What is the issue?

How do we deploy a method of authentication that necessitates a higher level of identity proof than simply a password, whilst minimising the inconvenience caused for our users?

Enter Two-Factor Authentication.

Two-Factor Authentication (2FA) is not a new concept, it is used every time a bank customer visits the local ATM. One authentication factor is the physical ATM card the customer slides into the machine. The second factor is the PIN they enter. Without either of these, authentication cannot take place.

Simply put: 2FA results in a high level of security by requiring not only:

‘something you know’

ie. your password and/or username

But also

‘something you have’

A token (software or hardware) which provides a One-Time Password (OTP) each time the user wishes to log into the system

A One-Time Password is a password which is changed each time a user logs into the system. The password may reset each time the system is used, or may be generated dependant upon another factor, such as the time.

In the UK it has become mandatory for systems with access to government networks to be secured by this method of authentication, and many small and medium sized organisations are beginning to follow suit.

Why use KnowWho?

Until now, deployment of Two-Factor Authentication has been costly and consequently, generally the domain of enterprise and financial organisations.

Many businesses have embraced the use of online systems, and rightly so, as we have quickly becoming dependent upon these technologies. The issue can be that following the deployment of such a system, few of us have budget remaining to address authentication concerns. Or may be we are simply unaware that such options exist but have reached the point where we have had to expand access options for our staff.

Due to the nature of the concerns it addresses, 2FA is only truly effective when deployed across your entire remote-user base and this, at a cost of around £100 per user, is often beyond the reach of security budgets.

KnowWho reduces the cost of deployment by removing the need for deployment of local authentication software / systems, instead hosting these in the ‘cloud’. Meanwhile your tokens are provided by software, SMS or hardware token and included in your monthly fee!

Your business can now deploy Two-Factor Authentication and remove the risk of identity theft and phishing to your business, for as little as £3 per month per user!