|
Arcot is a leader in protecting and verifying digital identities. Some of the largest and most successful companies in the world, including financial institutions, pharmaceutical companies, and retail businesses rely on the company’s software-only solutions to prevent online fraud and identity theft.
Arcot provides strong authentication and digital signing solutions that are easily deployed, low-cost, and extremely scalable. Our ubiquitous client installs invisibly and runs on a wide range of platforms, making it easy to protect customers as well as employees and partners from identity theft and fraud. For the first time, organizations can transparently protect their sign-on process from fraud, without changing user behavior and or requiring expensive hardware.
We also enable paperless business processes by eliminating the ‘print and sign’ step and delivering audit-ready digital signatures. By adopting digital signing, organizations can reduce their business costs, enable innovative services and shrink their environmental footprint.
ArcotID Security
At the core of our solutions is the ArcotID. The ArcotID is a secure software credential that combines protection for digital identities like that of a hardware smart card with the ease of use, ease of distribution, and lower costs for deployment and maintenance. The ArcotID can reside on the local desktop or carried in any persistent memory device, such as a USB memory stick. The ArcotID resists brute force attacks using patented Cryptographic Camouflage technology to protect a user's digital ID from attackers. The technology has been vetted academically by security experts and practically by Fortune 500 companies.
Organizations can use the ArcotID for two-factor challenge/response-based authentication, and for securely storing extra application keys and other user data for additional applications such as electronic document signing, secure email and eStatement delivery. As a software-based solution, the ArcotID enables organizations to leverage the advantages of Public-Key Infrastructures without the expense and management issues inherent with hardware-based secure key storage.
When authenticating using an ArcotID, the authentication server first sends down a “challenge”, which is a random string. When the ArcotID user provides the correct password, the private key in the ArcotID is used to sign this “challenge” to create the corresponding “response”. Only this “response” is sent back to the authentication server for verification. The password used to derive the private key is never stored anywhere or transmitted to the server. By providing the challenge/response sequence in addition to two factor authentication, Arcot can uniquely protect businesses and customers from Man-in-the-Middle attacks.
While highly secure, the ArcotID features an easy-to use and familiar username/password or PIN-pad entry user interface and integrates quickly with existing infrastructures with support for standards such as RADIUS-based OTP, SAML, MS CSP and PKCS#11.
This makes deployments fast and easy for an organization to implement and its customers to use.
Arcot has also developed a patented technology to protect PIN/password entry from keyboard capture attacks. This optional Scrambled PIN-pad defeats keyboard “sniffers” by requiring the user to “click” the digits of their personal PIN on a virtual keyboard. Organizations can configure the virtual keyboard to scramble the keys after each mouse click or each password entry, thus preventing the malware from reading any keystrokes or making pattern guesses based on mouse click locations.
The ArcotID provides protection against the common internet attacks and several futuristic attacks that are becoming popular among fraudsters. Other solutions, including one-time-password (OTP) generator tokens, do not offer the same level of protection against attacks such as the man-in-the-middle attack. The following table contains a list of known threats and shows how Arcot defeats those attacks.
|
