy-tochallenge/response-based authentication, and for use and familiar username/password or PIN-pad entrysecurely storing extra application keys and other user interface and integrates quickly with existinguser data for additional applications such as elec- infrastructures with support for standards such astronic document signing, secure email and RADIUS-based OTP, SAML, MS CSP and PKCS#11.eStatement delivery. As a software-based solution, This makes deployments fast and easy for an organi-the ArcotID enables organizations to leverage the zation to implement and its customers to use.advantages of Public-Key Infrastructures withoutthe expense and management issues inherent with Arcot has also developed a patented technology tohardware-based secure key storage. protect PIN/password entry from keyboard captureattacks. This optional Scrambled PIN-pad defeats
1 See "Software Smart Cards via Cryptographic Camouflage", D.N. Hoover and B. N. Kausik, Proceedings of the 1999 IEEE Symposium onSecurity and Privacy, IEEE Computer Society.
1How Arcot Solutions Protect Against Internet Threats Whitepaper
keyboard "sniffers" by requiring the user to "click" the digits The ArcotID provides protection against the commonof their personal PIN on a virtual keyboard. Organizations internet attacks and several futuristic attacks that arecan configure the virtual keyboard to scrambl... [download for more]
