ArrayShield Introduces Two Factor Authentication Solution

ArrayShield, the provider of pattern-based two factor authentication solutions, now empowers enterprise applications with innovative and affordable two factor authentication for productivity, flexibility without compromise to data security.

Phishing attacks have lead to a loss of Rs. 5,760 crore or $1.28 billion globally in 2011; India Inc alone has lost Rs. 171.94 crore. Approximately one in every 300 emails circulating the web was deemed to contain elements pointing to phishing. Public sectors were the first to be targeted followed by SME businesses. India has also topped the chart of spamming nations in the world, which forms one of the known ways leading to phishing attacks.

ArrayShield’s IDAS two factor authentication product prevents users from potential phishing attacks by making the password dynamic. ArrayShield’s IDAS uses a pattern and a translucent card to derive one-time-passwords (that are dynamic in nature). User chooses a pattern in the matrix as his secret instead of a traditional password. A translucent card is provided to each user which has a similar structured matrix with transparent and opaque cells and some random characters imprinted on the opaque cells. At the time of login, user overlaps the translucent card on the shown matrix in login screen and will key in the characters present in the chosen pattern in the same order as the one-time-password.

If a phishing attack is done on an IDAS authentication system, a hacker can only capture one-time-password and the matrix shown to the user. The hacker cannot identify the pattern and use in successive transactions because the hacker cannot capture the translucent card used for deriving the one-time-password. The translucent card being a physical card cannot be captured with any kind of phishing attacks.

IDAS Pattern based Two Factor Authentication can be seamlessly integrated with any cloud/SaaS applications using SAML protocol.

Rakesh Thatha, CTO at ArrayShield said, “Our IDAS product addresses major security issue concerns with respect to phishing attacks, which forms a big threat to both B2C and B2B sectors. By protecting the data from phishing and spam attacks, enterprises can maximise their ROI by reducing losses caused due to data thefts.”